Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Worm.win32.netsky, probably others [Solved]

Started by magaggie , Feb 11 2010 04:26 PM

  • This topic is locked This topic is locked

#61
heir
Posted 15 February 2010 - 07:28 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Check if a log C:\ComboFix.txt was produced. If so post its content.
  • 0

Advertisements

#62
magaggie
Posted 15 February 2010 - 07:46 PM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
There was no log, but I tried to run it one more time, and got a message that my antivirus was still running. I had tried to make sure it was inactive when I first tried to run this earlier today. I don't see a tray when I'm in safe mode, so I tried to just open the PC Cillin program to disable it that way. I got a quick error message about scanning not being available in Safe Mode, and it immediately closed down, so I thought it was disabled. Any idea how I can disable this when in safe mode or how I can get my tray back?
  • 0

#63
heir
Posted 15 February 2010 - 07:50 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Just run Combofix even if your AV isn't disabled, and post the log from it.

Edited by heir, 15 February 2010 - 07:50 PM.

  • 0

#64
magaggie
Posted 15 February 2010 - 08:53 PM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
OK, that finally worked. Here's the log:

ComboFix 10-02-12.01 - Margaret 02/15/2010 20:03:05.1.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.685 [GMT -6:00]
Running from: c:\documents and settings\Margaret\Desktop\ComboFix.exe
AV: PC-cillin Internet Security - Virus Protection *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: PC-cillin Internet Security - Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Startup\AntiVirus Plus.lnk
c:\documents and settings\Margaret\Application Data\avp.ico
c:\documents and settings\Margaret\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk
c:\documents and settings\Margaret\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
c:\documents and settings\Margaret\Desktop\AntiVirus Plus.lnk
c:\documents and settings\Margaret\Start Menu\Programs\AntiVirus Plus
c:\documents and settings\Margaret\Start Menu\Programs\AntiVirus Plus\AntiVirus Plus.lnk
c:\documents and settings\Margaret\Start Menu\Programs\AntiVirus Plus\EULA.url
c:\documents and settings\Margaret\Start Menu\Programs\AntiVirus Plus\Uninstall.lnk
c:\documents and settings\Margaret\Start Menu\Programs\Startup\AntiVirus Plus.lnk
c:\documents and settings\NetworkService\Application Data\sdra64.exe
c:\program files\InternetSecurity2010
c:\program files\InternetSecurity2010\IS2010.exe
c:\windows\EventSystem.log
c:\windows\run.log
c:\windows\system32\11401.exe
c:\windows\system32\19847.exe
c:\windows\system32\23120.exe
c:\windows\system32\23647.exe
c:\windows\system32\23924.exe
c:\windows\system32\25039.exe
c:\windows\system32\25226.exe
c:\windows\system32\26300.exe
c:\windows\system32\26858.exe
c:\windows\system32\28606.exe
c:\windows\system32\3345.exe
c:\windows\system32\59.exe
c:\windows\system32\5998.exe
c:\windows\system32\6950.exe
c:\windows\system32\8648.exe
c:\windows\system32\8654.exe
c:\windows\system32\drivers\asc3550p.sys
c:\windows\system32\drivers\pcidump.sys
c:\windows\system32\spool\prtprocs\w32x86\0000091e.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3550P
-------\Service_asc3550p


((((((((((((((((((((((((( Files Created from 2010-01-16 to 2010-02-16 )))))))))))))))))))))))))))))))
.

2010-02-14 15:46 . 2010-02-14 15:46 -------- d-----w- C:\_OTL
2010-02-12 12:24 . 2004-08-10 10:13 73728 -c--a-w- c:\windows\system32\dllcache\ehresja.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresko.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresfr.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresde.dll
2010-02-12 12:22 . 2004-08-10 11:00 185344 -c--a-w- c:\windows\system32\dllcache\thawbrkr.dll
2010-02-12 12:21 . 2001-08-18 04:36 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-02-12 12:20 . 2004-08-10 11:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdheb.dll
2010-02-12 12:19 . 2004-08-10 11:00 7168 -c--a-w- c:\windows\system32\dllcache\f3ahvoas.dll
2010-02-12 12:18 . 2004-08-10 11:00 29184 -c--a-w- c:\windows\system32\dllcache\asptxn.dll
2010-02-12 11:33 . 2010-02-13 14:23 -------- d-----w- c:\windows\LastGood.Tmp
2010-02-12 06:32 . 2004-08-10 11:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-02-12 03:46 . 2004-08-10 11:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\WDICA.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRELI.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDCOMP.sys
2010-02-11 19:42 . 2004-08-10 11:00 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll
2010-02-11 19:42 . 2004-08-10 11:00 20480 -c--a-w- c:\windows\system32\dllcache\inetwiz.exe
2010-02-11 19:42 . 2004-08-10 11:00 86016 -c--a-w- c:\windows\system32\dllcache\icwconn2.exe
2010-02-11 19:42 . 2004-08-10 11:00 214528 -c--a-w- c:\windows\system32\dllcache\icwconn1.exe
2010-02-11 13:04 . 2010-02-11 13:04 -------- d-----w- c:\windows\dell
2010-02-10 21:05 . 2010-02-10 21:05 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Threat Expert
2010-02-10 21:05 . 2010-02-13 13:53 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Freecorder
2010-02-10 19:18 . 2010-02-10 19:19 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\dtband.dll
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\comcasttb.dll
2010-02-10 13:20 . 2010-02-10 13:25 -------- d-----w- c:\documents and settings\Margaret\Application Data\CallingID
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\Common Files\scanner
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\CA
2010-02-10 13:19 . 2010-02-10 13:26 -------- d-----w- c:\documents and settings\Margaret\Application Data\comcasttb
2010-02-10 13:19 . 2010-02-10 13:20 -------- d-----w- c:\program files\comcasttb
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\AntiVirus Plus
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-09 17:27 . 2010-02-09 17:27 51720 ----a-w- c:\program files\adb9_32.exe
2010-02-06 20:11 . 2010-02-06 20:11 -------- d-----w- c:\documents and settings\Margaret\Application Data\GARMIN
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\Garmin GPS Plugin
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\DIFX
2010-02-06 19:59 . 2010-02-06 19:59 -------- d-----w- c:\program files\Garmin
2010-01-23 06:13 . 2010-01-23 06:13 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\Threat Expert
2010-01-22 19:39 . 2010-01-21 23:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-01-22 19:39 . 2010-01-21 23:21 767952 ----a-w- c:\windows\BDTSupport.dll
2010-01-22 19:39 . 2008-11-26 18:08 131 ----a-w- c:\windows\IDB.zip
2010-01-22 19:39 . 2010-01-21 23:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-01-22 19:39 . 2010-01-21 23:21 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-01-22 19:39 . 2009-10-28 07:36 1152444 ----a-w- c:\windows\UDB.zip
2010-01-22 19:37 . 2009-10-30 17:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-22 19:37 . 2009-11-09 17:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-22 19:37 . 2009-10-06 22:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-22 19:37 . 2009-09-03 15:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-22 19:37 . 2010-02-14 18:22 -------- d-----w- c:\program files\Spyware Doctor
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Tools
2010-01-22 19:29 . 2010-01-22 19:29 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-01-22 19:22 . 2010-01-22 19:22 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-01-22 18:46 . 2010-01-22 18:46 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-22 06:00 . 2010-01-23 14:18 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\tbwubs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-15 21:28 . 2008-07-15 12:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-13 14:01 . 2005-08-16 10:41 88183 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-12 11:34 . 2005-08-16 10:38 34332 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-02-12 11:34 . 2010-02-12 11:34 1663 ----a-w- c:\windows\inf\COME7.tmp
2010-02-12 03:35 . 2010-02-12 03:35 1663 ----a-w- c:\windows\inf\COME0.tmp
2010-02-11 23:02 . 2006-12-21 17:53 87448 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-11 18:52 . 2008-07-15 12:45 66560 --sha-w- c:\documents and settings\All Users\Application Data\ExtendMedia\Media Agent\ac.dll
2010-02-10 23:27 . 2008-02-04 20:29 -------- d-----w- c:\program files\uTorrent
2010-02-10 23:26 . 2008-02-04 20:29 -------- d-----w- c:\documents and settings\Margaret\Application Data\uTorrent
2010-02-10 13:21 . 2009-06-18 05:01 144162 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\uninstall.exe
2010-02-10 13:21 . 2007-04-09 12:07 -------- d--h--w- c:\documents and settings\Margaret\Application Data\Move Networks
2010-02-10 13:21 . 2009-12-18 03:27 5603776 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
2010-02-06 05:07 . 2007-03-05 03:12 -------- d-----w- c:\program files\Semagic
2010-02-05 04:49 . 2008-01-15 19:51 -------- d-----w- c:\program files\dl_Cats
2009-12-18 03:27 . 2009-12-18 03:27 97216 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
2008-08-16 22:42 . 2008-08-16 22:42 13112 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-08-16 22:42 . 2008-08-16 22:42 70456 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-08-16 22:42 . 2008-08-16 22:42 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-08-16 22:42 . 2008-08-16 22:42 20800 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-08-16 22:43 . 2008-08-16 22:43 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-08-16 22:42 . 2008-08-16 22:42 31032 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-08-16 22:42 . 2008-08-16 22:42 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2008-05-21 13:41 . 2008-05-21 13:41 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2008-05-21 13:41 . 2008-05-21 13:41 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2008-05-21 13:41 . 2008-05-21 13:41 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-12-10 23:40 . 2007-12-10 23:40 6275816 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2008-06-05 18:58 . 2008-06-05 18:58 648504 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-08-16 22:42 . 2008-08-16 22:42 23864 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2007-01-26 21:27 . 2007-01-26 21:27 88 --sha-r- c:\windows\system32\0614CBF952.sys
2007-01-26 21:27 . 2007-01-26 21:27 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\SoftwareDistribution\SelfUpdate\wuauclt.exe
[7] 2004-08-10 . 4126D27CECE4471E00E425411F7306B5 . 111104 . . [5.4.3790.2180] . . c:\windows\LastGood.Tmp\system32\wuauclt.exe
[7] 2004-08-10 . 4126D27CECE4471E00E425411F7306B5 . 111104 . . [5.4.3790.2180] . . c:\windows\system32\dllcache\wuauclt.exe

c:\windows\System32\wuauclt.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2009-11-13 05:37 2166296 ----a-w- c:\program files\Freecorder\tbFre0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"OE_OEM"="c:\program files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [2006-08-04 321040]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Adobe Loader"="c:\program files\adb9_32.exe" [2010-02-09 51720]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-22 761947]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"DLCFCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2006-10-20 73728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-11-18 1243088]
"ATIModeChange"="Ati2mdxx.exe" [2006-09-23 26112]
"SRFirstRun"="srclient.dll" [2004-08-10 67584]
"SigmatelSysTrayApp"="stsystra.exe" [2006-09-22 282624]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-12-21 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\dlcfcoms.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [1/22/2010 1:37 PM 207792]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 11:49 AM 616408]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [1/22/2010 1:39 PM 112592]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [1/16/2008 2:57 PM 814728]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/22/2010 1:37 PM 359624]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/25/2006 3:26 PM 345696]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [9/25/2006 3:26 PM 923216]
S2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/25/2006 3:26 PM 36368]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [9/25/2006 3:26 PM 566872]
S3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [9/25/2006 3:26 PM 280392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 20:42]

2010-02-14 c:\windows\Tasks\User_Feed_Synchronization-{40379DF7-DA1A-431E-911E-F4133F2153AE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
IE: Copy to Semagic - c:\program files\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: Semagic - c:\program files\Semagic\link.htm
DPF: {3785F3BF-8770-47EE-AB71-665805C608C3} - hxxps://www.scribe.com/MT.Net/InetWord/packages/InetWord.CAB
FF - ProfilePath - c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-pizudobez - c:\windows\system32\jukabama.dll
SharedTaskScheduler-{1a83d9a2-6fff-4020-b4b4-f34f378c656b} - c:\windows\system32\jukabama.dll
SSODL-tahuvagaj-{1a83d9a2-6fff-4020-b4b4-f34f378c656b} - c:\windows\system32\jukabama.dll
AddRemove-AntiVirus Plus - c:\documents and settings\Margaret\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-15 20:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(264)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll

- - - - - - - > 'explorer.exe'(920)
c:\windows\system32\ieframe.dll
.
Completion time: 2010-02-15 20:31:29 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-16 02:31

Pre-Run: 9,656,270,848 bytes free
Post-Run: 9,520,820,224 bytes free

Current=5 Default=5 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 2A11CA6950F446AB12D22B70B1C81070
  • 0

#65
heir
Posted 16 February 2010 - 01:04 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Reboot into normal mode.

Any pop-ups now?
  • 0

#66
magaggie
Posted 16 February 2010 - 06:57 AM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
I'm able to get to my desktop in normal mode, so that's progress. :)

I get a msfeedssync.exe - Application error popup (with OK or Cancel options), and then similarly a Microsoft Feeds Synchronization popup with options of Debug, Send Error Report and Don't Send.

Also get a message about a Firefox add-on: Microsoft.NET Framework Assistant 1.1 with Options, Disable and Uninstall buttons.
  • 0

#67
heir
Posted 16 February 2010 - 07:25 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Progress! Good!

I get a msfeedssync.exe - Application error popup (with OK or Cancel options), and then similarly a Microsoft Feeds Synchronization popup with options of Debug, Send Error Report and Don't Send.

Also get a message about a Firefox add-on: Microsoft.NET Framework Assistant 1.1 with Options, Disable and Uninstall buttons.

We'll address these error when we're done cleaning your computer.


Now that we are back in normal mode I need a fresh look at things. Please do the following steps.

Step 0.
Install the recovery console:


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Posted Image


  • Drag the setup package onto ComboFix.exe and drop it.

  • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.


    Posted Image


  • At the next prompt, click 'No' to exit.

  • When the tool is finished, it will produce a report for you.
Please post the report in your next reply.



Step 1.
Uninstall unwanted programs:

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

AntiVirus Plus
BitLord 1.1
SoulSeek Client 156c
Viewpoint Media Player
WildTangent Web Driver
µTorrent


Optional removals
BitLord, SoulSeek, µTorrent and P2P programs in general are legal themselves, but much of the content downloaded with them is downloaded illegally. They are also a great way to infect yourself with malware.
It's up to you if you want to remove the above programs, however I recommend you do.



Step 2.
Filescan:

  • Using Internet Explorer please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan"box on the top of the page:

    • c:\program files\adb9_32.exe
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.

Step 3.
OTL-scan:

Delete OTL.exe on your desktop

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Standard Output.
  • Underneath Extra Registry change it to Use SafeList.
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Step 4.
GMER-scan:


Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe on your desktop. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.

Step 5.
Things I would like to see in your reply:

  • The content of the report from step 0.
  • Which programs were uninstalled in step 1
  • The content of the result from the filescan in step 2.
  • The content of OTL.txt and Extras.txt from step 3.
  • The content of GMER.txt from step 4.

  • 0

#68
magaggie
Posted 16 February 2010 - 10:31 AM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
ComboFix 10-02-12.01 - Margaret 02/16/2010 7:44.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.494 [GMT -6:00]
Running from: c:\documents and settings\Margaret\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Margaret\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

((((((((((((((((((((((((( Files Created from 2010-01-16 to 2010-02-16 )))))))))))))))))))))))))))))))
.

2010-02-14 15:46 . 2010-02-14 15:46 -------- d-----w- C:\_OTL
2010-02-12 12:24 . 2004-08-10 10:13 73728 -c--a-w- c:\windows\system32\dllcache\ehresja.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresko.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresfr.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresde.dll
2010-02-12 12:22 . 2004-08-10 11:00 185344 -c--a-w- c:\windows\system32\dllcache\thawbrkr.dll
2010-02-12 12:21 . 2001-08-18 04:36 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-02-12 12:20 . 2004-08-10 11:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdheb.dll
2010-02-12 12:19 . 2004-08-10 11:00 7168 -c--a-w- c:\windows\system32\dllcache\f3ahvoas.dll
2010-02-12 12:18 . 2004-08-10 11:00 29184 -c--a-w- c:\windows\system32\dllcache\asptxn.dll
2010-02-12 06:32 . 2004-08-10 11:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-02-12 03:46 . 2004-08-10 11:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\WDICA.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRELI.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDCOMP.sys
2010-02-11 19:42 . 2004-08-10 11:00 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll
2010-02-11 19:42 . 2004-08-10 11:00 20480 -c--a-w- c:\windows\system32\dllcache\inetwiz.exe
2010-02-11 19:42 . 2004-08-10 11:00 86016 -c--a-w- c:\windows\system32\dllcache\icwconn2.exe
2010-02-11 19:42 . 2004-08-10 11:00 214528 -c--a-w- c:\windows\system32\dllcache\icwconn1.exe
2010-02-11 13:04 . 2010-02-11 13:04 -------- d-----w- c:\windows\dell
2010-02-10 21:05 . 2010-02-10 21:05 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Threat Expert
2010-02-10 21:05 . 2010-02-13 13:53 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Freecorder
2010-02-10 19:18 . 2010-02-10 19:19 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\dtband.dll
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\comcasttb.dll
2010-02-10 13:20 . 2010-02-10 13:25 -------- d-----w- c:\documents and settings\Margaret\Application Data\CallingID
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\Common Files\scanner
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\CA
2010-02-10 13:19 . 2010-02-10 13:26 -------- d-----w- c:\documents and settings\Margaret\Application Data\comcasttb
2010-02-10 13:19 . 2010-02-10 13:20 -------- d-----w- c:\program files\comcasttb
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\AntiVirus Plus
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-09 17:27 . 2010-02-09 17:27 51720 ----a-w- c:\program files\adb9_32.exe
2010-02-06 20:11 . 2010-02-06 20:11 -------- d-----w- c:\documents and settings\Margaret\Application Data\GARMIN
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\Garmin GPS Plugin
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\DIFX
2010-02-06 19:59 . 2010-02-06 19:59 -------- d-----w- c:\program files\Garmin
2010-01-23 06:13 . 2010-01-23 06:13 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\Threat Expert
2010-01-22 19:39 . 2010-01-21 23:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-01-22 19:39 . 2010-01-21 23:21 767952 ----a-w- c:\windows\BDTSupport.dll
2010-01-22 19:39 . 2008-11-26 18:08 131 ----a-w- c:\windows\IDB.zip
2010-01-22 19:39 . 2010-01-21 23:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-01-22 19:39 . 2010-01-21 23:21 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-01-22 19:39 . 2009-10-28 07:36 1152444 ----a-w- c:\windows\UDB.zip
2010-01-22 19:37 . 2009-10-30 17:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-22 19:37 . 2009-11-09 17:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-22 19:37 . 2009-10-06 22:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-22 19:37 . 2009-09-03 15:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-22 19:37 . 2010-02-16 13:30 -------- d-----w- c:\program files\Spyware Doctor
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Tools
2010-01-22 19:29 . 2010-01-22 19:29 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-01-22 19:22 . 2010-01-22 19:22 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-01-22 18:46 . 2010-01-22 18:46 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-22 06:00 . 2010-01-23 14:18 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\tbwubs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-16 13:32 . 2008-07-15 12:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-13 14:01 . 2005-08-16 10:41 88183 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-12 11:34 . 2005-08-16 10:38 34332 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-02-12 11:34 . 2010-02-12 11:34 1663 ----a-w- c:\windows\inf\COME7.tmp
2010-02-12 03:35 . 2010-02-12 03:35 1663 ----a-w- c:\windows\inf\COME0.tmp
2010-02-11 23:02 . 2006-12-21 17:53 87448 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-11 18:52 . 2008-07-15 12:45 66560 --sha-w- c:\documents and settings\All Users\Application Data\ExtendMedia\Media Agent\ac.dll
2010-02-10 23:27 . 2008-02-04 20:29 -------- d-----w- c:\program files\uTorrent
2010-02-10 23:26 . 2008-02-04 20:29 -------- d-----w- c:\documents and settings\Margaret\Application Data\uTorrent
2010-02-10 13:21 . 2009-06-18 05:01 144162 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\uninstall.exe
2010-02-10 13:21 . 2007-04-09 12:07 -------- d--h--w- c:\documents and settings\Margaret\Application Data\Move Networks
2010-02-10 13:21 . 2009-12-18 03:27 5603776 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
2010-02-06 05:07 . 2007-03-05 03:12 -------- d-----w- c:\program files\Semagic
2010-02-05 04:49 . 2008-01-15 19:51 -------- d-----w- c:\program files\dl_Cats
2009-12-18 03:27 . 2009-12-18 03:27 97216 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
2008-08-16 22:42 . 2008-08-16 22:42 13112 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-08-16 22:42 . 2008-08-16 22:42 70456 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-08-16 22:42 . 2008-08-16 22:42 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-08-16 22:42 . 2008-08-16 22:42 20800 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-08-16 22:43 . 2008-08-16 22:43 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-08-16 22:42 . 2008-08-16 22:42 31032 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-08-16 22:42 . 2008-08-16 22:42 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2008-05-21 13:41 . 2008-05-21 13:41 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2008-05-21 13:41 . 2008-05-21 13:41 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2008-05-21 13:41 . 2008-05-21 13:41 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-12-10 23:40 . 2007-12-10 23:40 6275816 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2008-06-05 18:58 . 2008-06-05 18:58 648504 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-08-16 22:42 . 2008-08-16 22:42 23864 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2007-01-26 21:27 . 2007-01-26 21:27 88 --sha-r- c:\windows\system32\0614CBF952.sys
2007-01-26 21:27 . 2007-01-26 21:27 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\SoftwareDistribution\SelfUpdate\wuauclt.exe
[7] 2004-08-10 . 4126D27CECE4471E00E425411F7306B5 . 111104 . . [5.4.3790.2180] . . c:\windows\system32\dllcache\wuauclt.exe

c:\windows\System32\wuauclt.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2009-11-13 05:37 2166296 ----a-w- c:\program files\Freecorder\tbFre0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"OE_OEM"="c:\program files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [2006-08-04 321040]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Adobe Loader"="c:\program files\adb9_32.exe" [2010-02-09 51720]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-22 761947]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"DLCFCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2006-10-20 73728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"SigmatelSysTrayApp"="stsystra.exe" [2006-09-22 282624]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-12-21 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\dlcfcoms.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [1/22/2010 1:37 PM 207792]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 11:49 AM 616408]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [1/22/2010 1:39 PM 112592]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/25/2006 3:26 PM 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [9/25/2006 3:26 PM 280392]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [1/16/2008 2:57 PM 814728]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/25/2006 3:26 PM 345696]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [9/25/2006 3:26 PM 923216]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [9/25/2006 3:26 PM 566872]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/22/2010 1:37 PM 359624]

--- Other Services/Drivers In Memory ---

*Deregistered* - PCTSDInjDriver32

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 20:42]

2010-02-16 c:\windows\Tasks\User_Feed_Synchronization-{40379DF7-DA1A-431E-911E-F4133F2153AE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
IE: Copy to Semagic - c:\program files\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: Semagic - c:\program files\Semagic\link.htm
DPF: {3785F3BF-8770-47EE-AB71-665805C608C3} - hxxps://www.scribe.com/MT.Net/InetWord/packages/InetWord.CAB
FF - ProfilePath - c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 07:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1300)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll

- - - - - - - > 'explorer.exe'(2916)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-02-16 07:52:55
ComboFix-quarantined-files.txt 2010-02-16 13:52
ComboFix2.txt 2010-02-16 02:31

Pre-Run: 8,125,886,464 bytes free
Post-Run: 8,079,814,656 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /usepmtimer

Current=5 Default=5 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 98701B0F5794500063D758310B3A3346

Step 1:
I uninstalled Bitlord1.1, Soulseek, Viewpoint Data Manager. I had already started to uninstall P2P software, so I don't see UTorrent in there anymore. I tried to uninstall WildTangent Web Driver, but nothing happened. I rebooted and tried it again, and still nothing. It's still there.

Step 2:
When I copied that path to VirScan, it said "Error: Can't find upload file." I tried it several times.

Step 3:
OTL logfile created on: 2/16/2010 9:23:57 AM - Run 3
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Margaret\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 415.00 Mb Available Physical Memory | 46.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.82 Gb Total Space | 7.55 Gb Free Space | 10.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAGGIE
Current User Name: Margaret
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/16 09:07:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margaret\Desktop\OTL.exe
PRC - [2010/01/21 17:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/07 06:38:22 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/19 11:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/06/17 11:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/02/16 22:41:26 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/01/15 16:54:54 | 000,037,376 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
PRC - [2007/01/02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/12/10 21:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006/12/10 21:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2006/11/01 22:15:50 | 000,537,480 | ---- | M] ( ) -- C:\WINDOWS\system32\dlcfcoms.exe
PRC - [2006/09/23 02:49:08 | 000,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2006/09/22 11:47:54 | 000,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/09/22 11:06:26 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/08/28 21:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/08/23 16:13:28 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/08/04 16:15:28 | 000,321,040 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
PRC - [2006/01/02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/12/19 15:08:42 | 001,347,584 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\WLTRAY.EXE
PRC - [2005/12/19 15:08:42 | 000,018,944 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
PRC - [2005/12/19 15:08:40 | 001,200,128 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE
PRC - [2005/12/09 20:29:52 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/05/04 00:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
PRC - [2005/05/03 22:07:32 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PRC - [2004/08/10 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/10 05:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/10/29 02:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003/09/10 02:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe


========== Modules (SafeList) ==========

MOD - [2010/02/16 09:07:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margaret\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - [2010/01/21 17:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/11/06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/17 11:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom)
SRV - [2008/01/16 14:57:26 | 000,814,728 | ---- | M] (ExtendMedia Inc.) [Auto | Stopped] -- C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe -- (OpenCASE Media Agent)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2007/01/19 23:52:32 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/01/19 23:52:32 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy)
SRV - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw)
SRV - [2006/11/08 16:35:38 | 000,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2006/11/08 16:35:36 | 000,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2006/11/01 22:15:50 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dlcfcoms.exe -- (dlcf_device)
SRV - [2006/09/25 15:26:26 | 000,345,696 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv)
SRV - [2006/09/23 02:49:08 | 000,401,408 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2006/08/23 16:13:28 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/19 15:08:42 | 000,018,944 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2005/05/04 00:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2005/05/03 21:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/04/07 12:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/02/11 20:11:50 | 000,097,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WDICA.sys -- (WDICA)
DRV - [2010/02/11 20:11:46 | 000,097,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDRFRAME.sys -- (PDRFRAME)
DRV - [2010/02/11 20:11:46 | 000,097,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDRELI.sys -- (PDRELI)
DRV - [2010/02/11 20:11:46 | 000,097,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDFRAME.sys -- (PDFRAME)
DRV - [2010/02/11 20:11:46 | 000,097,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDCOMP.sys -- (PDCOMP)
DRV - [2009/11/09 11:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/17 15:48:14 | 000,009,344 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\grmnusb.sys -- (grmnusb)
DRV - [2008/11/26 17:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2008/11/26 17:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2008/11/26 17:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/01/18 10:24:58 | 000,026,496 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2006/12/06 00:02:29 | 000,021,568 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2006/12/06 00:02:28 | 000,049,920 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006/12/06 00:02:28 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2006/11/09 16:04:20 | 000,280,392 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2006/11/09 16:04:20 | 000,073,288 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2006/09/23 02:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/09/22 11:47:52 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/09/22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/12/01 07:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 07:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 07:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/11/02 19:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/05 04:57:08 | 000,012,544 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/07/14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2004/12/13 15:14:00 | 000,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/08/10 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/10 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/10 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/10 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/10 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/10 05:00:00 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2004/08/10 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/10 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/10 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/10 05:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/10 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/10 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/10 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/10 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/10 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/10 05:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\changer.sys -- (Changer)
DRV - [2004/08/10 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/10 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2004/08/10 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/10 03:39:56 | 000,019,840 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/09 08:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 12:12:10 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {4E77EDAD-9566-4089-88D1-C81498CEE770}:3.0
FF - prefs.js..extensions.enabledItems: [email protected]:7

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/02/16 22:42:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/07 06:38:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/07 06:38:32 | 000,000,000 | ---D | M]

[2008/08/26 15:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Mozilla\Extensions
[2010/02/16 06:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions
[2010/02/10 07:24:23 | 000,000,000 | ---D | M] (Comcast Toolbar) -- C:\Documents and Settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}
[2008/07/15 06:27:58 | 000,000,000 | ---D | M] (Media Agent plugin 2) -- C:\Documents and Settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{BA979AD0-A3C5-4b32-A47E-4550BF00ECC7}
[2008/08/26 15:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/08/16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2008/08/16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2008/08/16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2008/08/16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2008/12/18 22:13:37 | 000,279,888 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2007/12/10 17:40:06 | 006,275,816 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ScorchPDFWrapper.dll
[2008/08/16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2008/12/01 10:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

O1 HOSTS File: ([2010/02/15 20:20:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCFCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.DLL ()
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [Adobe Loader] C:\Program Files\adb9_32.exe File not found
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {3785F3BF-8770-47EE-AB71-665805C608C3} https://www.scribe.c...es/InetWord.CAB (InetWord.InetDoc)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Margaret\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Margaret\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/02/12 05:46:26 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765113575899136)

========== Files/Folders - Created Within 30 Days ==========

[2010/02/16 09:07:17 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Margaret\Desktop\OTL.exe
[2010/02/16 09:03:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/02/16 07:37:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/02/15 20:31:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/02/15 20:00:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/02/15 20:00:38 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/02/15 20:00:38 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/02/15 20:00:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/02/15 20:00:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/15 14:52:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/02/15 14:50:26 | 004,614,888 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Margaret\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[2010/02/14 09:46:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/02/13 08:09:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/02/12 06:24:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll
[2010/02/12 06:24:20 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll
[2010/02/12 06:24:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll
[2010/02/12 06:24:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll
[2010/02/12 06:23:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll
[2010/02/12 06:23:32 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010/02/12 06:23:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/02/12 06:23:24 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/02/12 06:23:23 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/02/12 06:23:22 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/02/12 06:23:22 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/02/12 06:23:21 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/02/12 06:23:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/02/12 06:23:18 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/02/12 06:23:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/02/12 06:23:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/02/12 06:23:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/02/12 06:23:14 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/02/12 06:23:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/02/12 06:23:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/02/12 06:23:13 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/02/12 06:23:13 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/02/12 06:23:12 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/02/12 06:23:11 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/02/12 06:23:05 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/02/12 06:23:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/02/12 06:23:04 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/02/12 06:23:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/02/12 06:23:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/02/12 06:23:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/02/12 06:23:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/02/12 06:23:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/02/12 06:22:59 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/02/12 06:22:59 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/02/12 06:22:58 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/02/12 06:22:58 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/02/12 06:22:57 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/02/12 06:22:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/02/12 06:22:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/02/12 06:22:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/02/12 06:22:51 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/02/12 06:22:50 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/02/12 06:22:47 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/02/12 06:22:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/02/12 06:22:45 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/02/12 06:22:45 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/02/12 06:22:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/02/12 06:22:45 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/02/12 06:22:44 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/02/12 06:22:44 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/02/12 06:22:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/02/12 06:22:43 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/02/12 06:22:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/02/12 06:22:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/02/12 06:22:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/02/12 06:22:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/02/12 06:22:41 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/02/12 06:22:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/02/12 06:22:40 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/02/12 06:22:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/02/12 06:22:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/02/12 06:22:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/02/12 06:22:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/02/12 06:22:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/02/12 06:22:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/02/12 06:22:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/02/12 06:22:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/02/12 06:22:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/02/12 06:22:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/02/12 06:22:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/02/12 06:22:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/02/12 06:22:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/02/12 06:22:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/02/12 06:22:29 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/02/12 06:22:26 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/02/12 06:22:25 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/02/12 06:22:25 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/02/12 06:22:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/02/12 06:22:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/02/12 06:22:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/02/12 06:22:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/02/12 06:22:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/02/12 06:22:16 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/02/12 06:22:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/02/12 06:22:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/02/12 06:22:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/02/12 06:22:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/02/12 06:22:09 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/02/12 06:22:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/02/12 06:22:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/02/12 06:22:08 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2010/02/12 06:22:08 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/02/12 06:22:07 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/02/12 06:22:07 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/02/12 06:22:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/02/12 06:22:05 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/02/12 06:22:05 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/02/12 06:22:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/02/12 06:22:02 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/02/12 06:22:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/02/12 06:22:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/02/12 06:22:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/02/12 06:21:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/02/12 06:21:53 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010/02/12 06:21:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/02/12 06:21:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/02/12 06:21:46 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/02/12 06:21:45 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/02/12 06:21:38 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/02/12 06:21:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/02/12 06:21:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/02/12 06:21:18 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/02/12 06:21:18 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/02/12 06:21:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/02/12 06:21:17 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/02/12 06:21:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/02/12 06:21:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/02/12 06:21:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/02/12 06:21:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/02/12 06:21:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/02/12 06:21:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/02/12 06:21:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/02/12 06:21:09 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/02/12 06:21:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/02/12 06:21:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/02/12 06:21:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/02/12 06:21:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/02/12 06:21:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/02/12 06:21:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/02/12 06:21:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/02/12 06:21:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/02/12 06:21:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/02/12 06:21:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/02/12 06:21:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/02/12 06:21:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/02/12 06:21:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/02/12 06:21:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/02/12 06:21:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/02/12 06:21:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/02/12 06:21:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/02/12 06:21:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/02/12 06:21:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/02/12 06:21:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/02/12 06:21:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/02/12 06:21:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/02/12 06:21:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/02/12 06:20:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/02/12 06:20:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/02/12 06:20:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/02/12 06:20:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/02/12 06:20:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/02/12 06:20:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/02/12 06:20:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/02/12 06:20:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/02/12 06:20:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/02/12 06:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/02/12 06:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/02/12 06:20:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/02/12 06:20:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/02/12 06:20:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/02/12 06:20:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/02/12 06:20:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/02/12 06:20:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/02/12 06:20:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/02/12 06:20:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/02/12 06:20:48 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/02/12 06:20:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/02/12 06:20:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/02/12 06:20:47 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/02/12 06:20:46 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/02/12 06:20:46 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/02/12 06:20:45 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/02/12 06:20:45 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/02/12 06:20:45 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/02/12 06:20:44 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/02/12 06:20:44 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/02/12 06:20:44 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/02/12 06:20:43 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/02/12 06:20:43 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/02/12 06:20:43 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/02/12 06:20:42 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/02/12 06:20:42 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/02/12 06:20:42 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/02/12 06:20:41 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/02/12 06:20:41 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/02/12 06:20:40 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/02/12 06:20:40 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/02/12 06:20:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/02/12 06:20:39 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/02/12 06:20:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/02/12 06:20:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/02/12 06:20:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/02/12 06:20:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/02/12 06:20:37 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/02/12 06:20:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/02/12 06:20:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/02/12 06:20:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/02/12 06:20:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/02/12 06:20:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/02/12 06:20:28 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/02/12 06:20:14 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/02/12 06:20:13 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/02/12 06:20:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/02/12 06:20:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/02/12 06:20:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/02/12 06:20:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/02/12 06:20:09 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/02/12 06:20:05 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/02/12 06:20:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/02/12 06:20:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/02/12 06:20:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/02/12 06:20:02 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/02/12 06:20:02 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/02/12 06:20:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/02/12 06:20:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/02/12 06:19:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/02/12 06:19:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/02/12 06:19:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/02/12 06:19:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/02/12 06:19:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/02/12 06:19:57 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/02/12 06:19:57 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/02/12 06:19:56 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/02/12 06:19:56 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/02/12 06:19:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/02/12 06:19:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/02/12 06:19:38 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/02/12 06:19:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/02/12 06:19:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/02/12 06:19:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/02/12 06:19:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/02/12 06:19:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/02/12 06:19:32 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/02/12 06:19:32 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/02/12 06:19:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/02/12 06:19:30 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/02/12 06:19:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/02/12 06:19:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/02/12 06:19:29 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/02/12 06:19:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/02/12 06:19:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/02/12 06:19:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/02/12 06:19:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/02/12 06:19:26 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/02/12 06:19:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/02/12 06:19:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/02/12 06:19:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/02/12 06:19:23 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/02/12 06:19:05 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/02/12 06:19:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/02/12 06:18:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/02/12 06:18:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/02/12 06:18:57 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/02/12 06:18:57 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/02/12 06:18:56 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/02/12 06:18:56 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/02/12 06:18:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/02/12 06:18:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/02/12 06:18:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/02/12 06:18:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/02/12 06:18:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/02/12 06:18:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/02/12 06:18:51 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/02/12 06:18:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/02/12 06:18:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/02/12 06:18:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/02/12 06:18:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010/02/12 06:18:47 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010/02/12 06:18:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/02/12 06:18:43 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/02/12 06:18:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/02/12 06:18:42 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/02/12 06:18:42 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/02/12 06:18:41 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/02/12 06:18:35 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/02/12 06:18:34 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/02/12 06:18:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/02/12 06:18:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/02/12 06:18:33 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/02/12 06:18:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/02/12 06:18:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/02/12 06:18:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/02/12 06:18:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/02/12 06:18:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/02/12 06:18:31 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/02/12 06:18:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/02/12 06:18:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/02/12 06:18:30 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/02/12 06:18:30 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/02/12 06:18:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/02/12 06:18:29 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/02/12 06:18:29 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/02/12 06:18:29 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/02/12 06:18:28 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/02/12 06:18:28 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/02/12 06:18:28 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/02/12 06:18:28 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/02/12 06:18:27 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/02/12 06:18:27 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/02/12 06:18:27 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/02/12 06:18:27 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/02/12 06:18:26 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/02/12 06:18:26 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/02/12 06:18:26 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/02/12 06:18:24 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/02/12 06:18:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/02/12 06:18:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/02/12 06:18:23 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/02/12 06:18:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/02/12 06:18:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/02/12 06:18:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/02/12 06:18:21 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/02/12 06:18:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/02/12 06:18:20 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/02/12 06:18:19 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/02/12 00:32:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/02/12 00:32:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/02/12 00:32:30 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/02/12 00:32:30 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/02/11 21:46:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010/02/11 13:42:35 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010/02/11 13:42:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010/02/11 13:42:33 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2010/02/11 13:42:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010/02/11 07:04:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2010/02/10 13:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/02/10 13:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/02/10 07:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Application Data\CallingID
[2010/02/10 07:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2010/02/10 07:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/02/10 07:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Application Data\comcasttb
[2010/02/10 07:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2010/02/10 02:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/02/09 21:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Local Settings\Application Data\AntiVirus Plus
[2010/02/09 21:53:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/06 14:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Application Data\GARMIN
[2010/02/06 14:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin
[2010/02/06 14:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/02/06 13:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2010/01/24 20:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\My Documents\SPC - HUC
[2010/01/23 00:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Local Settings\Application Data\Threat Expert
[2010/01/22 13:39:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/01/22 13:39:49 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/01/22 13:39:49 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll.old
[2010/01/22 13:39:49 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/01/22 13:37:41 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/01/22 13:37:37 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/01/22 13:37:37 | 000,087,784 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/01/22 13:37:32 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010/01/22 13:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/01/22 13:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/01/22 13:37:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/01/22 13:16:42 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/01/22 00:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Margaret\Local Settings\Application Data\tbwubs
[2008/01/22 20:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2007/01/08 11:01:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/01/07 08:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/10/11 18:01:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpmui.dll
[2006/10/11 17:59:56 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfserv.dll
[2006/10/11 17:54:10 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomm.dll
[2006/10/11 17:52:34 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcflmpm.dll
[2006/10/11 17:51:16 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfiesc.dll
[2006/10/11 17:48:58 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpplc.dll
[2006/10/11 17:48:14 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomc.dll
[2006/10/11 17:47:42 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfprox.dll
[2006/10/11 17:41:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfinpa.dll
[2006/10/11 17:41:04 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfusb1.dll
[2006/10/11 17:37:14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfhbn3.dll
[2005/08/16 04:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2 C:\Documents and Settings\Margaret\My Documents\*.tmp files -> C:\Documents and Settings\Margaret\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/16 09:25:46 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{40379DF7-DA1A-431E-911E-F4133F2153AE}.job
[2010/02/16 09:07:18 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margaret\Desktop\OTL.exe
[2010/02/16 08:40:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/16 08:38:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/16 08:38:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/16 08:38:30 | 937,537,536 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/16 08:37:42 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Margaret\NTUSER.DAT
[2010/02/16 07:50:38 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/16 07:37:13 | 000,000,291 | RHS- | M] () -- C:\boot.ini
[2010/02/16 01:07:20 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Margaret\ntuser.ini
[2010/02/15 20:20:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/15 15:26:38 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/02/15 15:26:38 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/15 15:26:31 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/02/15 14:52:14 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/15 07:53:24 | 004,614,888 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Margaret\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[2010/02/15 00:43:56 | 003,857,112 | R--- | M] () -- C:\Documents and Settings\Margaret\Desktop\ComboFix.exe
[2010/02/14 13:12:27 | 937,570,304 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/02/14 09:47:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\rujabogi
[2010/02/13 08:10:42 | 000,552,868 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/02/13 08:10:42 | 000,462,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/13 08:10:42 | 000,080,726 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/12 06:26:55 | 000,000,264 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/02/12 05:45:34 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/02/12 05:45:34 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/02/12 05:45:03 | 000,000,742 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/12 05:34:34 | 000,034,332 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/02/12 05:33:50 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/02/12 05:32:58 | 000,000,221 | ---- | M] () -- C:\Boot.bak
[2010/02/12 00:36:10 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2010/02/11 22:14:37 | 000,004,382 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/11 22:05:24 | 000,326,359 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2010/02/11 20:11:50 | 000,097,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\WDICA.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\PDRFRAME.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\PDRELI.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\PDFRAME.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\PDCOMP.sys
[2010/02/11 19:33:52 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\Margaret\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/11 15:22:43 | 000,298,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/09 13:39:55 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/02/09 00:08:55 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\Margaret\My Documents\NPW.doc
[2010/02/09 00:08:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/09 00:04:13 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Margaret\My Documents\TV Stuff.doc
[2010/02/03 21:51:51 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Margaret\My Documents\Shoe miles - gel cumulus 11 - plum.doc
[2010/02/03 21:48:09 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Margaret\My Documents\Shoe miles - gel cumulus 11 - paradise pink.doc
[2010/01/21 17:21:07 | 000,165,840 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010/01/21 17:21:07 | 000,149,456 | ---- | M] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010/01/21 17:21:07 | 000,000,882 | ---- | M] () -- C:\WINDOWS\RegSDImport.xml
[2010/01/21 17:21:07 | 000,000,879 | ---- | M] () -- C:\WINDOWS\RegISSImport.xml
[2010/01/21 17:21:06 | 001,652,688 | ---- | M] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010/01/21 17:21:05 | 000,767,952 | ---- | M] () -- C:\WINDOWS\BDTSupport.dll
[2 C:\Documents and Settings\Margaret\My Documents\*.tmp files -> C:\Documents and Settings\Margaret\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2099/01/01 12:00:00 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\rujabogi
[2010/02/16 07:37:13 | 000,000,221 | ---- | C] () -- C:\Boot.bak
[2010/02/16 07:37:07 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/02/16 01:08:07 | 937,537,536 | -HS- | C] () -- C:\hiberfil.sys
[2010/02/15 20:00:38 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/02/15 20:00:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/02/15 20:00:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/02/15 20:00:38 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/02/15 20:00:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/02/15 14:50:19 | 003,857,112 | R--- | C] () -- C:\Documents and Settings\Margaret\Desktop\ComboFix.exe
[2010/02/13 12:04:46 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Margaret\Desktop\gmer.exe
[2010/02/12 06:23:37 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/02/12 06:22:11 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/02/12 06:22:10 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/02/12 06:22:06 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/02/12 06:21:10 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/02/12 06:21:09 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/02/12 06:20:46 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/02/12 06:20:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/02/12 06:20:38 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/02/12 06:20:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/02/12 06:20:10 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/02/12 06:20:03 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/02/12 06:19:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/02/12 06:19:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/02/12 06:19:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/02/12 06:19:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/02/12 06:19:22 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/02/12 06:19:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/02/12 06:19:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/02/12 06:19:20 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/02/12 06:19:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/02/12 06:19:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/02/12 06:19:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/02/12 06:19:19 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/02/12 06:19:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/02/12 06:19:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/02/12 06:19:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/02/12 06:19:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/02/12 06:19:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/02/12 06:19:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/02/12 06:19:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/02/12 06:19:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/02/12 06:19:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/02/12 06:19:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/02/12 06:19:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/02/12 06:19:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/02/12 06:19:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/02/12 06:19:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/02/12 06:19:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/02/12 06:19:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/02/12 06:19:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/02/12 06:19:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/02/12 06:19:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/02/12 06:19:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/02/12 06:19:14 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/02/12 06:19:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/02/12 06:19:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/02/12 06:19:13 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/02/12 06:19:13 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/02/12 06:19:13 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/02/12 06:19:12 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/02/12 06:19:12 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/02/12 06:19:12 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/02/12 06:19:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/02/12 06:19:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/02/12 06:19:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/02/12 06:19:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/02/12 06:19:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/02/12 06:19:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/02/12 06:19:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/02/12 06:19:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/02/12 06:19:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/02/12 06:19:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/02/12 06:19:08 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/02/12 06:19:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/02/12 06:19:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/02/12 06:19:07 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/02/12 06:19:07 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/02/12 06:19:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/02/12 06:19:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/02/12 06:19:06 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/02/12 06:19:05 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/02/12 06:19:04 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/02/12 06:18:45 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010/02/12 05:45:34 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/02/12 05:45:26 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/02/12 00:32:11 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/02/12 00:32:11 | 000,077,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
[2010/02/12 00:32:11 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/02/12 00:32:11 | 000,017,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
[2010/02/12 00:32:11 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/02/12 00:32:10 | 000,130,715 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/02/12 00:32:10 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/02/12 00:32:10 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/02/12 00:32:10 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/02/12 00:32:10 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/02/12 00:32:10 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/02/12 00:32:10 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/02/12 00:32:10 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/02/12 00:32:10 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/02/12 00:32:10 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/02/12 00:32:09 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/02/12 00:32:09 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/02/12 00:32:09 | 000,106,147 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010/02/12 00:32:08 | 002,008,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/02/12 00:32:08 | 000,505,647 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/02/11 20:11:50 | 000,097,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\WDICA.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDRFRAME.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDRELI.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDFRAME.sys
[2010/02/11 20:11:46 | 000,097,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDCOMP.sys
[2010/02/11 13:19:11 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010/02/11 07:04:31 | 937,570,304 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2010/02/09 13:39:55 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/22 13:39:50 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2010/01/22 13:39:50 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010/01/22 13:39:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010/01/22 13:39:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010/01/22 13:39:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010/01/22 13:39:49 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010/01/22 13:37:41 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/01/22 13:37:37 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/01/22 13:37:37 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/01/22 13:37:32 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009/01/17 21:27:20 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2007/06/28 18:31:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\pccillin.ini
[2007/02/18 22:35:50 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\OutlookFail.20070218.log
[2007/02/16 00:22:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/02 17:29:24 | 000,014,234 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/01/26 15:27:47 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/01/26 15:27:47 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\0614CBF952.sys
[2006/12/28 01:28:48 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\Margaret\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/28 01:03:34 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Margaret\Local Settings\Application Data\fusioncache.dat
[2006/12/21 12:16:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/21 12:07:41 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/21 12:00:58 | 000,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/21 11:47:53 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/12/21 11:23:10 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/12/21 11:23:06 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/12/21 11:22:36 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/10/28 10:31:44 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcfcoin.dll
[2006/10/20 13:42:24 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsr.dll
[2006/10/20 13:42:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcfcur.dll
[2006/10/20 13:41:46 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcfjswr.dll
[2006/10/20 13:37:22 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsb.dll
[2006/10/20 13:37:16 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcfcub.dll
[2006/10/20 13:37:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcfcu.dll
[2006/10/20 13:36:54 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\dlcfins.dll
[2006/10/20 13:35:36 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\dlcfutil.dll
[2006/09/06 05:27:08 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlcfcfg.dll
[2005/11/10 08:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/18 06:26:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcfvs.dll
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/04/27 12:37:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2004/08/10 05:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/09 22:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002/02/24 00:48:19 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\atsdrve.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2008/08/23 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2006/12/21 11:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2007/07/19 18:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/01/27 15:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2006/12/21 11:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2007/12/21 22:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2008/07/15 06:45:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ExtendMedia
[2007/12/22 04:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008/05/20 07:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/12/21 12:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2008/12/20 12:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2007/02/02 17:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/12/31 08:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2008/12/20 13:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2006/12/21 12:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2007/10/14 14:38:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/18 23:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/05/20 07:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/11/02 06:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/01/22 13:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2006/12/21 11:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2008/01/27 22:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2008/01/15 07:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/02/16 09:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/12/21 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trend Micro
[2008/12/20 13:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2006/12/28 09:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/01/28 00:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2006/12/21 12:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2009/09/29 23:23:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/09 09:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009/02/04 14:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\DifXInstall32.exe
[2009/11/12 17:07:12 | 000,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
[2007/11/13 15:46:00 | 000,135,168 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
[2006/12/28 09:35:19 | 000,072,704 | ---- | M] (Dell Inc) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\CIP\DellSupportODBK.exe
[2007/12/21 22:59:46 | 000,327,437 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\CIP\TransferAgentSetup.exe
[2006/12/21 12:08:09 | 000,123,138 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\HTML\MakeDesktopShortcut.EXE
[2006/12/28 09:35:19 | 000,072,704 | ---- | M] (Dell Inc) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\HTML\fix\DellSupportODBK.exe
[2007/07/18 16:02:52 | 000,064,512 | ---- | M] (Gteko Ltd.) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch3\HTML\item_templ\coach\RunGdp.exe
[2006/12/21 12:08:18 | 000,123,138 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\HTML\MakeDesktopShortcut.EXE
[2006/12/21 12:08:18 | 000,068,608 | ---- | M] (Dell Inc) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\HTML\fix\DellSupportLauncher.exe
[2006/12/21 12:08:18 | 000,072,704 | ---- | M] (Dell Inc) -- C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\HTML\fix\DellSupportODBK.exe
[2009/10/30 06:06:03 | 001,962,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
[2006/08/04 16:13:48 | 000,218,736 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\All Users\Application Data\Trend Micro\OL_OEM\auhome\patch.exe

< %APPDATA%\*. >
[2008/01/25 12:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Adobe
[2008/08/23 21:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\AdobeUM
[2007/02/10 11:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Ahead
[2009/10/30 06:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Amazon
[2009/09/29 23:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Apple Computer
[2006/12/21 11:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\ATI
[2010/02/10 07:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\CallingID
[2010/02/10 07:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\comcasttb
[2007/02/02 18:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Corel
[2010/02/06 14:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\GARMIN
[2008/02/09 19:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Google
[2006/12/21 12:08:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Margaret\Application Data\Gtek
[2008/03/01 14:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\gtk-2.0
[2008/03/25 18:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Help
[2007/10/14 15:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\HP
[2009/03/15 19:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\ICAClient
[2005/08/16 04:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Identities
[2009/06/30 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Image Zone Express
[2008/01/15 07:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\InstallShield
[2007/01/10 12:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Leadertech
[2006/12/28 01:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Macromedia
[2008/04/01 21:36:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Margaret\Application Data\Microsoft
[2008/06/12 00:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\mIRC
[2010/02/10 07:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Margaret\Application Data\Move Networks
[2008/08/26 15:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Mozilla
[2008/05/20 07:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\NCH Swift Sound
[2009/06/30 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Printer Info Cache
[2008/03/26 21:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Real
[2008/01/22 20:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Roxio
[2008/02/24 00:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Sibelius Software
[2007/01/10 12:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Sonic
[2007/01/03 20:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Sun
[2009/07/29 16:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\U3
[2009/02/22 22:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\uniblue
[2010/02/10 17:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\uTorrent
[2008/01/27 00:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Margaret\Application Data\Winamp

< %APPDATA%\*.exe /s >
[2007/03/25 22:47:51 | 021,277,080 | ---- | M] ( ) -- C:\Documents and Settings\Margaret\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
[2008/08/23 20:53:02 | 019,900,192 | ---- | M] ( ) -- C:\Documents and Settings\Margaret\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe
[2007/01/17 00:07:52 | 001,168,157 | ---- | M] () -- C:\Documents and Settings\Margaret\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2008/01/15 06:51:10 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\DesktopMgr.exe
[2008/01/15 06:51:10 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,026,694 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2008/01/15 06:51:11 | 000,006,502 | R--- | M] () -- C:\Documents and Settings\Margaret\Application Data\Microsoft\Installer\{9B449C1A-4F64-4ED4-8C96-31B222E8377F}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2009/06/17 23:00:58 | 001,686,272 | ---- | M] () -- C:\Documents and Settings\Margaret\Application Data\Move Networks\MoveMediaPlayerWin_071503000010.exe
[2010/02/10 07:21:24 | 000,144,162 | ---- | M] () -- C:\Documents and Settings\Margaret\Application Data\Move Networks\uninstall.exe
[2009/12/17 21:27:04 | 000,097,216 | ---- | M] () -- C:\Documents and Settings\Margaret\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009/06/02 21:27:51 | 000,390,664 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Margaret\Application Data\Real\RealPlayer\Update\RealPlayer11.exe
[2006/05/23 17:04:56 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Margaret\Application Data\U3\temp\cleanup.exe
[2006/10/04 14:21:22 | 003,072,000 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Margaret\Application Data\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >


< MD5 for: AGP440.SYS >
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 05:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/10 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/10 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/10 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/10 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/10 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/10 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2006/05/11 10:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2004/08/10 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004/08/10 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/10 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2006/03/16 18:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/10 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/10 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004/08/10 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/10 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SYMMPI.SYS >
[2005/11/17 12:58:16 | 000,092,672 | ---- | M] (LSI Logic) MD5=1FD5249D5103125D2DA63F68D7BE1D35 -- C:\WINDOWS\dell\symmpi\symmpi.sys

< %systemroot%\system32\*.dll /lockedfiles >
[2004/08/10 05:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/02/11 18:29:09 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/02/12 00:12:33 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010/02/11 18:29:09 | 035,913,728 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/02/11 18:29:09 | 007,077,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Step 4:
I started scanning with GMER,and it went along fine for several minutes, but I eventually got a blue screen with the "beginning dump of physical memory" message.

That's all I have so far.
  • 0

#69
heir
Posted 16 February 2010 - 11:09 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Step 1.
CFScript:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

FCopy::
 c:\windows\SoftwareDistribution\SelfUpdate\wuauclt.exe | c:\windows\System32\wuauclt.exe
File::
c:\program files\adb9_32.exe
C:\WINDOWS\System32\rujabogi
Folder::
c:\program files\uTorrent
c:\documents and settings\Margaret\Application Data\uTorrent
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Loader"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe"=-

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Step 2.
Things I would like to see in your reply:

  • The content of C:\ComboFix.txt from step 1.
  • Information on how your computer is running now.

  • 0

#70
magaggie
Posted 16 February 2010 - 12:13 PM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
I'm still getting those msfeedsync errors popping up every few minutes. The only other problem I've noticed is that when I open Internet Explorer and type a URL in, I get this: "The requested lookup key was not found in any active activation context." I usually use Firefox, but I used IE for that VirScan website. I ended up having to use the Google search bar that was there, and I could open it that way. I haven't noticed any other problems.

Here's the ComboFix text:

ComboFix 10-02-12.01 - Margaret 02/16/2010 11:38:17.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.413 [GMT -6:00]
Running from: c:\documents and settings\Margaret\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Margaret\Desktop\CFScript.txt
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

FILE ::
"c:\program files\adb9_32.exe"
"c:\windows\System32\rujabogi"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Margaret\Application Data\uTorrent
c:\documents and settings\Margaret\Application Data\uTorrent\4 - A Charlie Brown Thanksgiving.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\8 Simple Rules - Season 1 (DVDRip).torrent
c:\documents and settings\Margaret\Application Data\uTorrent\90210.103.hdtv-lol.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\90210.103.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\90210.s01e01e02.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\90210.s01e04.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\A.Charlie.Brown.Thanksgiving.1973.HDTV.XviD.Indi.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\aaf-crwdd.s01e07.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\accidentally.on.purpose.102.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2006.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2006.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2007.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2008.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2008.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Adam Carolla - 2009.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.720.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e03.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e04.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E05.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e06.repack.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e07.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e08.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e09.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E10.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e11.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e12.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e13.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e14.hdtv.xvid-fqm.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e14.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e15.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e16.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e17.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E18.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E19.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E21.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e22.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E23.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e24.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e26.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E27.Top.9.Results.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e28.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e29.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e30.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e31.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E32.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E33.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E34.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.S07E35.hdtv.xvid.xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e36.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e37.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E38.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e39.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\American.Idol.S07E40.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e41.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\american.idol.s07e42.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\big.bang.theory.0211.notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Big.Shots.S01.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Biggest Loser (US) - Season 4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Biggest loser Australia Season 1 Complete.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Biggest loser Australia Season 1 Complete.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Biggest Loser Workout.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\bones.310.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Bones.S03E11.The.Player.Under.Pressure.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Bones.S03E12.REPACK.HDTV.XviD-E7.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Castle.2009.S02E06.HDTV.XviD-2HD.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Castle.2009.S02E06.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E02.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E03.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E04.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E05.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E07.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E08.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity Rehab S02E09.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.Presents.Sober.House.S01E08.PDTV.XviD-KRS.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.Presents.Sober.House.S01E09.PDTV.XviD-KRS.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E04.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E05.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E06.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E08.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E09.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Celebrity.Rehab.With.Dr.Drew.S01E10.DSRip.XviD-aAF.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s02e01.dsrip.xvid-aaf.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s02e06.dsr.xvid-ballerina.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s03e02.dsr.xvid-momentum.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s03e03.dsr.xvid-omicron.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s03e04.dsr.xvid-momentum.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s03e05.dsr.xvid-omicron.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\celebrity.rehab.with.dr.drew.s03e05.dsr.xvid-omicron.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community Pilot.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E02.Spanish.101.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E03.Introduction.to.Film.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e04.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e05.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e06.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E07.Introduction.to.Statistics.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E08.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E09.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e10.hdtv.xvid-fqm.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e10.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E11.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e12.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Community.S01E13.HDTV.XviD-LoL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e14.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\community.s01e15.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\conan.20080422.hdtv.xvid-stfu.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Conan.O.Brien.2008.05.21.Harrison.Ford.HDTV.XviD-MOMENTUM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\conan.o.brien.2009.02.19.jerry.seinfeld.hdtv.xvid-lmao.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\conan.o.brien.2010.01.22.conans.last.nbc.show.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\confessions.of.a.teen.idol.s01e01.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Cops.03x06.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb Your Enthusiasm - Season 1.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb Your Enthusiasm - Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb Your Enthusiasm Season 1.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb Your Enthusiasm Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S02.DVDRip.XviD-RiVER.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S03.DVDRip.XviD-MEDiEVAL.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S03.DVDRip.XviD-MEDiEVAL.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S03.DVDRip.XviD-MEDiEVAL.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S04.DVDRip.XviD-MEDiEVAL.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S04.DVDRip.XviD-MEDiEVAL.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S04.DVDRip.XviD-MEDiEVAL.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\curb.your.enthusiasm.s07.special.hdtv.xvid-sys.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S07E01.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S07E02.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Curb.Your.Enthusiasm.S07E03.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.Special.US-Judges.All.Time.Top.10.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E02.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E03.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E04.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E06.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E08.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E11.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E12.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E13.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dancing.with.the.stars.us.s06e14.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E15.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E16.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E17.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E18.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S06E19.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.the.Stars.US.S07E03.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dancing.with.the.stars.us.s07e12.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dancing.with.the.stars.us.s07e16.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.the.Stars.US.S07E17.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.the.Stars.US.S08E01.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.the.Stars.US.S08E02.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dancing.with.the.stars.us.s08e03.720-yestv.mkv.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dancing.With.The.Stars.US.S08E20.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dancing.with.the.stars.us.s08e21.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.0510.notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.413.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S04E10.HDTV.XviD-0TV.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s04e10.proper.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S04E11.HDTV.XviD-0TV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S04E12.HDTV.XViD-DOT.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s04e14.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S04E15.HDTV.XviD-0TV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s04e16-e17.hdtv.xvid-dot.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s04e16-e17.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05.HDTV.XviD.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e01.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E02.We're.So.Happy.You're.So.Happy.HDTV.XViD-DOT.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e03.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E04.xvid-notv.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E04.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E05.HDTV.XViD-DOT.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E05.HDTV.XViD-DOT.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e06.repack.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e08.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E09.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E11.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E12.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E13.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e14.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E15.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E16.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e17.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e18.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S05E20.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s05e21.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E01.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E02.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E03.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E04.The.God-Why-Dont-You-Love-Me.Blues.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E05.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s06e06.hdtv.xvid-fever.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E07.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E08.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s06e09.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E10.HDTV.Xvid-2HD.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E10.HDTV.Xvid-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s06e11.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E12.You.Gotta.Get.a.Gimmick.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Desperate.Housewives.S06E13.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\desperate.housewives.s06e14.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dh.s05e07.hdtv.xvid-xoxo.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dht.dat
c:\documents and settings\Margaret\Application Data\uTorrent\dht.dat.old
c:\documents and settings\Margaret\Application Data\uTorrent\Dollhouse Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\dollhouse.103.stage.fright-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Dollhouse.S01E02.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\e7-notes.s02e07-xvid.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ED - Complete Season 2.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ED - Complete Season 2.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ED - Complete Season 2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ed Season 3.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ed Season 3.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ed Season 3.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ed Season 3.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ed Season 3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER 14.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER 14.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER 14.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER 14.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER 14.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1401-caph.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1401-caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1402-caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1408-caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1411.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.1412.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.s14e03.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.s14e04.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.s14e05.hdtv.xvid-hiqt.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S14E06.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\er.s14e07.hdtv.PROPER.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S14E09.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S14E10.HDTV.XViD-Caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.5.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.6.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.7.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.8.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.9.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.HDTV.XVID.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.S15.Special.Retrospective.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ER.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Extreme.Makeover.Home.Edition.S06E22.Kadzis.Family.PDTV.XviD-KRS.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Glee.S01E01.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e02.hdtv.xvid-fqm.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e02.hdtv.xvid-fqm.avi.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e02.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e03.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Glee.S01E04.Preggers.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e05.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Glee.S01E06.Vitamin.D.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e07.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e08.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e09.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e10.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e11.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Glee.S01E12.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\glee.s01e13.hdtv.xvid-fqm.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Gossip Girl Seaaon 1.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Gossip Girl Seaaon 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Grey's Anatomy S05E09 XviD VOSTFR --Antoine4011--.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Grey's Anatomy Season 5 Complete.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.0604.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.506.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.509.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s04e10-caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S04E12.Where.The.Wild.Things.Are.PROPER.HDTV.XviD-FQM.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s04e13.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s04e14.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e01e02.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e03.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e04.hdtv.xvid-dot.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e04.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e05.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e07.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e08.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e08.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e09.proper.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E10.REAL.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e12.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e13.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E14.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E15.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E16.An.Honest.Mistake.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e17.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s05e18.proper.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E19.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S05E20.Sweet.Surrender.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E01E02.Good.Mourning.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E03.I.Always.Feel.Like.Somebodys.Watchin.Me.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E05.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E06.I.Saw.What.I.Saw.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E07.PROPER.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E08.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s06e09.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s06e10.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E11.Blink.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys.anatomy.s06e12.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Greys.Anatomy.S06E13.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys_anatomy.4x15.losing_my_mind.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys_anatomy.4x16_4x17.freedom.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\greys_anatomy_s05e11_internal_readnfo_hdtv_xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\hopkins.s01e01.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\hopkins.s02e02.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\hopkins.s02e03.hdtv.xvid-twSic.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\hopkins.s02e04.hdtv.xvid-noodles.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\hopkins.s02e05.hdtv.xvid-twSic.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\House.S02.DVD.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\House.S04.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.313.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.320.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.403.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.404.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.407.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.408.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.409.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.410.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.412.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.413.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.416.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.417.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.424.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S03E17.HDTV.XviD-XOR.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s03e19.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s04e02.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E05.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E06.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.S04E11.HDTV.XviD-LoL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E14.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E15.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E18.HDTV.XviD-XOR.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E18.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E19.HDTV.XviD-LOL.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E19.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s04e20.hdtv.xvid-2hd.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s04e20.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E21.HDTV.XviD-LOL.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E21.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E22.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S04E23.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E01.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E02.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e03.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e04.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E05.HDTV.XviD-NoTV.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E05.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E06.HDTV.XviD-FEVER.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e07.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e08.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e09.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e10.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e11.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E12.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how.i.met.your.mother.s05e13.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E14.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\How.I.Met.Your.Mother.S05E15.HDTV.XviD-XII.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how_i_met_your_mother.3x12.no_tomorrow.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how_i_met_your_mother.3x14.the_bracket.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how_i_met_your_mother.3x16.sandcastles_in_the_sand.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how_i_met_your_mother.3x18.rebound_bro.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\how_i_met_your_mother.4x01.do_i_know_you.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Jon & Kate Plus 8 S5E2-Kate's Birthday Surprise.480p{Nelwyn}.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\kath.and.kim.101.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Kath.and.Kim.US.S01E02.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Kathy Griffin - My Life on the D-List - Season 2.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Kathy Griffin - My Life on the D-List - Season 2.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Kathy Griffin - My Life on the D-List - Season 2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Late Night 20030914 10th Anniversary Special.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Late.Night.with.Conan.O'Brien.1998.09.16.5th.Anniversary.Special.xvid.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Late.Night.With.Conan.O.Brien.2000.05.26.Andy's.Last.Show.PDTV.xvid.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Late.Night.With.Conan.O.Brien.FINAL.SHOW.2009.02.20.The.White.Stripes.HDTV.XviD-XOXO.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost Season 5.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost Season 5.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.0512.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.0513.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.4x12.theres_no_place_like_home.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e005.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e02.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e04.repack.hdtv.xvid-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e07.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e08.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e09.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e10.proper.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s04e11.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost.S04E13-E14.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost.S05E03.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost.S05E05.This.Place.Is.Death.PROPER.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s05e07.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost.S05E08.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lost.S05E09.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s05e10.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\lost.s06e01-e02.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Loveline.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Loveline.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Lucky Louie Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Mad Men Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Mercy.S01E01.HDTV.XVID-FQM.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Mercy.S01E01.HDTV.XVID-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Mercy.S01E02.I.Believe.You.Conrad.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\modern.family.s01e01.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E02.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\modern.family.s01e03.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E04.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E05.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E06.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\modern.family.s01e07.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E08.HDTV.XviD-P0W4.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E08.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E09.HDTV.XviD-P0W4.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E09.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E10.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E11.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\modern.family.s01e12.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Modern.Family.S01E13.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\modern.family.s01e14.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.313.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.314.315.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.316.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.319.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.320.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.405.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.410.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.411.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.416.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.422.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s03e17.720p.hdtv.x264-ctu.mkv.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s03e21-e22.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s04e02.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s04e03.proper.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s04e04.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E07.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.Is.Earl.S04E08.Little.Bad.Voodoo.Brother.HDTV.XviD-FQM.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E09.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E12.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E13.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E14.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.Is.Earl.S04E15.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.Is.Earl.S04E17.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E18.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s04e19.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E20.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s04e21.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E23.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.Is.Earl.S04E24.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E25.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.is.Earl.S04E26.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\My.Name.Is.Earl.S05E06.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my.name.is.earl.s4e27.HDTV.Xvid-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my_name_is_earl.3x17.no_heads_and_a_duffel_bag.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my_name_is_earl.3x18.killerball.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\my_name_is_earl.4x01.the_magic_hour.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se 3.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se 3.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se 3.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se 3.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se 3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se5.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - Se5.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - SE6.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - SE6.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Northern Exposure - SE6.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.0220.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.109-caph.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.221.hdtv-xvid-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e01.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e02.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e03.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e04.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e06.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e07.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E08.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e09.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e10.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e11.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E12.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E13.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E14.Second.Chances.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E15.HDTV.XviD-XOR.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E16.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e17.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E18.Finishing.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S02E19.What.Women.Want.xvid.notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s02e22.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E01.A.Death.in.the.Family.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E02.REPACK.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E02.The.Way.We.Were.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E03.HDTV.XviD-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s03e04.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E05.Strange.Bedfellows.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E06.HDTV.XviD-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E07.The.Hard.Part.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s03e08.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E09.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E10.HDTV.XviD-2HD.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E10.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\private.practice.s03e11.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E12.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Private.Practice.S03E13.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\PrivatePractice.S01.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\PrivatePractice.S01.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\PrivatePractice.S01.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\pvt.practice.205.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\resume.dat
c:\documents and settings\Margaret\Application Data\uTorrent\resume.dat.old
c:\documents and settings\Margaret\Application Data\uTorrent\rss.dat
c:\documents and settings\Margaret\Application Data\uTorrent\rss.dat.old
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.0818.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.707.pdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.710.pdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.711.pdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.7x08.my_manhood.pdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.815.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S07E09.My.Dumb.Luck.PROPER.PDTV.XviD-FoV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e01.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E02.HDTV.XviD-0TV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e03.proper.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e04.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e05.my.abc's.proper.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E06.HDTV.XviD.PROPER-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E07.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E08.HDTV.XviD-LOL.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E09.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E10.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e11.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\scrubs.s08e12.hdtv.xvid.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E13.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E14.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E16.My.Cuz.HDTV.XviD-0TV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E17.My.Chief.Concern.HDTV.XviD-FQM.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Scrubs.S08E17.My.Chief.Concern.HDTV.XviD-FQM.avi.torrent.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\settings.dat
c:\documents and settings\Margaret\Application Data\uTorrent\settings.dat.old
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.with.Dr.Drew.S01E01.DSR.XviD-OMiCRON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.With.Dr.Drew.S01E02.REPACK.DSR.XViD-YesTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.with.Dr.Drew.S01E03.DSR.XviD-OMiCRON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.with.Dr.Drew.S01E04.DSR.XviD-OMiCRON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.With.Dr.Drew.S01E04.PROPER.DSR.XViD-YesTV .avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\sex.rehab.with.dr.drew.s01e05.dsr.xvid-omicron.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.With.Dr.Drew.S01E05.REAL.DSR.XViD-OMiCRON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.With.Dr.Drew.S01E07.DSR.XViD-OMiCRON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sex.Rehab.With.Dr.Drew.S01E08.DSR.XViD-YesTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Smallville.S07.DVDRip.XviD-ORPHEUS.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Smallville.S07.DVDRip.XviD-ORPHEUS.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E01.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sober.House.S01E02.PDTV.XviD-KRS.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E03.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E04.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E05.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E06.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\SOBER.HOUSE.S01E07.XviD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sunny Philadelphia Season 1.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sunny Philadelphia Season 1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Sunny Philadelphia Season 2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E01 - 2005-10-04.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E02 - 2005-10-11.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E03 - 2005-10-18.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E04 - 2005-10-25.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E05 - 2005-11-01.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E06 - 2005-11-08.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E07 - 2005-11-15.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E08 - 2005-11-22.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E09 - 2005-11-29.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E10 - 2005-12-06.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E11 - 2005-12-13.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E12 - 2005-12-20.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Adam Carolla Project - S01E13 - 2005-12-20.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The Mentalist.s01e02.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.60th.Annual.Primetime.Emmy.Awards.HDTV.XviD-XOXO.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.61st.Annual.Primetime.Emmy.Awards.HDTV.XviD-CD1-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.61st.Annual.Primetime.Emmy.Awards.HDTV.XviD-CD2-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.0218..xvid.notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.0223.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.110.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.117.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.206.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s01e09.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s01e14.hdtv.xvid-xor.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s01e14.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s01e16.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e01.real.proper.hdtv.xvid-notv.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e01.real.proper.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e02.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e03.hdtv.xvid-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e04.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E05.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E08.HDTV.XviD.FOV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e10.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e12.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E13.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e14.hdtv.xvid-xor.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e14.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E15.HDTV.XviD-2HD.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E15.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e16.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e17.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e19.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e20.hdtv.xvid-vain.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s02e21.proper.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S02E22.PROPER.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E01.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e02.hdtv.xvid-xii.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E03.The.Gothowitz.Deviation.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e04.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E05.HDTV.XviD-LOL.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E05.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e06.hdtv.xvid-fever.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E07.The.Guitarist.Amplification.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E08.The.Adhesive.Duck.Deficiency.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e09.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Big.Bang.Theory.S03E10.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e11.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e12.repack.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e13.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e14.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.big.bang.theory.s03e15.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.0610-yestv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.0611-yestv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.5.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.6.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.7.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.s01.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s05e10.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e01.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e02.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e03.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e06.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e07.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s06e09.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S06E13.PDTV.XviD-[NY2].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E01.PDTV.XviD-[NY2].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E07.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E08.PDTV.XviD-LMAO.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s07e13.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E14.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E15.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E17.PDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s07e18.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S07E19.PDTV.XViD-YesTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.biggest.loser.s08e06.pdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Biggest.Loser.S08E07.PDTV.XviD-CRiMSON.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.buried.life.s01e01.ws.dsr.xvid-dvsky.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.buried.life.s01e02.ws.dsr.xvid-dvsky.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.buried.life.s01e03.ws.dsr.xvid-dvsky.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Colbert.Report.05.12.2008.DSR.XviD-LMAO.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.mentalist.101.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.410.us.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.412.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.522.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s04e14.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s05e01.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E02.HDTV.XviD-LOL.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E03.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E04.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s05e05.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E06.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E07.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E09.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E10.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E11.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E12.HDTV.XviD-LOL.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E13.PROPER.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E14.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E15.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E16.HDTV.XviD-LOL.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E17.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E18.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E19.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E20.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E21.HDTV.XviD-LOL.[VTV].avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E23.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E24.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s05e25.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S05E26.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S06E09.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S06E10.HDTV.XviD-LOL.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S06E10.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S06E11.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s06e12.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.s06e13.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.S06E14.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.409.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.413.hdtv-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.508.hdtv.xvid-lol.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.US.S06E01.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.s06e02.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.US.S06E03.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.s06e04.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.s06e05.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the.office.us.s06e06.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.US.S06E07.Koi.Pond.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Office.US.S06E08.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Sarah.Silverman.Program.S01.DVD.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Sarah.Silverman.Program.S02.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The.Unit.S04E01.HDTV.XviD-LOL.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.1x11.the_pancake_batter_anomaly.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.1x12.the_jerusalem_duality.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.1x13.the_bat_jar_conjecture.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.1x15.the_shiksa_indeterminancy.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.2x07.the_panty_pinata_polarization.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\the_big_bang_theory.2x09.the_white_asparagus_triangulation.hdtv_xvid-fov.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\The_Office.4x11.Night_Out.REPACK.HDTV_XviD-FoV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e01.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e02.hdtv.xvid-fever.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e03.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e04.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E05.hdtv.xvid-2hd.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E05.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e06.hdtv.xvid-2hd.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E06.HDTV.XviD-2HD.avi.2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E06.HDTV.XviD-2HD.avi.3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e06.hdtv.xvid-2hd.avi.4.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E06.HDTV.XviD-2HD.avi.5.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\three.rivers.s01e06.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Three.Rivers.S01E08.The.Kindness.of.Strangers.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly Betty Season 2.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly Betty Season 2.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly Betty Season 3.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.0321.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.319.hdtv-0tv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.3x02.Filing.For.The.Enemy.HDTV.XviD-FoV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s02e11.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s02e12.hdtv.xvid-notv.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s02e13.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S02E14.Twenty-Four.Candles.PROPER.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E01.The.Manhattan.Project.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E03.HDTV.XViD-DOT.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E04.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e05.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e06.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E07.HDTV.XviD-McCain.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e08.hdtv.xvid-dot.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E09.HDTV.XviD-NoTV.avi.1.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E09.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E10.Bad.Amanda.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e11.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e12.proper.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E13.HDTV.XviD-XOR.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E14.PROPER.HDTV.XviD-iCanHasProper.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E15.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e16.hdtv.xvid-2hd.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\ugly.betty.s03e17.hdtv.xvid-xor.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E18.A.Mother.of.a.Problem.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S03E20.Rabbit.Test.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E01-E02.The.Butterfly.Effect.REPACK.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E03.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E04.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E05.HDTV.XviD-NoTV.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E06.HDTV.XviD-P0W4.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E07.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E08.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E09.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E10.The.Passion.of.the.Betty.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E11.HDTV.XviD-FQM.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.S04E12.HDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Ugly.Betty.s04e13.Chica and the Man.hdtv.xvid-fqm.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\Undercover.Boss.US.S01E01.PDTV.XviD-2HD.avi.torrent
c:\documents and settings\Margaret\Application Data\uTorrent\utorrent-help.zip
c:\documents and settings\Margaret\Application Data\uTorrent\utorrent.chm
c:\documents and settings\Margaret\Application Data\uTorrent\utorrent.lng
c:\documents and settings\Margaret\Application Data\uTorrent\Welcome.Back.Kotter.One Flu Over The Cuckoo's Nest_dvdrip_xvid_ekolb.avi.torrent
c:\program files\uTorrent
c:\windows\System32\rujabogi

.
--------------- FCopy ---------------

c:\windows\SoftwareDistribution\SelfUpdate\wuauclt.exe --> c:\windows\System32\wuauclt.exe
.
((((((((((((((((((((((((( Files Created from 2010-01-16 to 2010-02-16 )))))))))))))))))))))))))))))))
.

2010-02-16 17:38 . 2009-08-07 01:24 53472 -c--a-w- c:\windows\system32\dllcache\wuauclt.exe
2010-02-16 17:38 . 2009-08-07 01:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2010-02-14 15:46 . 2010-02-14 15:46 -------- d-----w- C:\_OTL
2010-02-12 12:24 . 2004-08-10 10:13 73728 -c--a-w- c:\windows\system32\dllcache\ehresja.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresko.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresfr.dll
2010-02-12 12:24 . 2004-08-10 10:13 69632 -c--a-w- c:\windows\system32\dllcache\ehresde.dll
2010-02-12 12:22 . 2004-08-10 11:00 185344 -c--a-w- c:\windows\system32\dllcache\thawbrkr.dll
2010-02-12 12:21 . 2001-08-18 04:36 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-02-12 12:20 . 2004-08-10 11:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdheb.dll
2010-02-12 12:19 . 2004-08-10 11:00 7168 -c--a-w- c:\windows\system32\dllcache\f3ahvoas.dll
2010-02-12 12:18 . 2004-08-10 11:00 29184 -c--a-w- c:\windows\system32\dllcache\asptxn.dll
2010-02-12 06:32 . 2004-08-10 11:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-02-12 06:32 . 2004-08-10 11:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-02-12 03:46 . 2004-08-10 11:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\WDICA.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDRELI.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDFRAME.sys
2010-02-12 02:11 . 2010-02-12 02:11 97344 ----a-w- c:\windows\system32\drivers\PDCOMP.sys
2010-02-11 19:42 . 2004-08-10 11:00 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll
2010-02-11 19:42 . 2004-08-10 11:00 20480 -c--a-w- c:\windows\system32\dllcache\inetwiz.exe
2010-02-11 19:42 . 2004-08-10 11:00 86016 -c--a-w- c:\windows\system32\dllcache\icwconn2.exe
2010-02-11 19:42 . 2004-08-10 11:00 214528 -c--a-w- c:\windows\system32\dllcache\icwconn1.exe
2010-02-11 13:04 . 2010-02-11 13:04 -------- d-----w- c:\windows\dell
2010-02-10 21:05 . 2010-02-10 21:05 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Threat Expert
2010-02-10 21:05 . 2010-02-13 13:53 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Freecorder
2010-02-10 19:18 . 2010-02-10 19:19 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\dtband.dll
2010-02-10 13:24 . 2009-05-27 00:08 554456 ----a-w- c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\extensions\{4E77EDAD-9566-4089-88D1-C81498CEE770}\comcasttb.dll
2010-02-10 13:20 . 2010-02-10 13:25 -------- d-----w- c:\documents and settings\Margaret\Application Data\CallingID
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\Common Files\scanner
2010-02-10 13:20 . 2010-02-10 13:20 -------- d-----w- c:\program files\CA
2010-02-10 13:19 . 2010-02-10 13:26 -------- d-----w- c:\documents and settings\Margaret\Application Data\comcasttb
2010-02-10 13:19 . 2010-02-10 13:20 -------- d-----w- c:\program files\comcasttb
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\AntiVirus Plus
2010-02-10 03:58 . 2010-02-10 03:58 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-06 20:11 . 2010-02-06 20:11 -------- d-----w- c:\documents and settings\Margaret\Application Data\GARMIN
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\Garmin GPS Plugin
2010-02-06 20:00 . 2010-02-06 20:00 -------- d-----w- c:\program files\DIFX
2010-02-06 19:59 . 2010-02-06 19:59 -------- d-----w- c:\program files\Garmin
2010-01-23 06:13 . 2010-01-23 06:13 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\Threat Expert
2010-01-22 19:39 . 2010-01-21 23:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-01-22 19:39 . 2010-01-21 23:21 767952 ----a-w- c:\windows\BDTSupport.dll
2010-01-22 19:39 . 2008-11-26 18:08 131 ----a-w- c:\windows\IDB.zip
2010-01-22 19:39 . 2010-01-21 23:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-01-22 19:39 . 2010-01-21 23:21 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-01-22 19:39 . 2009-10-28 07:36 1152444 ----a-w- c:\windows\UDB.zip
2010-01-22 19:37 . 2009-10-30 17:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-22 19:37 . 2009-11-09 17:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-22 19:37 . 2009-10-06 22:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-22 19:37 . 2009-09-03 15:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-22 19:37 . 2010-02-16 13:30 -------- d-----w- c:\program files\Spyware Doctor
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-22 19:37 . 2010-01-22 19:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Tools
2010-01-22 19:29 . 2010-01-22 19:29 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-01-22 19:22 . 2010-01-22 19:22 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-01-22 18:46 . 2010-01-22 18:46 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-01-22 06:00 . 2010-01-23 14:18 -------- d-----w- c:\documents and settings\Margaret\Local Settings\Application Data\tbwubs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-16 17:23 . 2008-07-15 12:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-16 13:59 . 2008-01-28 02:12 -------- d-----w- c:\program files\Soulseek
2010-02-16 13:59 . 2007-01-08 14:41 -------- d-----w- c:\program files\BitLord
2010-02-13 14:01 . 2005-08-16 10:41 88183 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-12 11:34 . 2005-08-16 10:38 34332 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-02-12 11:34 . 2010-02-12 11:34 1663 ----a-w- c:\windows\inf\COME7.tmp
2010-02-12 03:35 . 2010-02-12 03:35 1663 ----a-w- c:\windows\inf\COME0.tmp
2010-02-11 23:02 . 2006-12-21 17:53 87448 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-11 18:52 . 2008-07-15 12:45 66560 --sha-w- c:\documents and settings\All Users\Application Data\ExtendMedia\Media Agent\ac.dll
2010-02-10 13:21 . 2009-06-18 05:01 144162 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\uninstall.exe
2010-02-10 13:21 . 2007-04-09 12:07 -------- d--h--w- c:\documents and settings\Margaret\Application Data\Move Networks
2010-02-10 13:21 . 2009-12-18 03:27 5603776 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
2010-02-06 05:07 . 2007-03-05 03:12 -------- d-----w- c:\program files\Semagic
2010-02-05 04:49 . 2008-01-15 19:51 -------- d-----w- c:\program files\dl_Cats
2009-12-18 03:27 . 2009-12-18 03:27 97216 ----a-w- c:\documents and settings\Margaret\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe
2008-08-16 22:42 . 2008-08-16 22:42 13112 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-08-16 22:42 . 2008-08-16 22:42 70456 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-08-16 22:42 . 2008-08-16 22:42 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-08-16 22:42 . 2008-08-16 22:42 20800 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-08-16 22:43 . 2008-08-16 22:43 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-08-16 22:42 . 2008-08-16 22:42 31032 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-08-16 22:42 . 2008-08-16 22:42 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2008-05-21 13:41 . 2008-05-21 13:41 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2008-05-21 13:41 . 2008-05-21 13:41 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2008-05-21 13:41 . 2008-05-21 13:41 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2007-12-10 23:40 . 2007-12-10 23:40 6275816 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2008-06-05 18:58 . 2008-06-05 18:58 648504 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-08-16 22:42 . 2008-08-16 22:42 23864 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2007-01-26 21:27 . 2007-01-26 21:27 88 --sha-r- c:\windows\system32\0614CBF952.sys
2007-01-26 21:27 . 2007-01-26 21:27 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-02-16_13.50.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-16 17:23 . 2010-02-16 17:23 16384 c:\windows\temp\Perflib_Perfdata_9f8.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2009-11-13 05:37 2166296 ----a-w- c:\program files\Freecorder\tbFre0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-11-13 2166296]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"OE_OEM"="c:\program files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [2006-08-04 321040]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-22 761947]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"DLCFCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2006-10-20 73728]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-17 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"SigmatelSysTrayApp"="stsystra.exe" [2006-09-22 282624]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-12-21 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\dlcfcoms.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [1/22/2010 1:37 PM 207792]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 11:49 AM 616408]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [1/22/2010 1:39 PM 112592]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [9/25/2006 3:26 PM 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [9/25/2006 3:26 PM 280392]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [1/16/2008 2:57 PM 814728]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [9/25/2006 3:26 PM 345696]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [9/25/2006 3:26 PM 923216]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [9/25/2006 3:26 PM 566872]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/22/2010 1:37 PM 359624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 20:42]

2010-02-16 c:\windows\Tasks\User_Feed_Synchronization-{40379DF7-DA1A-431E-911E-F4133F2153AE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6061221
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
IE: Copy to Semagic - c:\program files\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: Semagic - c:\program files\Semagic\link.htm
DPF: {3785F3BF-8770-47EE-AB71-665805C608C3} - hxxps://www.scribe.com/MT.Net/InetWord/packages/InetWord.CAB
FF - ProfilePath - c:\documents and settings\Margaret\Application Data\Mozilla\Firefox\Profiles\9c82lxwj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\Margaret\Application Data\Move Networks\plugins\npqmp071706000001.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmusicn.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 11:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCFCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1300)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
Completion time: 2010-02-16 11:51:23
ComboFix-quarantined-files.txt 2010-02-16 17:51
ComboFix2.txt 2010-02-16 13:52
ComboFix3.txt 2010-02-16 02:31

Pre-Run: 8,034,590,720 bytes free
Post-Run: 7,993,458,688 bytes free

Current=5 Default=5 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 72444A3418084022E4135F38C21E26EC
  • 0

Advertisements

#71
heir
Posted 16 February 2010 - 01:47 PM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Let's run a couple of scanners also.

Step 1.
OTL-fix:

Run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Files
c:\program files\Soulseek
c:\program files\BitLord
c:\program files\Viewpoint
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post the OTL fixlog
Step 2.
Scan with MBAM:

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


Step 3.
Scan with Kaspersky Online Scanner:

Please do an online scan with Kaspersky Online Scanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

Upgrading Java:

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of JDK 6 Update 18 (JDK or JRE).
  • Click the "Download JRE" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u18-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u18-windows-i586.exe and select "Run as an Administrator.")

Step 4.
Things I would like to see in your reply:

  • The content of the fixlog from OTL from Step 1.
  • The content of the report from MBAM from Step 2.
  • The content of the report from Kaspersky Online Scanner from Step 3.
  • Information on how your computer is running.

Edited by heir, 16 February 2010 - 01:53 PM.
spelling

  • 0

#72
magaggie
Posted 17 February 2010 - 07:40 AM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
I have the OTL fixlog and the MBAM report. Kaspersky has been scanning for 2 hours and is only at 50%. I need to leave soon and won't be back for about 8 hours, so I thought I'd at least send the first 2 steps before I go.

All processes killed
========== FILES ==========
c:\program files\Soulseek folder moved successfully.
c:\program files\BitLord\Torrents folder moved successfully.
c:\program files\BitLord\rules folder moved successfully.
c:\program files\BitLord\lang folder moved successfully.
c:\program files\BitLord\Downloads folder moved successfully.
c:\program files\BitLord folder moved successfully.
File\Folder c:\program files\Viewpoint not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33100 bytes

User: Margaret
->Temp folder emptied: 301409 bytes
->Temporary Internet Files folder emptied: 1609746 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34532081 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: V_Vhris
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24876 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 35.00 mb


OTL by OldTimer - Version 3.1.28.0 log created on 02162010_155454

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Margaret\Local Settings\Temp\~DFA79D.tmp not found!
File\Folder C:\Documents and Settings\Margaret\Local Settings\Temp\~DFA7D8.tmp not found!

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.44
Database version: 3747
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

2/16/2010 4:25:19 PM
mbam-log-2010-02-16 (16-25-19).txt

Scan type: Quick Scan
Objects scanned: 139314
Time elapsed: 13 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Margaret\Local Settings\Application Data\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\drivers\WDICA.sys (Trojan.Proxy.Saturn) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\PDCOMP.sys (Trojan.Proxy.Saturn) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\PDFRAME.sys (Trojan.Proxy.Saturn) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\PDRELI.sys (Trojan.Proxy.Saturn) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\PDRFRAME.sys (Trojan.Proxy.Saturn) -> Quarantined and deleted successfully.
C:\WINDOWS\kbgrms32.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Documents and Settings\Margaret\Local Settings\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
  • 0

#73
heir
Posted 17 February 2010 - 07:43 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
That's OK!

Kaspersky will take a while. :)
  • 0

#74
magaggie
Posted 17 February 2010 - 07:40 PM

magaggie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
Finally! Here is the Kaspersky report:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, February 17, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, February 17, 2010 16:47:12
Records in database: 3545693
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 79836
Threats found: 13
Infected objects found: 35
Suspicious objects found: 0
Scan duration: 04:08:08


File name / Threat / Threats count
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\47.tmp Infected: Trojan-Downloader.Win32.Small.aoxi 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B4.tmp Infected: Trojan-Clicker.Win32.VBiframe.aul 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B5.tmp Infected: Packed.Win32.TDSS.z 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B6.tmp Infected: Packed.Win32.Krap.an 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B7.tmp Infected: Packed.Win32.Krap.x 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7CA.tmp Infected: Packed.Win32.Krap.x 1
C:\Qoobox\Quarantine\C\Program Files\InternetSecurity2010\IS2010.exe.vir Infected: Trojan.Win32.FraudPack.akyf 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\asc3550p.sys.vir Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\PCIDump.sys.vir Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\spool\prtprocs\w32x86\0000091e.tmp.vir Infected: Trojan-Downloader.Win32.Agent.dbsd 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0000001.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0000004.exe Infected: Trojan-Downloader.Win32.FraudLoad.gli 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0001001.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0001003.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0001005.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0001007.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0002007.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0002010.exe Infected: Trojan-Downloader.Win32.FraudLoad.gli 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0002017.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005035.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005037.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005039.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005042.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005047.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005121.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005194.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005305.exe Infected: Trojan.Win32.FraudPack.akyf 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP0\A0005322.sys Infected: Trojan-Proxy.Win32.Saturn.jt 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1\A0005703.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.631 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\bametusi.dll Infected: Trojan.Win32.Tdss.avzr 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\gunojuli.dll Infected: Trojan.Win32.Tdss.avwv 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\helper32.dll Infected: Packed.Win32.Krap.an 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\smss32.exe Infected: Trojan-Downloader.Win32.FraudLoad.gli 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\vivodiha.dll Infected: Trojan.Win32.Monder.cyfs 1
C:\_OTL\MovedFiles\02142010_094612\C_WINDOWS\system32\winlogon32.exe Infected: Trojan-Downloader.Win32.FraudLoad.gli 1

Selected area has been scanned.


Still getting the msfeedssync errors, and I get "The requested lookup key was not found in any active activation context" in Internet Explorer.

Should I still hold off on updating windows?
  • 0

#75
heir
Posted 18 February 2010 - 01:29 AM

heir

    Trusted Helper

  • Malware Removal
  • 5,427 posts
Hey there, magaggie !
We finally got there :)

Should I still hold off on updating windows?

Yes, wait until you've done this post.

OK! Well done, your log is clean again! :)
The things Kaspersky found is quarantined objects that we'll take care of in this post.

Time for some housekeeping.

Step 1.
Clean up:

We need to do is to remove all the tools that you have used. This is so that should you ever be re-infected, you will download updated versions. It will also remove the quarantined Malware from your computer.

First:

These should be removed:

C:\Program Files\Trend Micro\Internet Security 14\Quarantine\47.tmp Infected: Trojan-Downloader.Win32.Small.aoxi 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B4.tmp Infected: Trojan-Clicker.Win32.VBiframe.aul 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B5.tmp Infected: Packed.Win32.TDSS.z 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B6.tmp Infected: Packed.Win32.Krap.an 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7B7.tmp Infected: Packed.Win32.Krap.x 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7CA.tmp Infected: Packed.Win32.Krap.x 1


Delete files in the quarantine folder by doing the following:
  • Open PC-cillin Internet Security by double-clicking on the PC-cillin icon on the taskbar. You can also click Start >Programs >Trend Micro Antivirus >Trend Micro Antivirus.
  • Click on System > Quarantine.
  • Click on the file you want to delete and click the Delete button.
  • If you want to delete all files in the quarantine folder, click on Delete All.

Second:

  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.
    Posted Image


Third:
Double-click OTL.exe to run it.
Click the CleanUp button
Click Yes to the reboot.

Now delete any tools/logs that is left over after you ran OTL CleanUp.


Step 2.
Prevention:

OK, lets carry out a few preventative steps to make sure you reduce the risk of further infections.

First:
Your Adobe Acrobat Reader is out of date. Older versions are vulnerable to attack.

Please go to the link below to download an update.

http://www.adobe.com.../readstep2.html

Remove the older versions and install the latest,


Second:
One of the essentials is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

Automatic Updates for Windows
  • Click Start.
  • Select Settings and then Control Panel.
  • Select Automatic Updates.
  • Click Automatic (recommended)
  • Choose a day and a time when you know the computer will be on and connected to the internet.
  • Click Apply then OK.


Third:
Now lets download some preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running each at least once a month.

Anti Spyware
  • SpywareBlaster to help prevent spyware from installing in the first place. A tutorial can be found here.
  • SpywareGuard to catch and block spyware before it can execute. A tutorial can be found here.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
.
Note: If you find your system slows down after installing any of these, just uninstall it, or disable it from running at startup.


Fourth:
Nearly done! If you like to use chat, MSN and Yahoo have vunerabilities that can leave you open to infections. There are however a couple of very good, Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN):

Instant Messengers
Lastly:
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.


I will keep this log open for the next couple of days, so if you have any further problems post another reply here.

Should I still hold off on updating windows?

No, you can let it update know.

Let me know if you still get those msfeedsync errors and the "The requested lookup key was not found in any active activation context" when you type an URL in IE.
And of course if you have any other issues.

Remember to provide the error messages/information that's presented.


OK, all the best, and stay safe!

Edited by heir, 18 February 2010 - 01:32 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP