dancing cursor when typing - malware? - Virus, Spyware, Malware Removal

I really don't get this otl thing.... any suggestions?

OTL logfile created on: 5/9/2012 11:27:49 AM - Run 4
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Andrea\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 38.06% Memory free
7.81 Gb Paging File | 4.39 Gb Available in Paging File | 56.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.24 Gb Total Space | 53.55 Gb Free Space | 44.91% Space Free | Partition Type: NTFS
Drive D: | 153.85 Gb Total Space | 153.72 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: SWEETIE | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/05/09 11:25:45 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Andrea\Downloads\OTL(3).exe
PRC - [2012/04/25 11:27:19 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 00:53:54 | 001,496,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2012/02/23 03:55:17 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/11/03 04:40:40 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\prevhost.exe
PRC - [2011/10/04 15:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011/10/04 15:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/21 18:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011/03/14 10:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/15 13:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2005/07/15 16:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe

========== Modules (No Company Name) ==========

MOD - [2012/04/25 11:27:19 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/04/24 21:41:36 | 000,079,872 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions\{f897eb0e-a3a4-46c3-80eb-2729699d8892}\components\RadioWMPCoreGecko12.dll
MOD - [2012/04/21 19:07:52 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/04/04 00:53:52 | 000,249,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012/02/20 09:18:16 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/04 15:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/18 10:04:04 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL
MOD - [2010/02/28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/03 19:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012/05/05 00:56:26 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 11:27:20 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/08 17:48:30 | 000,092,800 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 21:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/20 21:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 13:39:38 | 000,096,896 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/11/03 04:41:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/11/03 04:41:46 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/15 22:35:40 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2011/09/15 22:35:18 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/31 02:42:04 | 002,769,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/02 13:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/13 17:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/05/13 04:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/05/13 04:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 04:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/25 22:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/31 05:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 23:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/24 04:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 12:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 20:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.smile...m/?a=6OyytkGr1t
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\URLSearchHook: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - No CLSID value found
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000c860000a5ac7
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...q={searchTerms}
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGHP_enUS472
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = browseforchange/search/redirect/?type=default&user_id=1e7ab745-7402-46f5-b796-9f714b0a78a0&query={searchTerms}
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.smile...DS&a=6OyytkGr1t
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\SearchScopes\{ED358191-76A4-4D80-AF05-59D365B619F9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-735253538-622638780-3005358582-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.whyeat.net/forum/entries/3162-50-Reasons-to-be-thin."
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Users\Andrea\AppData\Local\RewardsArcade\498\Firefox [2012/02/20 09:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 11:27:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/02/20 02:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions
[2012/05/03 17:26:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions
[2012/04/25 11:27:25 | 000,000,000 | ---D | M] (SmileBox EN Community Toolbar) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions\{f897eb0e-a3a4-46c3-80eb-2729699d8892}
[2012/03/30 12:36:55 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\extensions\[email protected]
[2012/04/06 02:29:31 | 000,002,264 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\searchplugins\audiblecom.xml
[2012/04/10 14:23:07 | 000,002,172 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\mp3ikg4o.default\searchplugins\MyStart Search.xml
[2012/02/24 02:31:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/25 11:27:19 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/23 11:17:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/11 22:39:51 | 000,002,127 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\blekkotb.xml
[2012/03/23 11:17:37 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = http://mystart.smile...s}&a=6OyytkGr1t
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Andrea\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RewardsArcade = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.13.61_0\
CHR - Extension: Gmail = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/02 15:32:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-735253538-622638780-3005358582-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKU\S-1-5-21-735253538-622638780-3005358582-1001..\Run: [ShutterflyStudio] C:\Program Files (x86)\Shutterfly\Studio\BIN\SFlyStudio.exe ()
O4 - HKU\S-1-5-21-735253538-622638780-3005358582-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-735253538-622638780-3005358582-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-735253538-622638780-3005358582-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA99E6A4-0090-4232-ADB1-A32A4D50F9BF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 90 Days ==========

[2012/05/06 02:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/06 02:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/06 02:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/04 23:29:20 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{30C2F69B-1A8F-43CB-90C9-29326462FD2C}
[2012/05/04 23:29:09 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{90C2ED70-10CE-4E8D-AD3F-2ACFDD52A76A}
[2012/05/03 13:59:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A5E969A6-621D-4933-9382-A9099256CED7}
[2012/05/03 13:59:30 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{3A23B777-2D9B-40F5-B73A-11CDFE2C336B}
[2012/05/02 19:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/05/02 19:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/05/02 19:14:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/02 15:48:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/05/02 15:27:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/02 15:27:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/02 15:27:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/02 15:27:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/02 15:27:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/02 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Vidalia
[2012/05/02 13:59:19 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\TeamViewer
[2012/05/02 00:41:03 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{C9BC05E3-1201-4815-A696-1913EDC2C76C}
[2012/05/02 00:40:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{7B2DB272-7539-4430-A795-2AE218BA1B22}
[2012/04/29 20:39:35 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A6498786-A499-45A3-87CA-4FC373472A35}
[2012/04/29 20:39:24 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{DD387098-4450-49DD-95C9-BB70E34125E6}
[2012/04/29 12:33:55 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\My Kindle Content
[2012/04/29 12:33:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/04/29 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Amazon
[2012/04/25 11:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/25 11:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/24 09:53:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmail Notifier
[2012/04/24 09:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gmail Notifier
[2012/04/24 03:32:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\jobs applied for
[2012/04/23 10:39:47 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\com.Shutterfly.ExpressUploader
[2012/04/23 10:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly
[2012/04/23 09:43:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{5A6BD41F-39EC-4D26-8B5B-4456CFAEBA57}
[2012/04/21 19:56:05 | 008,744,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/21 19:07:52 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/21 16:34:47 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Andrea Taxes etc
[2012/04/20 12:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder
[2012/04/20 12:29:19 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\The Weather Channel
[2012/04/18 12:28:06 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Outlook Files
[2012/04/15 21:26:56 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/04/12 16:16:15 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 16:16:15 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 16:16:14 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 16:16:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 16:16:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 16:16:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 16:16:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 16:16:13 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 16:16:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 16:16:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 16:16:12 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 16:15:59 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 16:15:59 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 16:15:58 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 16:12:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/12 16:12:02 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 16:12:02 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/10 14:23:50 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Smilebox
[2012/04/10 14:23:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\My Smilebox Creations
[2012/04/10 14:22:57 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Smilebox
[2012/04/10 11:53:45 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{077AAC19-DFC4-4871-84D5-A7052171E5CF}
[2012/04/09 20:49:36 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\bryantstratton2013
[2012/04/09 19:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Creator
[2012/04/09 19:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPLGS
[2012/04/09 19:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/04/09 09:24:55 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\US B STATE
[2012/04/06 13:21:31 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/04/06 13:21:31 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/04/06 13:21:31 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/04/06 13:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/04/06 13:20:37 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/04/06 02:24:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\PackageAware
[2012/04/06 01:30:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012/04/06 01:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012/04/06 01:30:45 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Audible
[2012/04/06 01:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audible
[2012/04/03 22:08:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A2D75B2F-4724-4669-BABC-F3A6AA597503}
[2012/04/03 01:32:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Primal 3D Body
[2012/04/03 01:31:50 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012/04/03 01:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Primal 3D Body
[2012/03/30 12:25:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Babylon
[2012/03/30 11:27:12 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Documents\Scanned Documents
[2012/03/30 11:27:10 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Fax
[2012/03/28 19:38:20 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{DF7679B1-19AF-4DB5-874D-A6F7F2EE3741}
[2012/03/27 23:06:20 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{7EA8A0A9-4F33-4516-AEE9-22C8C716A2F5}
[2012/03/27 23:06:09 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{B52A316C-F3D8-4AC3-BAAC-87ED19AC6603}
[2012/03/27 11:05:48 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{83A70C91-E951-4F5A-924F-175C7681AD2B}
[2012/03/27 11:05:37 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{9E7A597A-36E0-422D-819F-F383DB3FA5C9}
[2012/03/26 23:05:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{8DA0C062-A8F0-4DFE-91EE-649A2CF02AD4}
[2012/03/26 23:04:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A55CAF77-5AAC-4C6E-827A-41189E0972C1}
[2012/03/23 08:09:49 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\nursing made incred easy
[2012/03/22 14:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/22 12:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/03/22 11:54:59 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{FEA4C558-F28F-4731-9192-C1BF5527ABD0}
[2012/03/22 11:54:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{5E968E70-BB5C-4E39-A048-C9ACDD08B1F0}
[2012/03/20 20:44:12 | 000,098,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[2012/03/15 11:19:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/03/13 17:54:35 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/13 17:54:17 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/13 17:54:17 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/13 17:54:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/13 17:54:16 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/13 17:54:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/12 18:59:35 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\fundies clinical
[2012/03/11 22:40:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Shutterfly
[2012/03/11 22:39:54 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shutterfly Studio
[2012/03/11 22:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly Studio
[2012/03/11 22:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shutterfly
[2012/03/11 10:31:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\beck diet solution
[2012/03/10 16:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/03/10 16:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/03/10 14:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/03/09 20:02:23 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{61F0BC1D-DB8B-441A-8A6A-97718CDDAF89}
[2012/03/09 20:02:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{A0B841E0-2C4A-4CBF-B164-465A906EA345}
[2012/03/09 20:01:59 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\My Weblog Posts
[2012/03/09 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Windows Live Writer
[2012/03/09 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Windows Live Writer
[2012/03/08 14:52:33 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{DBA2C8B3-7F40-40DC-9B37-6BF5F51E1DE9}
[2012/03/08 14:52:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{AAE97C66-E395-4D8C-A3C5-142F84F441F9}
[2012/03/07 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{672A0BB4-1185-4CA7-AF50-4ADDDD408182}
[2012/03/07 20:34:54 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{D8653D0B-3C36-4262-9A77-54D1AA0B1C81}
[2012/03/05 02:00:31 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\exams
[2012/03/01 15:15:24 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Microsoft Help
[2012/03/01 15:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/03/01 10:25:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{BF81A797-E459-400A-B513-9FC2A0C17A1B}
[2012/03/01 10:25:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{697BBE88-69A5-4E6B-B3AD-82569329C80D}
[2012/02/29 18:25:58 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{D46AF984-483C-474A-8860-17D7E7CDD1B7}
[2012/02/29 18:25:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{BA8865F5-7CFD-42ED-89A4-1FA5152068C6}
[2012/02/29 01:53:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{B3B0B358-0670-4DE8-8F64-E42B484C0E83}
[2012/02/29 01:53:30 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{4FB94FB2-942C-4A3F-965D-79697AADB5F8}
[2012/02/28 07:23:36 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{774D2E81-2E29-4B9B-8AD4-EAFB90B70022}
[2012/02/28 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{7EEE1C4D-9C4F-4103-907B-43936E769FB8}
[2012/02/28 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{5C9C2526-C2C0-4599-B990-113C8284C698}
[2012/02/26 01:06:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/02/26 00:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/02/26 00:50:00 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Adobe
[2012/02/26 00:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/02/26 00:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/02/26 00:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/02/25 03:49:09 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\ASUS
[2012/02/25 03:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/02/24 05:13:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\ElevatedDiagnostics
[2012/02/24 04:40:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Diagnostics
[2012/02/24 02:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/02/24 02:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/02/24 02:07:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\FLEXnet
[2012/02/24 02:07:50 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Nuance
[2012/02/23 23:45:37 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Google
[2012/02/23 04:33:06 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Apple Computer
[2012/02/23 04:33:06 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Apple Computer
[2012/02/23 04:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/02/23 04:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/23 04:30:12 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Apple
[2012/02/23 04:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/02/23 04:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/02/23 04:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/02/23 04:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/02/23 04:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/02/23 04:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/02/23 03:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/02/23 03:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/02/23 03:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/02/22 04:17:26 | 000,000,000 | ---D | C] -- C:\Panda Software
[2012/02/22 03:17:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/02/22 03:17:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/02/21 01:05:53 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/21 01:04:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/02/21 00:23:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\fundTher
[2012/02/20 09:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/02/20 09:18:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/02/20 09:18:22 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/02/20 09:18:22 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/02/20 09:18:22 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/02/20 09:18:21 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/02/20 09:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/02/20 09:13:10 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Google
[2012/02/20 09:13:05 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\RewardsArcade
[2012/02/20 08:52:17 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Vuze Downloads
[2012/02/20 08:45:49 | 000,000,000 | ---D | C] -- C:\Users\Andrea\.swt
[2012/02/20 08:45:47 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Azureus
[2012/02/20 08:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/02/20 08:44:43 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Conduit
[2012/02/20 08:43:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Windows Live
[2012/02/20 08:43:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{FB8B986B-3D9B-46F9-A38C-896DF8ECC480}
[2012/02/20 08:43:09 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\{884BDA22-F073-4909-BA80-9C61406BAC5A}
[2012/02/20 07:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2012/02/20 07:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2012/02/20 07:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/02/20 04:20:42 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Zeon
[2012/02/20 04:09:20 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/02/20 04:09:20 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/02/20 04:09:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/02/20 04:09:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/02/20 04:09:17 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/20 04:09:15 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/02/20 04:09:14 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/02/20 04:09:14 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/02/20 04:09:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/02/20 04:09:14 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/02/20 04:09:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/02/20 04:09:13 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/20 04:09:13 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/20 04:09:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/02/20 04:09:09 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/02/20 04:09:09 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/02/20 04:09:04 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/02/20 04:09:04 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/02/20 04:09:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/02/20 04:09:01 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/02/20 04:08:38 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/20 04:08:37 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/02/20 04:08:36 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/02/20 04:08:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/02/20 04:08:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/02/20 04:08:26 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/02/20 04:08:26 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/02/20 04:08:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/02/20 03:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/20 03:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/20 03:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/02/20 03:14:31 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/02/20 03:14:12 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\OneNote Notebooks
[2012/02/20 03:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (English)
[2012/02/20 02:35:34 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2012/02/20 02:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/02/20 02:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2012/02/20 02:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2012/02/20 02:21:54 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Power2Go
[2012/02/20 02:17:37 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Anatomy&PhII
[2012/02/20 02:16:23 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\SoftGrid Client
[2012/02/20 02:16:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\SoftGrid Client
[2012/02/20 02:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/02/20 02:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/20 02:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/02/20 02:15:27 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\TP
[2012/02/20 02:01:52 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Mozilla
[2012/02/20 02:01:52 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Mozilla
[2012/02/20 02:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/02/20 01:54:14 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Microsoft Games
[2012/02/20 01:51:01 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\ASUS WebStorage
[2012/02/20 01:43:29 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Macromedia
[2012/02/20 01:43:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Adobe
[2012/02/20 01:12:38 | 000,000,000 | R--D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/20 01:12:38 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Searches
[2012/02/20 01:12:38 | 000,000,000 | R--D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/20 01:12:38 | 000,000,000 | -H-D | C] -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/02/20 01:12:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Identities
[2012/02/20 01:12:16 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Contacts
[2012/02/20 01:12:12 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\VirtualStore
[2012/02/20 01:11:47 | 000,000,000 | ---D | C] -- C:\ASUS.DAT
[2012/02/20 01:11:24 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\ASUS
[2012/02/20 01:11:21 | 000,000,000 | --SD | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Videos
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Saved Games
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Pictures
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Music
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Links
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Favorites
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Downloads
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Documents
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Desktop
[2012/02/20 01:11:21 | 000,000,000 | R--D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\AppData\Local\Temporary Internet Files
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Templates
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Start Menu
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\SendTo
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Recent
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\PrintHood
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\NetHood
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Documents\My Videos
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Documents\My Pictures
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Documents\My Music
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\My Documents
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Local Settings
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\AppData\Local\History
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Cookies
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\Application Data
[2012/02/20 01:11:21 | 000,000,000 | -HSD | C] -- C:\Users\Andrea\AppData\Local\Application Data
[2012/02/20 01:11:21 | 000,000,000 | -H-D | C] -- C:\Users\Andrea\AppData
[2012/02/20 01:11:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Temp
[2012/02/20 01:11:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Microsoft
[2012/02/20 01:11:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Media Center Programs
[2012/02/15 11:01:50 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 11:01:50 | 000,052,736 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/14 12:09:44 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2012/05/09 11:12:52 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/09 11:12:52 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001Core.job
[2012/05/09 11:12:51 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/09 11:12:46 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/09 11:12:42 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001UA.job
[2012/05/09 11:12:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/08 15:39:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/08 15:39:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/08 13:46:54 | 000,001,508 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/05/07 22:43:23 | 000,135,267 | ---- | M] () -- C:\Users\Andrea\Desktop\ALSERENO.pdf
[2012/05/07 00:23:25 | 000,007,609 | ---- | M] () -- C:\Users\Andrea\AppData\Local\Resmon.ResmonCfg
[2012/05/05 12:14:43 | 000,691,672 | ---- | M] () -- C:\Users\Andrea\Desktop\IMG_5086x.jpg
[2012/05/05 00:56:26 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/05 00:56:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/05 00:56:11 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/03 23:38:22 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/05/03 16:20:14 | 000,000,669 | ---- | M] () -- C:\Users\Andrea\Documents\Andrea - Shortcut.lnk
[2012/05/03 16:19:10 | 000,134,825 | ---- | M] () -- C:\Users\Andrea\Documents\PediMedAssist050312.pdf
[2012/05/02 20:06:35 | 000,186,765 | ---- | M] () -- C:\Users\Andrea\Desktop\bridesContactExport_3_May_2012_05453.xps
[2012/05/02 19:59:50 | 000,016,224 | ---- | M] () -- C:\Users\Andrea\Desktop\bridesContactExport_3_May_2012_05453.csv
[2012/05/02 19:24:28 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/02 19:24:24 | 000,812,508 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/02 19:24:24 | 000,674,310 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/02 19:24:24 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/02 19:20:05 | 000,000,000 | ---- | M] () -- C:\Windows\PAVSHRB.INI
[2012/05/02 19:14:18 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/02 15:32:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/02 14:56:55 | 000,213,510 | ---- | M] () -- C:\Users\Andrea\Desktop\hackersparadise.png
[2012/04/30 20:34:28 | 000,002,405 | ---- | M] () -- C:\Users\Andrea\Desktop\Google Chrome.lnk
[2012/04/29 12:33:51 | 000,002,235 | ---- | M] () -- C:\Users\Andrea\Desktop\Kindle.lnk
[2012/04/25 11:50:27 | 000,037,608 | ---- | M] () -- C:\Users\Andrea\Desktop\carecom.jpg
[2012/04/23 10:39:45 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Shutterfly Express Uploader.lnk
[2012/04/23 08:58:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/04/23 08:32:45 | 000,056,085 | ---- | M] () -- C:\Users\Andrea\Desktop\ry%3D480.jpg
[2012/04/20 15:39:02 | 000,002,117 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/04/20 10:05:14 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2012/04/19 17:55:35 | 000,002,449 | ---- | M] () -- C:\Users\Andrea\Desktop\Microsoft Excel 2010.lnk
[2012/04/18 15:06:03 | 000,335,966 | ---- | M] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Graduation-Placement-Rate-Disclosure.ashx.pdf
[2012/04/18 15:05:54 | 000,562,259 | ---- | M] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Student-Outcome-Disclosure.ashx.pdf
[2012/04/18 15:05:43 | 000,209,718 | ---- | M] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Tuition-Debt-Disclosure.ashx.pdf
[2012/04/18 12:24:54 | 000,033,134 | ---- | M] () -- C:\Users\Andrea\AppData\Roaming\UserTile.png
[2012/04/12 17:45:02 | 000,002,164 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/04/12 16:18:39 | 000,809,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/10 14:22:57 | 000,001,874 | ---- | M] () -- C:\Users\Andrea\Desktop\Smilebox.lnk
[2012/04/10 14:22:57 | 000,001,854 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2012/04/09 19:42:59 | 000,000,491 | ---- | M] () -- C:\user.js
[2012/04/06 14:05:39 | 000,002,748 | ---- | M] () -- C:\Users\Andrea\Desktop\02 - Let Love In - Shortcut.lnk
[2012/04/06 14:00:05 | 000,002,574 | ---- | M] () -- C:\Users\Andrea\Desktop\12 - I Believe (In Everything) - Shortcut.lnk
[2012/04/06 13:21:33 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/06 02:48:56 | 000,424,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/05 12:31:56 | 000,125,360 | ---- | M] () -- C:\Users\Andrea\Documents\Statement 2010 Pdf.pdf
[2012/04/03 01:31:50 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012/04/02 14:32:11 | 000,001,254 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shutterfly Studio.lnk
[2012/04/02 14:32:11 | 000,001,230 | ---- | M] () -- C:\Users\Andrea\Desktop\Shutterfly Studio.lnk
[2012/04/01 13:52:58 | 000,001,106 | ---- | M] () -- C:\Users\Andrea\Desktop\Pictures - Shortcut.lnk
[2012/04/01 09:27:39 | 000,003,584 | ---- | M] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/23 11:28:34 | 000,002,459 | ---- | M] () -- C:\Users\Andrea\Desktop\Microsoft PowerPoint 2010.lnk
[2012/03/23 11:27:32 | 000,001,087 | ---- | M] () -- C:\Users\Andrea\Desktop\Documents - Shortcut.lnk
[2012/03/22 14:55:28 | 000,001,132 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/03/22 14:37:12 | 000,032,686 | ---- | M] () -- C:\Users\Andrea\Documents\My Movie.wlmp
[2012/03/22 14:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[2012/03/17 16:12:43 | 000,400,096 | ---- | M] () -- C:\Users\Andrea\Desktop\Christopher P. Lemke Resume February 2012.pdf
[2012/03/15 12:01:45 | 000,169,191 | ---- | M] () -- C:\Users\Andrea\Desktop\TaxReturn.pdf
[2012/03/06 01:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 00:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 00:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 01:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 01:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/28 01:56:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 01:48:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 01:48:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 01:45:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 01:43:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 01:39:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/27 20:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/27 20:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/27 20:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/27 20:03:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/27 19:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/27 19:35:36 | 000,001,226 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/02/26 00:49:34 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/02/26 00:06:31 | 001,514,650 | ---- | M] () -- C:\Users\Andrea\Desktop\Study_Guide_Answer_Key AMEN!!!!.rtf
[2012/02/25 22:50:08 | 000,001,992 | ---- | M] () -- C:\Users\Andrea\Desktop\PeerBlock.lnk
[2012/02/25 03:51:28 | 000,071,207 | ---- | M] () -- C:\Users\Andrea\Documents\image201202250001.jpg
[2012/02/24 16:27:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012/02/24 04:59:31 | 000,000,000 | -H-- | M] () -- C:\Users\Andrea\Documents\Default.rdp
[2012/02/24 02:32:10 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/24 02:29:24 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/02/21 05:09:13 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/02/21 05:09:13 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/02/21 05:08:41 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/02/20 09:18:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/02/20 09:18:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/02/20 09:18:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/02/20 09:18:15 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/02/20 05:31:47 | 000,027,101 | ---- | M] () -- C:\Users\Andrea\Desktop\281597_10150374389447067_546907066_10212898_7451613_n.jpg
[2012/02/20 01:43:11 | 000,001,439 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/17 01:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 00:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/15 11:01:50 | 004,547,944 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/14 12:09:44 | 001,070,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012/02/10 01:36:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/08 13:46:54 | 000,001,508 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2012/05/07 20:44:14 | 000,135,267 | ---- | C] () -- C:\Users\Andrea\Desktop\ALSERENO.pdf
[2012/05/05 12:14:43 | 000,691,672 | ---- | C] () -- C:\Users\Andrea\Desktop\IMG_5086x.jpg
[2012/05/03 16:20:14 | 000,000,669 | ---- | C] () -- C:\Users\Andrea\Documents\Andrea - Shortcut.lnk
[2012/05/03 16:18:15 | 000,134,825 | ---- | C] () -- C:\Users\Andrea\Documents\PediMedAssist050312.pdf
[2012/05/02 20:06:34 | 000,186,765 | ---- | C] () -- C:\Users\Andrea\Desktop\bridesContactExport_3_May_2012_05453.xps
[2012/05/02 19:59:39 | 000,016,224 | ---- | C] () -- C:\Users\Andrea\Desktop\bridesContactExport_3_May_2012_05453.csv
[2012/05/02 19:24:28 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/05/02 19:24:25 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/05/02 19:20:05 | 000,000,000 | ---- | C] () -- C:\Windows\PAVSHRB.INI
[2012/05/02 15:27:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/02 15:27:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/02 15:27:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/02 15:27:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/02 15:27:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/02 14:56:55 | 000,213,510 | ---- | C] () -- C:\Users\Andrea\Desktop\hackersparadise.png
[2012/04/29 12:33:51 | 000,002,235 | ---- | C] () -- C:\Users\Andrea\Desktop\Kindle.lnk
[2012/04/25 11:50:27 | 000,037,608 | ---- | C] () -- C:\Users\Andrea\Desktop\carecom.jpg
[2012/04/23 10:39:45 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Shutterfly Express Uploader.lnk
[2012/04/23 08:58:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/04/23 08:32:44 | 000,056,085 | ---- | C] () -- C:\Users\Andrea\Desktop\ry%3D480.jpg
[2012/04/21 19:07:52 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/20 15:39:02 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012/04/20 12:35:25 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/04/19 17:55:35 | 000,002,449 | ---- | C] () -- C:\Users\Andrea\Desktop\Microsoft Excel 2010.lnk
[2012/04/18 15:06:00 | 000,335,966 | ---- | C] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Graduation-Placement-Rate-Disclosure.ashx.pdf
[2012/04/18 15:05:49 | 000,562,259 | ---- | C] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Student-Outcome-Disclosure.ashx.pdf
[2012/04/18 15:05:24 | 000,209,718 | ---- | C] () -- C:\Users\Andrea\Documents\Sanford-Brown-College-Milwaukee-026164-03-Tuition-Debt-Disclosure.ashx.pdf
[2012/04/18 12:24:54 | 000,033,134 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\UserTile.png
[2012/04/10 14:22:57 | 000,001,874 | ---- | C] () -- C:\Users\Andrea\Desktop\Smilebox.lnk
[2012/04/10 14:22:57 | 000,001,860 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smilebox.lnk
[2012/04/10 14:22:57 | 000,001,854 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2012/04/09 19:40:03 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\custmon64i.dll
[2012/04/06 14:05:39 | 000,002,748 | ---- | C] () -- C:\Users\Andrea\Desktop\02 - Let Love In - Shortcut.lnk
[2012/04/06 14:00:05 | 000,002,574 | ---- | C] () -- C:\Users\Andrea\Desktop\12 - I Believe (In Everything) - Shortcut.lnk
[2012/04/06 13:21:33 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/05 12:31:56 | 000,125,360 | ---- | C] () -- C:\Users\Andrea\Documents\Statement 2010 Pdf.pdf
[2012/04/01 14:44:14 | 000,240,855 | ---- | C] () -- C:\Users\Andrea\StudentNotebook.onepkg
[2012/04/01 13:51:36 | 000,001,106 | ---- | C] () -- C:\Users\Andrea\Desktop\Pictures - Shortcut.lnk
[2012/04/01 09:27:39 | 000,003,584 | ---- | C] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/30 12:29:03 | 000,000,491 | ---- | C] () -- C:\user.js
[2012/03/23 11:28:34 | 000,002,459 | ---- | C] () -- C:\Users\Andrea\Desktop\Microsoft PowerPoint 2010.lnk
[2012/03/23 11:27:32 | 000,001,087 | ---- | C] () -- C:\Users\Andrea\Desktop\Documents - Shortcut.lnk
[2012/03/22 14:55:28 | 000,001,132 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/03/22 14:37:12 | 000,032,686 | ---- | C] () -- C:\Users\Andrea\Documents\My Movie.wlmp
[2012/03/17 16:12:43 | 000,400,096 | ---- | C] () -- C:\Users\Andrea\Desktop\Christopher P. Lemke Resume February 2012.pdf
[2012/03/15 12:01:45 | 000,169,191 | ---- | C] () -- C:\Users\Andrea\Desktop\TaxReturn.pdf
[2012/03/15 11:19:58 | 000,002,405 | ---- | C] () -- C:\Users\Andrea\Desktop\Google Chrome.lnk
[2012/03/15 11:19:25 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001UA.job
[2012/03/15 11:19:24 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-735253538-622638780-3005358582-1001Core.job
[2012/03/13 21:59:16 | 000,071,207 | ---- | C] () -- C:\Users\Andrea\Documents\image201202250001.jpg
[2012/03/11 22:39:55 | 000,001,254 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shutterfly Studio.lnk
[2012/03/11 22:39:55 | 000,001,230 | ---- | C] () -- C:\Users\Andrea\Desktop\Shutterfly Studio.lnk
[2012/02/29 20:30:58 | 000,007,609 | ---- | C] () -- C:\Users\Andrea\AppData\Local\Resmon.ResmonCfg
[2012/02/26 00:49:34 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/26 00:49:34 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/02/26 00:06:29 | 001,514,650 | ---- | C] () -- C:\Users\Andrea\Desktop\Study_Guide_Answer_Key AMEN!!!!.rtf
[2012/02/24 16:27:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012/02/24 04:59:31 | 000,000,000 | -H-- | C] () -- C:\Users\Andrea\Documents\Default.rdp
[2012/02/24 02:29:24 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/02/23 04:30:11 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/02/23 03:55:33 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/23 03:55:33 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/20 07:25:13 | 000,001,992 | ---- | C] () -- C:\Users\Andrea\Desktop\PeerBlock.lnk
[2012/02/20 05:31:46 | 000,027,101 | ---- | C] () -- C:\Users\Andrea\Desktop\281597_10150374389447067_546907066_10212898_7451613_n.jpg
[2012/02/20 02:40:15 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2012/02/20 02:01:50 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/20 02:01:50 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/20 01:43:11 | 000,001,439 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/20 01:13:11 | 000,001,411 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/02/20 01:13:07 | 000,001,445 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/20 01:11:21 | 000,000,290 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/02/20 01:11:21 | 000,000,272 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/07 22:19:43 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011/11/03 05:19:25 | 000,812,508 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/17 22:50:05 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/17 22:49:58 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/17 22:49:53 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/17 22:49:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/17 22:49:47 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

< End of report >

dancing cursor when typing - malware?

#1
andilee

Posted 09 May 2012 - 10:38 AM

Advertisements

#2
WhiteHat

Posted 09 May 2012 - 11:32 AM

#3
WhiteHat

Posted 09 May 2012 - 01:19 PM

#4
andilee

Posted 09 May 2012 - 01:42 PM

#5
andilee

Posted 09 May 2012 - 01:48 PM

#6
WhiteHat

Posted 10 May 2012 - 11:42 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

dancing cursor when typing - malware?

#1 andilee Posted 09 May 2012 - 10:38 AM