I followed the steps in the guide and my results are as follows:
Malware bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4349
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928
7/25/2010 11:41:39 PM
mbam-log-2010-07-25 (23-41-39).txt
Scan type: Quick scan
Objects scanned: 193100
Time elapsed: 8 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-26 07:05:19
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\Vanessa\AppData\Local\Temp\fxrdifow.sys
---- Kernel code sections - GMER 1.0.15 ----
PAGE spsys.sys!?SPVersion@@3PADA + 1A67 81A5203F 240 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B58 81A52130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1B5F 81A52137 2214 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2406 81A529DE 47 Bytes [04, BB, A8, 01, 00, 00, 8D, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2436 81A52A0E 44 Bytes [05, 00, 00, 39, 54, 8D, D0, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!DialogBoxIndirectParamW 7666BD25 5 Bytes JMP 6A9F480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!CreateWindowExW 76673D67 5 Bytes JMP 6A8FDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!DialogBoxParamW 76681FD5 5 Bytes JMP 6A8254C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!DialogBoxParamA 766A80B2 5 Bytes JMP 6A9F47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!DialogBoxIndirectParamA 766A83DD 5 Bytes JMP 6A9F4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!MessageBoxIndirectA 766BD471 5 Bytes JMP 6A9F4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!MessageBoxIndirectW 766BD56B 5 Bytes JMP 6A9F46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!MessageBoxExA 766BD5D1 5 Bytes JMP 6A9F4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[612] USER32.dll!MessageBoxExW 766BD5F5 5 Bytes JMP 6A9F4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!SetWindowsHookExW 76667B69 5 Bytes JMP 6A8F9AC9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!CallNextHookEx 76668C33 5 Bytes JMP 6A8ED0ED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!DialogBoxIndirectParamW 7666BD25 5 Bytes JMP 6A9F480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!CreateWindowExW 76673D67 5 Bytes JMP 6A8FDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!DialogBoxParamW 76681FD5 5 Bytes JMP 6A8254C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!UnhookWindowsHookEx 766908BE 5 Bytes JMP 6A86467C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!DialogBoxParamA 766A80B2 5 Bytes JMP 6A9F47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!DialogBoxIndirectParamA 766A83DD 5 Bytes JMP 6A9F4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!MessageBoxIndirectA 766BD471 5 Bytes JMP 6A9F4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!MessageBoxIndirectW 766BD56B 5 Bytes JMP 6A9F46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!MessageBoxExA 766BD5D1 5 Bytes JMP 6A9F4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] USER32.dll!MessageBoxExW 766BD5F5 5 Bytes JMP 6A9F4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] ole32.dll!OleLoadFromStream 75AB9726 5 Bytes JMP 6A9F4B77 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2160] ole32.dll!CoCreateInstance 75AEE188 5 Bytes JMP 6A8FDB78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!SetWindowsHookExW 76667B69 5 Bytes JMP 6A8F9AC9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!CallNextHookEx 76668C33 5 Bytes JMP 6A8ED0ED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxIndirectParamW 7666BD25 5 Bytes JMP 6A9F480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!CreateWindowExW 76673D67 5 Bytes JMP 6A8FDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxParamW 76681FD5 5 Bytes JMP 6A8254C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!UnhookWindowsHookEx 766908BE 5 Bytes JMP 6A86467C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxParamA 766A80B2 5 Bytes JMP 6A9F47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!DialogBoxIndirectParamA 766A83DD 5 Bytes JMP 6A9F4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxIndirectA 766BD471 5 Bytes JMP 6A9F4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxIndirectW 766BD56B 5 Bytes JMP 6A9F46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxExA 766BD5D1 5 Bytes JMP 6A9F4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] USER32.dll!MessageBoxExW 766BD5F5 5 Bytes JMP 6A9F4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] ole32.dll!OleLoadFromStream 75AB9726 5 Bytes JMP 6A9F4B77 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2456] ole32.dll!CoCreateInstance 75AEE188 5 Bytes JMP 6A8FDB78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 7/26/2010 7:24:59 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Vanessa\Desktop\G2G Malware Guide
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 81.44 Gb Free Space | 28.37% Space Free | Partition Type: NTFS
Drive D: | 11.01 Gb Total Space | 7.68 Gb Free Space | 69.74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 959.72 Mb Total Space | 816.38 Mb Free Space | 85.06% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VANESSA-PC
Current User Name: Vanessa
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/25 19:27:12 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Vanessa\Desktop\G2G Malware Guide\OTL.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/10 11:21:05 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/07/25 19:27:12 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Vanessa\Desktop\G2G Malware Guide\OTL.exe
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 22:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/07/06 15:08:06 | 000,711,352 | ---- | M] () [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2010/07/06 15:08:06 | 000,711,352 | ---- | M] () [Auto | Stopped] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/09 17:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/06/10 03:57:36 | 000,431,384 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/07/27 13:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/17 20:11:57 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/07/17 20:11:57 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/07/17 20:11:55 | 000,132,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/07/17 20:11:54 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/01/12 06:42:22 | 000,241,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/10/09 23:31:02 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\7798878.sys -- (KKdrv)
DRV - [2009/09/08 10:40:14 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/26 08:00:02 | 000,064,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/10/24 12:43:12 | 000,342,016 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2008/10/09 16:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/07/27 19:03:42 | 000,018,816 | ---- | M] (RIF) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2008/04/17 10:36:02 | 000,039,424 | ---- | M] (iolo technologies, LLC) [Kernel | Auto | Running] -- C:\Windows\System32\xpacket.sys -- (XPacket)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/08/10 11:08:48 | 000,024,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2007/07/27 13:50:22 | 000,329,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/27 10:41:46 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2007/05/23 20:37:40 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/05/06 10:34:02 | 000,057,344 | ---- | M] (XSS) [Kernel | On_Demand | Stopped] -- C:\Windows\SMINST\virtdisk.sys -- (VirtDisk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2008/07/02 14:48:39 | 000,001,083 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileSharing = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.112.12
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/12 23:47:14 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/05/18 17:29:02 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk autopartnt) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/07/26 00:30:40 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Avira
[2010/07/26 00:24:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/07/26 00:24:21 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/07/26 00:24:21 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/07/26 00:24:21 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/07/26 00:24:21 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/07/26 00:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/07/26 00:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/07/25 23:31:10 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Malwarebytes
[2010/07/25 23:31:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/07/25 23:31:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/07/25 23:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/25 23:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/25 23:29:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/25 23:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/25 21:45:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/07/25 21:42:55 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Google
[2010/07/25 20:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/07/25 20:03:15 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\G2G Malware Guide
[2010/07/25 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\HRBlock
[2010/07/25 15:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\DeductionPro 2009
[2010/07/24 17:46:37 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\Lang
[2010/07/24 17:46:37 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\HDMI
[2010/07/24 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\Graphics
[2010/07/24 05:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Verizon Shared
[2010/07/24 05:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Wi-Fi Connect
[2010/07/24 05:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Wi-Fi Connect
[2010/07/24 05:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WEngineLite
[2010/07/23 02:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2010/07/19 10:41:10 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\AMERICAN LEGION
[2010/07/19 10:28:41 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\PeerNetworking
[2010/07/19 10:28:37 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Identities
[2010/07/18 19:14:03 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Ashampoo
[2010/07/18 19:13:56 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\ashampoo
[2010/07/18 19:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010/07/18 19:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2010/07/18 19:12:54 | 008,669,936 | ---- | C] (ashampoo GmbH & Co. KG ) -- C:\Users\Vanessa\Desktop\ashampoo_burning_studio_6_free_6.77_4280.exe
[2010/07/18 19:11:01 | 000,335,872 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\dvdauthor.ocx
[2010/07/18 19:11:01 | 000,233,472 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomdvdimg.dll
[2010/07/18 19:11:00 | 002,078,952 | ---- | C] (Rocket Division Software) -- C:\Windows\System32\starburnx.dll
[2010/07/18 19:11:00 | 000,266,240 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\VideoEdit.ocx
[2010/07/18 19:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Cheetah Burner
[2010/07/18 19:10:20 | 010,381,184 | ---- | C] (Cheetah Websites Corporation) -- C:\Users\Vanessa\Desktop\CheetahDVDBurner.exe
[2010/07/18 12:02:31 | 000,000,000 | ---D | C] -- C:\FROM D DRIVE
[2010/07/17 20:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2010/07/17 20:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2010/07/17 20:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2010/07/17 19:55:45 | 000,000,000 | RHSD | C] -- C:\desktop.ini
[2010/07/17 14:03:08 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\backups
[2010/07/17 01:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/07/16 21:27:48 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\ximage
[2010/07/16 02:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2010/07/16 02:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2010/07/16 00:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2010/07/15 22:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010/07/14 20:04:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RegRunInfo
[2010/07/14 00:56:59 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Help
[2010/07/14 00:56:59 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\Help
[2010/07/13 13:10:22 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\Windows\System32\iavlsp.dll
[2010/07/13 13:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\System Mechanic Professional
[2010/07/13 12:51:05 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\DriveLookScans
[2010/07/09 02:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Runtime Software
[2010/07/09 02:51:03 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe
[2010/07/08 23:05:15 | 000,000,000 | R--D | C] -- C:\Users\Vanessa\Desktop\Fixes
[2010/06/21 14:31:18 | 000,000,000 | ---D | C] -- C:\System Mechanic Professional
[2010/06/21 14:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2010/06/21 06:56:53 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\MigWiz
[2010/06/19 10:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/06/18 16:35:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/18 12:31:02 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Regrun
[2010/06/18 11:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/06/18 01:12:01 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\NeoSmart_Technologies
[2010/06/18 01:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2010/06/17 18:04:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/06/17 13:24:23 | 000,000,000 | ---D | C] -- C:\RegRunSuite
[2010/06/17 12:59:21 | 000,000,000 | ---D | C] -- C:\Windows\RestoreSafeDeleted
[2010/06/16 03:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/15 10:53:22 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\DELETED PROFILES
[2010/06/01 03:28:19 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\CyberLink
[2010/06/01 02:50:36 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\VanessaK
[2010/06/01 02:37:48 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\Security
[2010/06/01 02:37:48 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\regruninfo
[2010/06/01 02:37:21 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\INCINERATE
[2010/06/01 02:37:05 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\VANESSAK_D0CUMENTS
[2010/06/01 02:00:25 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\Van_Working 2 DELETE
[2010/06/01 01:16:51 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\VanessaK Profile
[2010/06/01 00:33:04 | 000,000,000 | R--D | C] -- C:\Users\Vanessa\Desktop\Trey's Profile
[2010/05/31 21:39:21 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\OneNote Notebooks
[2010/05/31 21:34:34 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Documents\vista business
[2010/05/30 03:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2010/05/25 22:37:45 | 000,114,176 | R--- | C] (Soeperman Enterprises Ltd.) -- C:\CWShredder.exe
[2010/05/25 01:05:08 | 000,000,000 | ---D | C] -- C:\COLLECTION OF FILES
[2010/05/24 19:33:43 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO(6011)
[2010/05/24 01:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\ThreatFire
[2010/05/24 01:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/20 17:53:37 | 000,000,000 | ---D | C] -- C:\Sigcheck
[2010/05/20 05:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/05/18 23:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/05/18 23:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\NetworkView36
[2010/05/17 03:27:52 | 000,000,000 | ---D | C] -- C:\Program Files\Camera Assistant Software for Gateway
[2010/05/11 19:58:51 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\Jobs
[2010/05/07 22:04:46 | 000,005,183 | ---- | C] (USB Compliance) -- C:\Windows\System32\drivers\usbu2a.sys
[2010/05/07 22:04:42 | 000,000,000 | ---D | C] -- C:\USBStorage
[2010/05/05 09:54:06 | 002,268,176 | ---- | C] (Greatis Software ) -- C:\platinum.exe
[2010/05/02 02:27:55 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\CBS Interactive
[2010/05/02 00:53:01 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\VS Revo Group
[2010/04/30 22:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\ACD Systems
[2010/04/30 21:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/04/30 01:00:00 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\Smart_PC_Utilities,_Ltd
[2010/04/29 22:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PC Utilities
========== Files - Modified Within 90 Days ==========
[2010/07/26 07:46:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D336E997-2683-435F-AEED-A8449D48D900}.job
[2010/07/26 07:43:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9F83ADC4-8532-4E54-949C-872C897B1CAB}.job
[2010/07/26 07:42:59 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0075AEE1-0425-4C85-8628-7E3DB183DB36}.job
[2010/07/26 07:25:14 | 002,883,584 | ---- | M] () -- C:\Users\Vanessa\ntuser.dat
[2010/07/26 07:09:43 | 000,778,064 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/26 07:09:43 | 000,658,794 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/26 07:09:43 | 000,122,694 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/26 06:00:52 | 000,005,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/26 06:00:52 | 000,005,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/26 03:12:04 | 000,149,951 | ---- | M] () -- C:\Users\Vanessa\Desktop\2009 Tax Return Alphonso Ball.pdf
[2010/07/26 03:10:05 | 000,001,786 | ---- | M] () -- C:\Users\Public\Desktop\H&R Block 2009.lnk
[2010/07/26 01:47:34 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C3B4BF9-858D-4510-827E-ADCDBFBDA951}.job
[2010/07/26 00:24:35 | 000,001,811 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/07/26 00:00:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/26 00:00:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/25 23:58:06 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 23:58:06 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TM.blf
[2010/07/25 23:58:04 | 001,448,964 | -H-- | M] () -- C:\Users\Vanessa\AppData\Local\IconCache.db
[2010/07/25 23:45:50 | 000,389,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/25 23:31:04 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/25 23:27:27 | 000,000,697 | ---- | M] () -- C:\Users\Vanessa\Desktop\NTREGOPT.lnk
[2010/07/25 23:27:27 | 000,000,678 | ---- | M] () -- C:\Users\Vanessa\Desktop\ERUNT.lnk
[2010/07/25 23:10:17 | 000,000,244 | ---- | M] () -- C:\Windows\win.ini
[2010/07/25 22:47:43 | 000,484,341 | ---- | M] () -- C:\Users\Vanessa\Documents\2009 AlphonsoBall Tax Return.pdf
[2010/07/25 22:42:48 | 000,000,141 | ---- | M] () -- C:\Windows\wpd99.drv
[2010/07/25 22:37:55 | 000,149,946 | ---- | M] () -- C:\Users\Vanessa\Documents\Alphonso Ball 2009 Tax Return_T09_For_Filing.pdf
[2010/07/25 21:56:41 | 000,249,856 | ---- | M] (TODO: <Company name>) -- C:\Windows\System32\pdfmona.dll
[2010/07/25 21:56:41 | 000,051,716 | ---- | M] () -- C:\Windows\System32\pdf995mon.dll
[2010/07/25 21:30:40 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 20:52:38 | 000,000,028 | ---- | M] () -- C:\Windows\pdf995.ini
[2010/07/25 16:01:10 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 16:01:10 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TM.blf
[2010/07/25 15:17:19 | 000,001,561 | ---- | M] () -- C:\Users\Public\Desktop\DeductionPro 2009.lnk
[2010/07/25 15:05:25 | 000,048,044 | ---- | M] () -- C:\Users\Vanessa\Desktop\Hack_biosinfo.inf
[2010/07/24 17:16:31 | 000,005,632 | ---- | M] () -- C:\Users\Vanessa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/24 16:52:30 | 000,000,052 | ---- | M] () -- C:\Windows\System32\winpeshl.ini
[2010/07/24 06:43:38 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/24 06:26:25 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/24 06:26:25 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TM.blf
[2010/07/24 05:11:07 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\HotSpot Search.lnk
[2010/07/24 00:36:41 | 000,008,128 | ---- | M] () -- C:\Users\Vanessa\Desktop\Evelyn.xml
[2010/07/23 13:26:22 | 000,017,739 | ---- | M] () -- C:\Users\Vanessa\Desktop\Evelyn D.docx
[2010/07/23 02:42:51 | 000,001,803 | ---- | M] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic Professional.lnk
[2010/07/23 02:42:51 | 000,001,779 | ---- | M] () -- C:\Users\Vanessa\Desktop\System Mechanic Professional.lnk
[2010/07/22 19:36:08 | 000,008,492 | ---- | M] () -- C:\Users\Vanessa\Desktop\MEMBER ROSTER.xlsx
[2010/07/20 20:14:57 | 000,105,752 | ---- | M] () -- C:\Users\Vanessa\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/20 20:12:31 | 000,002,088 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100720_201228.reg
[2010/07/20 20:12:06 | 000,020,076 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100720_201158.reg
[2010/07/20 14:23:40 | 000,278,528 | ---- | M] () -- C:\Users\Vanessa\Desktop\New Microsoft Office Access 2007 Database.accdb
[2010/07/20 13:57:42 | 000,000,902 | ---- | M] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/07/20 03:28:35 | 000,001,594 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100720_032828.reg
[2010/07/20 03:27:16 | 000,006,730 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100720_032650.reg
[2010/07/19 10:28:42 | 000,023,580 | ---- | M] () -- C:\Users\Vanessa\AppData\Roaming\UserTile.png
[2010/07/18 19:55:07 | 3163,193,344 | ---- | M] () -- C:\Users\Vanessa\Documents\vistapremium.iso
[2010/07/18 19:13:56 | 000,000,984 | ---- | M] () -- C:\Users\Vanessa\Desktop\Ashampoo Burning Studio 6 FREE.lnk
[2010/07/18 19:13:56 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
[2010/07/18 19:13:01 | 008,669,936 | ---- | M] (ashampoo GmbH & Co. KG ) -- C:\Users\Vanessa\Desktop\ashampoo_burning_studio_6_free_6.77_4280.exe
[2010/07/18 19:11:00 | 000,001,675 | ---- | M] () -- C:\Users\Public\Desktop\Cheetah DVD Burner.lnk
[2010/07/18 19:10:44 | 010,381,184 | ---- | M] (Cheetah Websites Corporation) -- C:\Users\Vanessa\Desktop\CheetahDVDBurner.exe
[2010/07/18 12:26:56 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2010/07/18 08:04:28 | 000,002,032 | ---- | M] () -- C:\Users\Vanessa\Documents\saved cd key.reg
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.011
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.010
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.009
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.008
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.007
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.006
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.005
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.004
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.003
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.002
[2010/07/18 05:28:41 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.001
[2010/07/18 05:28:41 | 026,255,872 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_D.012
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.219
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.218
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.217
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.216
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.215
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.214
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.213
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.212
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.211
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.210
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.209
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.208
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.207
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.206
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.205
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.204
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.203
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.202
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.201
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.200
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.199
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.198
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.197
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.196
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.195
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.194
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.193
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.192
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.191
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.190
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.189
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.188
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.187
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.186
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.185
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.184
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.183
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.182
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.181
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.180
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.179
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.178
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.177
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.176
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.175
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.174
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.173
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.172
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.171
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.170
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.169
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.168
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.167
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.166
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.165
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.164
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.163
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.162
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.161
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.160
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.159
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.158
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.157
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.156
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.155
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.154
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.153
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.152
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.151
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.150
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.149
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.148
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.147
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.146
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.145
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.144
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.143
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.142
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.141
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.140
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.139
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.138
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.137
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.136
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.135
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.134
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.133
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.132
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.131
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.130
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.129
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.128
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.127
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.126
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.125
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.124
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.123
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.122
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.121
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.120
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.119
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.118
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.117
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.116
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.115
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.114
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.113
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.112
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.111
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.110
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.109
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.108
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.107
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.106
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.105
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.104
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.103
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.102
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.101
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.100
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.099
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.098
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.097
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.096
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.095
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.094
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.093
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.092
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.091
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.090
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.089
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.088
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.087
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.086
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.085
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.084
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.083
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.082
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.081
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.080
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.079
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.078
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.077
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.076
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.075
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.074
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.073
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.072
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.071
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.070
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.069
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.068
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.067
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.066
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.065
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.064
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.063
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.062
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.061
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.060
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.059
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.058
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.057
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.056
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.055
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.054
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.053
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.052
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.051
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.050
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.049
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.048
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.047
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.046
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.045
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.044
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.043
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.042
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.041
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.040
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.039
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.038
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.037
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.036
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.035
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.034
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.033
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.032
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.031
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.030
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.029
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.028
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.027
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.026
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.025
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.024
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.023
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.022
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.021
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.020
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.019
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.018
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.017
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.016
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.015
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.014
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.013
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.012
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.011
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.010
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.009
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.008
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.007
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.006
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.005
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.004
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.003
[2010/07/18 04:31:32 | 688,128,000 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.002
[2010/07/18 04:31:32 | 388,071,936 | ---- | M] () -- C:\Users\Vanessa\Documents\Drive_C.220
[2010/07/17 21:04:52 | 000,006,208 | ---- | M] () -- C:\Windows\System32\AutoPartNt.nam
[2010/07/17 21:04:52 | 000,000,924 | ---- | M] () -- C:\Windows\System32\AutoPartNt.scr
[2010/07/17 21:04:39 | 000,001,024 | ---- | M] () -- C:\Windows\System32\AutoPartNt.let
[2010/07/17 20:11:49 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image WD Edition.lnk
[2010/07/17 19:55:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/07/17 19:55:45 | 000,001,650 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2010/07/17 19:55:45 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2010/07/17 14:23:04 | 000,003,082 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100717_142244.reg
[2010/07/17 11:51:29 | 000,001,021 | ---- | M] () -- C:\Users\Vanessa\Desktop\Revo Uninstaller.lnk
[2010/07/17 01:44:12 | 000,001,000 | ---- | M] () -- C:\Users\Vanessa\Desktop\Auslogics Duplicate File Finder.lnk
[2010/07/17 01:36:42 | 000,070,798 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100717_013635.reg
[2010/07/16 22:21:13 | 000,065,760 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100716_222055messenger.reg
[2010/07/16 16:49:16 | 000,002,794 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100716_164848.reg
[2010/07/16 02:52:52 | 000,000,792 | ---- | M] () -- C:\Users\Vanessa\Desktop\WinDirStat.lnk
[2010/07/16 02:06:30 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/07/16 01:54:05 | 000,000,768 | ---- | M] () -- C:\Users\Vanessa\Desktop\CCleaner.lnk
[2010/07/16 00:29:21 | 000,001,858 | ---- | M] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2010/07/16 00:29:21 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010/07/15 22:28:32 | 000,001,598 | ---- | M] () -- C:\Users\Vanessa\Desktop\Recuva.lnk
[2010/07/15 22:00:17 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/15 21:46:14 | 000,000,036 | ---- | M] () -- C:\Users\Vanessa\AppData\Local\housecall.guid.cache
[2010/07/15 21:36:49 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/15 21:36:49 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TM.blf
[2010/07/15 21:35:01 | 000,000,386 | ---- | M] () -- C:\Windows\System32\ioloBootDefrag.cfg
[2010/07/14 21:30:24 | 000,001,531 | ---- | M] () -- C:\Users\Public\Desktop\Try AOL Today!.lnk
[2010/07/14 15:29:30 | 000,011,616 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100714_152903.reg
[2010/07/13 16:18:59 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/13 14:19:55 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/13 14:19:55 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/10 01:25:43 | 000,000,900 | ---- | M] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\DriveImage XML.lnk
[2010/07/10 01:25:43 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\DriveImage XML.lnk
[2010/07/09 05:24:10 | 000,001,050 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100709_052404.reg
[2010/07/09 05:22:49 | 000,002,481 | ---- | M] () -- C:\Users\Vanessa\Desktop\HiJackThis.lnk
[2010/07/09 05:14:51 | 000,024,576 | ---- | M] () -- C:\bcd_backup
[2010/07/06 15:44:34 | 000,094,384 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\IncContxMenu.dll
[2010/07/06 15:44:28 | 002,319,536 | ---- | M] () -- C:\Windows\System32\Incinerator.dll
[2010/06/27 15:16:56 | 009,245,985 | ---- | M] () -- C:\Users\Vanessa\Desktop\Windows6.0-KB941651-x86.msu
[2010/06/23 16:09:37 | 000,001,382 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100623_160850.reg
[2010/06/23 15:55:42 | 000,000,222 | ---- | M] () -- C:\Windows\rnr.rnr
[2010/06/21 15:57:01 | 000,003,202 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100621_155651.reg
[2010/06/21 09:34:59 | 000,011,622 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100621_093445.reg
[2010/06/21 06:54:22 | 000,009,114 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100621_065320.reg
[2010/06/20 14:55:51 | 000,149,112 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100620_145527again.reg
[2010/06/19 09:51:53 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\Startup Analyser.job
[2010/06/18 11:18:50 | 000,028,726 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100618_111749OfficeUnistall.reg
[2010/06/18 01:08:24 | 000,000,970 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 1.7.2.lnk
[2010/06/18 00:56:21 | 000,000,402 | -HS- | M] () -- C:\Users\Vanessa\Documents\desktop (2).ini
[2010/06/17 16:12:35 | 000,037,356 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100617_161016 after g 2.reg
[2010/06/17 14:26:50 | 000,031,932 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100617_142435 grooveleftover.reg
[2010/06/17 04:27:01 | 000,000,680 | ---- | M] () -- C:\Users\Vanessa\AppData\Local\d3d9caps.dat
[2010/06/16 16:34:26 | 000,001,340 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100616_163355vanessa4.reg
[2010/06/16 16:33:33 | 000,003,804 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100616_163306vanessa3.reg
[2010/06/16 16:32:14 | 000,189,240 | ---- | M] () -- C:\Users\Vanessa\Documents\cc_20100616_163124vanessa2.reg
[2010/06/04 05:59:34 | 000,002,622 | ---- | M] () -- C:\Windows\checkip.dat
[2010/06/04 05:51:10 | 000,003,576 | ---- | M] () -- C:\Windows\ipconfig.dat
[2010/06/01 20:20:46 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/06/01 20:20:46 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/05/20 17:51:21 | 000,017,155 | ---- | M] () -- C:\Users\Vanessa\Documents\5-50.xml
[2010/05/18 15:39:21 | 000,011,485 | ---- | M] () -- C:\Users\Vanessa\Documents\Hello Vanessa_rnt.docx
[2010/05/14 05:10:23 | 3162,505,216 | ---- | M] () -- C:\Users\Vanessa\Documents\VISTA_HOME.iso
[2010/05/13 20:55:55 | 000,000,299 | ---- | M] () -- C:\Program Files\APREG.url
[2010/05/05 09:54:06 | 002,268,176 | ---- | M] (Greatis Software ) -- C:\platinum.exe
[2010/05/03 22:58:45 | 000,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2010/05/02 10:07:22 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/05/02 10:07:22 | 000,065,536 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TM.blf
[2010/05/02 03:04:16 | 000,524,288 | -HS- | M] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/04/30 17:56:32 | 002,583,286 | ---- | M] () -- C:\Users\Vanessa\Documents\430systemreport.html
[2010/04/29 22:18:16 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 11:37:17 | 000,000,020 | -HS- | M] () -- C:\Users\Vanessa\ntuser.ini
========== Files Created - No Company Name ==========
[2010/07/26 03:11:59 | 000,149,951 | ---- | C] () -- C:\Users\Vanessa\Desktop\2009 Tax Return Alphonso Ball.pdf
[2010/07/26 00:24:35 | 000,001,811 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/07/25 23:31:04 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/25 23:27:27 | 000,000,697 | ---- | C] () -- C:\Users\Vanessa\Desktop\NTREGOPT.lnk
[2010/07/25 23:27:27 | 000,000,678 | ---- | C] () -- C:\Users\Vanessa\Desktop\ERUNT.lnk
[2010/07/25 22:47:41 | 000,484,341 | ---- | C] () -- C:\Users\Vanessa\Documents\2009 AlphonsoBall Tax Return.pdf
[2010/07/25 22:37:53 | 000,149,946 | ---- | C] () -- C:\Users\Vanessa\Documents\Alphonso Ball 2009 Tax Return_T09_For_Filing.pdf
[2010/07/25 21:56:41 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2010/07/25 20:57:48 | 000,066,617 | ---- | C] () -- C:\Users\Vanessa\Desktop\Alphonso Ball 2009 Tax Return.T09
[2010/07/25 20:52:38 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini
[2010/07/25 20:44:56 | 000,001,786 | ---- | C] () -- C:\Users\Public\Desktop\H&R Block 2009.lnk
[2010/07/25 19:48:34 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 19:48:34 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 19:48:34 | 000,065,536 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{ef1add99-9846-11df-8f25-001644b956d0}.TM.blf
[2010/07/25 15:17:19 | 000,001,561 | ---- | C] () -- C:\Users\Public\Desktop\DeductionPro 2009.lnk
[2010/07/25 15:05:25 | 000,048,044 | ---- | C] () -- C:\Users\Vanessa\Desktop\Hack_biosinfo.inf
[2010/07/25 14:53:55 | 000,017,313 | ---- | C] () -- C:\Users\Vanessa\Desktop\SHARONDA JOHNSON 2009 Tax Return.T09
[2010/07/25 14:52:00 | 000,417,141 | ---- | C] () -- C:\Users\Vanessa\Desktop\Alphonso Ball 2008 Tax Return_T08_For_Records.pdf
[2010/07/24 16:52:30 | 000,000,052 | ---- | C] () -- C:\Windows\System32\winpeshl.ini
[2010/07/24 06:28:15 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/24 06:28:15 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/24 06:28:15 | 000,065,536 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{9bec7ce7-970d-11df-a7ae-806e6f6e6963}.TM.blf
[2010/07/24 05:11:07 | 000,000,856 | ---- | C] () -- C:\Users\Public\Desktop\HotSpot Search.lnk
[2010/07/23 11:36:38 | 000,017,739 | ---- | C] () -- C:\Users\Vanessa\Desktop\Evelyn D.docx
[2010/07/23 11:25:13 | 000,008,128 | ---- | C] () -- C:\Users\Vanessa\Desktop\Evelyn.xml
[2010/07/23 02:42:51 | 000,001,803 | ---- | C] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic Professional.lnk
[2010/07/23 02:42:51 | 000,001,779 | ---- | C] () -- C:\Users\Vanessa\Desktop\System Mechanic Professional.lnk
[2010/07/23 02:42:47 | 000,030,208 | ---- | C] () -- C:\Windows\System32\iolobtdfg.exe
[2010/07/23 02:41:11 | 000,005,632 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/22 19:07:09 | 000,008,492 | ---- | C] () -- C:\Users\Vanessa\Desktop\MEMBER ROSTER.xlsx
[2010/07/20 20:12:30 | 000,002,088 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100720_201228.reg
[2010/07/20 20:12:02 | 000,020,076 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100720_201158.reg
[2010/07/20 14:23:40 | 000,278,528 | ---- | C] () -- C:\Users\Vanessa\Desktop\New Microsoft Office Access 2007 Database.accdb
[2010/07/20 13:57:42 | 000,000,902 | ---- | C] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/07/20 03:28:30 | 000,001,594 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100720_032828.reg
[2010/07/20 03:26:59 | 000,006,730 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100720_032650.reg
[2010/07/19 11:47:27 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 11:47:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 11:47:24 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 11:44:09 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/19 10:27:27 | 000,023,580 | ---- | C] () -- C:\Users\Vanessa\AppData\Roaming\UserTile.png
[2010/07/18 19:31:16 | 3163,193,344 | ---- | C] () -- C:\Users\Vanessa\Documents\vistapremium.iso
[2010/07/18 19:13:56 | 000,000,984 | ---- | C] () -- C:\Users\Vanessa\Desktop\Ashampoo Burning Studio 6 FREE.lnk
[2010/07/18 19:13:56 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
[2010/07/18 19:11:00 | 000,019,456 | ---- | C] () -- C:\Windows\System32\videocore.dll
[2010/07/18 19:11:00 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\Cheetah DVD Burner.lnk
[2010/07/18 08:04:27 | 000,002,032 | ---- | C] () -- C:\Users\Vanessa\Documents\saved cd key.reg
[2010/07/18 05:28:29 | 026,255,872 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.012
[2010/07/18 05:28:15 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.011
[2010/07/18 05:28:02 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.010
[2010/07/18 05:27:20 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.009
[2010/07/18 05:26:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.008
[2010/07/18 05:24:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.007
[2010/07/18 05:23:52 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.006
[2010/07/18 05:23:06 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.005
[2010/07/18 05:21:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.004
[2010/07/18 05:20:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.003
[2010/07/18 05:19:48 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.002
[2010/07/18 05:18:23 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_D.001
[2010/07/18 04:17:02 | 388,071,936 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.220
[2010/07/18 04:15:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.219
[2010/07/18 04:14:43 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.218
[2010/07/18 04:13:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.217
[2010/07/18 04:12:44 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.216
[2010/07/18 04:11:46 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.215
[2010/07/18 04:10:52 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.214
[2010/07/18 04:09:58 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.213
[2010/07/18 04:08:58 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.212
[2010/07/18 04:07:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.211
[2010/07/18 04:06:26 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.210
[2010/07/18 04:05:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.209
[2010/07/18 04:04:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.208
[2010/07/18 04:03:15 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.207
[2010/07/18 04:02:22 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.206
[2010/07/18 04:01:30 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.205
[2010/07/18 04:00:32 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.204
[2010/07/18 03:59:30 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.203
[2010/07/18 03:58:28 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.202
[2010/07/18 03:57:28 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.201
[2010/07/18 03:56:26 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.200
[2010/07/18 03:55:21 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.199
[2010/07/18 03:54:19 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.198
[2010/07/18 03:53:16 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.197
[2010/07/18 03:52:26 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.196
[2010/07/18 03:51:25 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.195
[2010/07/18 03:50:37 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.194
[2010/07/18 03:49:26 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.193
[2010/07/18 03:48:21 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.192
[2010/07/18 03:47:19 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.191
[2010/07/18 03:46:12 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.190
[2010/07/18 03:45:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.189
[2010/07/18 03:44:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.188
[2010/07/18 03:43:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.187
[2010/07/18 03:42:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.186
[2010/07/18 03:41:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.185
[2010/07/18 03:40:09 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.184
[2010/07/18 03:39:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.183
[2010/07/18 03:38:04 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.182
[2010/07/18 03:37:04 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.181
[2010/07/18 03:36:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.180
[2010/07/18 03:35:14 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.179
[2010/07/18 03:34:02 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.178
[2010/07/18 03:32:40 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.177
[2010/07/18 03:31:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.176
[2010/07/18 03:30:01 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.175
[2010/07/18 03:28:57 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.174
[2010/07/18 03:27:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.173
[2010/07/18 03:26:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.172
[2010/07/18 03:25:56 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.171
[2010/07/18 03:24:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.170
[2010/07/18 03:23:49 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.169
[2010/07/18 03:22:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.168
[2010/07/18 03:21:49 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.167
[2010/07/18 03:20:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.166
[2010/07/18 03:19:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.165
[2010/07/18 03:17:51 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.164
[2010/07/18 03:16:39 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.163
[2010/07/18 03:15:27 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.162
[2010/07/18 03:14:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.161
[2010/07/18 03:13:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.160
[2010/07/18 03:12:01 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.159
[2010/07/18 03:10:41 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.158
[2010/07/18 03:09:20 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.157
[2010/07/18 03:08:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.156
[2010/07/18 03:07:14 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.155
[2010/07/18 03:06:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.154
[2010/07/18 03:04:53 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.153
[2010/07/18 03:03:34 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.152
[2010/07/18 03:02:22 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.151
[2010/07/18 03:00:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.150
[2010/07/18 02:59:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.149
[2010/07/18 02:58:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.148
[2010/07/18 02:57:27 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.147
[2010/07/18 02:56:21 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.146
[2010/07/18 02:55:20 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.145
[2010/07/18 02:54:15 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.144
[2010/07/18 02:53:12 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.143
[2010/07/18 02:52:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.142
[2010/07/18 02:51:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.141
[2010/07/18 02:50:12 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.140
[2010/07/18 02:49:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.139
[2010/07/18 02:48:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.138
[2010/07/18 02:47:09 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.137
[2010/07/18 02:46:06 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.136
[2010/07/18 02:45:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.135
[2010/07/18 02:44:09 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.134
[2010/07/18 02:43:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.133
[2010/07/18 02:42:17 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.132
[2010/07/18 02:41:17 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.131
[2010/07/18 02:40:16 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.130
[2010/07/18 02:39:21 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.129
[2010/07/18 02:38:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.128
[2010/07/18 02:36:47 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.127
[2010/07/18 02:35:29 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.126
[2010/07/18 02:34:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.125
[2010/07/18 02:33:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.124
[2010/07/18 02:32:41 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.123
[2010/07/18 02:31:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.122
[2010/07/18 02:30:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.121
[2010/07/18 02:29:47 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.120
[2010/07/18 02:28:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.119
[2010/07/18 02:27:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.118
[2010/07/18 02:26:44 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.117
[2010/07/18 02:25:30 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.116
[2010/07/18 02:24:31 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.115
[2010/07/18 02:23:41 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.114
[2010/07/18 02:22:39 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.113
[2010/07/18 02:21:25 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.112
[2010/07/18 02:20:23 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.111
[2010/07/18 02:19:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.110
[2010/07/18 02:18:04 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.109
[2010/07/18 02:16:53 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.108
[2010/07/18 02:15:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.107
[2010/07/18 02:14:33 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.106
[2010/07/18 02:13:14 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.105
[2010/07/18 02:11:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.104
[2010/07/18 02:10:33 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.103
[2010/07/18 02:09:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.102
[2010/07/18 02:07:49 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.101
[2010/07/18 02:06:29 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.100
[2010/07/18 02:05:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.099
[2010/07/18 02:03:48 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.098
[2010/07/18 02:02:02 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.097
[2010/07/18 02:00:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.096
[2010/07/18 01:58:37 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.095
[2010/07/18 01:57:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.094
[2010/07/18 01:55:35 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.093
[2010/07/18 01:53:25 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.092
[2010/07/18 01:50:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.091
[2010/07/18 01:45:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.090
[2010/07/18 01:43:52 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.089
[2010/07/18 01:41:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.088
[2010/07/18 01:40:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.087
[2010/07/18 01:39:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.086
[2010/07/18 01:38:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.085
[2010/07/18 01:37:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.084
[2010/07/18 01:36:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.083
[2010/07/18 01:35:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.082
[2010/07/18 01:34:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.081
[2010/07/18 01:33:01 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.080
[2010/07/18 01:32:04 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.079
[2010/07/18 01:31:08 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.078
[2010/07/18 01:30:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.077
[2010/07/18 01:29:10 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.076
[2010/07/18 01:27:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.075
[2010/07/18 01:26:52 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.074
[2010/07/18 01:25:51 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.073
[2010/07/18 01:20:27 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.072
[2010/07/18 01:17:48 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.071
[2010/07/18 01:16:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.070
[2010/07/18 01:15:21 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.069
[2010/07/18 01:13:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.068
[2010/07/18 01:12:31 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.067
[2010/07/18 01:11:19 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.066
[2010/07/18 01:10:17 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.065
[2010/07/18 01:08:56 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.064
[2010/07/18 01:07:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.063
[2010/07/18 01:06:28 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.062
[2010/07/18 01:05:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.061
[2010/07/18 01:04:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.060
[2010/07/18 01:03:03 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.059
[2010/07/18 01:01:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.058
[2010/07/18 01:00:51 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.057
[2010/07/18 00:59:06 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.056
[2010/07/18 00:57:56 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.055
[2010/07/18 00:56:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.054
[2010/07/18 00:55:46 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.053
[2010/07/18 00:54:24 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.052
[2010/07/18 00:53:01 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.051
[2010/07/18 00:51:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.050
[2010/07/18 00:50:43 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.049
[2010/07/18 00:49:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.048
[2010/07/18 00:48:07 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.047
[2010/07/18 00:47:00 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.046
[2010/07/18 00:45:50 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.045
[2010/07/18 00:44:45 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.044
[2010/07/18 00:43:34 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.043
[2010/07/18 00:42:28 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.042
[2010/07/18 00:41:17 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.041
[2010/07/18 00:40:18 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.040
[2010/07/18 00:39:17 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.039
[2010/07/18 00:38:05 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.038
[2010/07/18 00:37:02 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.037
[2010/07/18 00:35:56 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.036
[2010/07/18 00:34:57 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.035
[2010/07/18 00:33:49 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.034
[2010/07/18 00:32:37 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.033
[2010/07/18 00:31:29 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.032
[2010/07/18 00:29:20 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.031
[2010/07/18 00:27:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.030
[2010/07/18 00:26:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.029
[2010/07/18 00:25:26 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.028
[2010/07/18 00:24:16 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.027
[2010/07/18 00:22:54 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.026
[2010/07/18 00:21:33 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.025
[2010/07/18 00:20:29 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.024
[2010/07/18 00:19:27 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.023
[2010/07/18 00:18:01 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.022
[2010/07/18 00:16:09 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.021
[2010/07/18 00:14:04 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.020
[2010/07/18 00:12:48 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2010/07/18 00:12:36 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.019
[2010/07/18 00:11:13 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.018
[2010/07/18 00:10:42 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.017
[2010/07/18 00:09:22 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.016
[2010/07/18 00:08:03 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.015
[2010/07/18 00:06:39 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.014
[2010/07/18 00:04:55 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.013
[2010/07/18 00:03:22 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.012
[2010/07/18 00:01:59 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.011
[2010/07/18 00:00:23 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.010
[2010/07/17 23:57:16 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.009
[2010/07/17 23:55:20 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.008
[2010/07/17 23:53:38 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.007
[2010/07/17 23:51:29 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.006
[2010/07/17 23:49:40 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.005
[2010/07/17 23:48:11 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.004
[2010/07/17 23:46:09 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.003
[2010/07/17 23:45:03 | 688,128,000 | ---- | C] () -- C:\Users\Vanessa\Documents\Drive_C.002
[2010/07/17 21:04:52 | 000,006,208 | ---- | C] () -- C:\Windows\System32\AutoPartNt.nam
[2010/07/17 21:04:52 | 000,000,924 | ---- | C] () -- C:\Windows\System32\AutoPartNt.scr
[2010/07/17 21:04:39 | 000,001,024 | ---- | C] () -- C:\Windows\System32\AutoPartNt.let
[2010/07/17 20:11:49 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image WD Edition.lnk
[2010/07/17 14:22:59 | 000,003,082 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100717_142244.reg
[2010/07/17 11:51:29 | 000,001,021 | ---- | C] () -- C:\Users\Vanessa\Desktop\Revo Uninstaller.lnk
[2010/07/17 11:13:52 | 000,000,383 | ---- | C] () -- C:\Users\Vanessa\certutil.log
[2010/07/17 11:13:35 | 000,000,439 | ---- | C] () -- C:\Users\Vanessa\CertReq.log
[2010/07/17 01:44:12 | 000,001,000 | ---- | C] () -- C:\Users\Vanessa\Desktop\Auslogics Duplicate File Finder.lnk
[2010/07/17 01:36:38 | 000,070,798 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100717_013635.reg
[2010/07/16 22:21:10 | 000,065,760 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100716_222055messenger.reg
[2010/07/16 16:48:54 | 000,002,794 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100716_164848.reg
[2010/07/16 02:52:52 | 000,000,792 | ---- | C] () -- C:\Users\Vanessa\Desktop\WinDirStat.lnk
[2010/07/16 02:06:30 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/07/16 00:42:26 | 000,003,374 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/07/16 00:42:26 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/07/16 00:29:21 | 000,001,858 | ---- | C] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2010/07/16 00:29:21 | 000,001,834 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010/07/15 22:28:32 | 000,001,598 | ---- | C] () -- C:\Users\Vanessa\Desktop\Recuva.lnk
[2010/07/15 21:46:14 | 000,000,036 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\housecall.guid.cache
[2010/07/15 21:39:13 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/15 21:39:13 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/15 21:39:13 | 000,065,536 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{43b99e2b-907a-11df-bc83-806e6f6e6963}.TM.blf
[2010/07/14 21:30:24 | 000,001,531 | ---- | C] () -- C:\Users\Public\Desktop\Try AOL Today!.lnk
[2010/07/14 15:29:21 | 000,011,616 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100714_152903.reg
[2010/07/13 15:36:19 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/07/13 15:36:19 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/07/13 15:36:19 | 000,065,536 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{f20563ab-8eaa-11df-9ea1-806e6f6e6963}.TM.blf
[2010/07/10 01:25:43 | 000,000,900 | ---- | C] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\DriveImage XML.lnk
[2010/07/10 01:25:43 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\DriveImage XML.lnk
[2010/07/09 05:24:07 | 000,001,050 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100709_052404.reg
[2010/07/09 05:14:50 | 000,024,576 | ---- | C] () -- C:\bcd_backup
[2010/06/27 15:16:55 | 009,245,985 | ---- | C] () -- C:\Users\Vanessa\Desktop\Windows6.0-KB941651-x86.msu
[2010/06/23 16:08:55 | 000,001,382 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100623_160850.reg
[2010/06/21 22:06:40 | 000,000,222 | ---- | C] () -- C:\Windows\rnr.rnr
[2010/06/21 15:56:58 | 000,003,202 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100621_155651.reg
[2010/06/21 09:34:53 | 000,011,622 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100621_093445.reg
[2010/06/21 06:53:25 | 000,009,114 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100621_065320.reg
[2010/06/21 05:29:08 | 000,002,481 | ---- | C] () -- C:\Users\Vanessa\Desktop\HiJackThis.lnk
[2010/06/20 14:55:42 | 000,149,112 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100620_145527again.reg
[2010/06/19 08:32:31 | 000,000,360 | ---- | C] () -- C:\Windows\tasks\Startup Analyser.job
[2010/06/18 12:29:07 | 000,057,556 | ---- | C] () -- C:\Windows\guard.bmp
[2010/06/18 11:18:34 | 000,028,726 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100618_111749OfficeUnistall.reg
[2010/06/18 01:08:52 | 000,000,450 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C3B4BF9-858D-4510-827E-ADCDBFBDA951}.job
[2010/06/18 01:08:24 | 000,000,970 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 1.7.2.lnk
[2010/06/17 16:12:06 | 000,037,356 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100617_161016 after g 2.reg
[2010/06/17 14:24:58 | 000,031,932 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100617_142435 grooveleftover.reg
[2010/06/16 23:18:45 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2010/06/16 16:34:13 | 000,001,340 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100616_163355vanessa4.reg
[2010/06/16 16:33:18 | 000,003,804 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100616_163306vanessa3.reg
[2010/06/16 16:31:37 | 000,189,240 | ---- | C] () -- C:\Users\Vanessa\Documents\cc_20100616_163124vanessa2.reg
[2010/06/16 03:30:26 | 000,000,768 | ---- | C] () -- C:\Users\Vanessa\Desktop\CCleaner.lnk
[2010/06/04 05:57:30 | 000,002,622 | ---- | C] () -- C:\Windows\checkip.dat
[2010/06/04 05:51:10 | 000,003,576 | ---- | C] () -- C:\Windows\ipconfig.dat
[2010/06/01 02:37:05 | 002,583,286 | ---- | C] () -- C:\Users\Vanessa\Documents\430systemreport.html
[2010/06/01 02:37:05 | 000,759,272 | ---- | C] () -- C:\Users\Vanessa\Documents\StreamScanResult.html
[2010/06/01 02:37:05 | 000,106,878 | ---- | C] () -- C:\Users\Vanessa\Documents\filecheck.htm
[2010/06/01 02:37:05 | 000,068,316 | ---- | C] () -- C:\Users\Vanessa\Documents\Fix-it_3-24.HTM
[2010/06/01 02:37:05 | 000,030,646 | ---- | C] () -- C:\Users\Vanessa\Documents\fixithardwarescan.HTM
[2010/06/01 02:37:05 | 000,017,155 | ---- | C] () -- C:\Users\Vanessa\Documents\5-50.xml
[2010/05/31 21:38:35 | 000,011,485 | ---- | C] () -- C:\Users\Vanessa\Documents\Hello Vanessa_rnt.docx
[2010/05/31 21:30:45 | 3162,505,216 | ---- | C] () -- C:\Users\Vanessa\Documents\VISTA_HOME.iso
[2010/05/20 16:46:36 | 000,000,680 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\d3d9caps.dat
[2010/05/13 20:55:55 | 000,000,299 | ---- | C] () -- C:\Program Files\APREG.url
[2010/05/02 03:03:18 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/05/02 03:03:17 | 000,524,288 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/05/02 03:03:16 | 000,065,536 | -HS- | C] () -- C:\Users\Vanessa\ntuser.dat{c962132e-55b7-11df-b153-806e6f6e6963}.TM.blf
[2010/04/29 22:06:39 | 000,000,428 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{0075AEE1-0425-4C85-8628-7E3DB183DB36}.job
[2010/04/29 11:36:53 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/04/28 11:37:17 | 000,000,020 | -HS- | C] () -- C:\Users\Vanessa\ntuser.ini
[2010/04/27 06:38:24 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/27 06:38:13 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2009/10/23 19:57:35 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/04/13 13:57:42 | 000,000,141 | ---- | C] () -- C:\Windows\wpd99.drv
[2008/07/02 14:40:45 | 000,126,976 | ---- | C] () -- C:\Windows\System32\iavlsp.dll.old.emdvow
[2008/07/02 14:40:34 | 002,319,536 | ---- | C] () -- C:\Windows\System32\Incinerator.dll
[2008/07/02 14:10:52 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2008/04/01 01:03:03 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/04/01 01:03:03 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/08/10 11:08:48 | 000,024,456 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\sysres.dll
========== LOP Check ==========
[2010/07/18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\Ashampoo
[2010/06/16 15:17:51 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\CBS Interactive
[2010/07/13 18:58:07 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\Elluminate
[2010/07/13 18:58:07 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\GameHouse
[2010/04/27 03:28:53 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\Individual Software
[2010/07/13 18:58:07 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\iolo
[2010/07/25 22:37:06 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\pdf995
[2010/07/19 10:28:41 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\PeerNetworking
[2010/07/13 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\Regrun
[2010/07/25 22:47:44 | 000,000,000 | ---D | M] -- C:\Users\Vanessa\AppData\Roaming\TaxCut
[2010/07/25 23:58:15 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/19 09:51:53 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\Startup Analyser.job
[2010/07/26 07:42:59 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0075AEE1-0425-4C85-8628-7E3DB183DB36}.job
[2010/07/26 01:47:34 | 000,000,450 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3C3B4BF9-858D-4510-827E-ADCDBFBDA951}.job
[2010/01/20 11:04:10 | 000,000,244 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{840C7511-F35E-4BAA-A524-D452F08D793A}.job
[2010/07/26 07:43:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9F83ADC4-8532-4E54-949C-872C897B1CAB}.job
[2010/07/26 07:46:00 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D336E997-2683-435F-AEED-A8449D48D900}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/04/25 12:37:36 | 000,001,793 | ---- | M] () -- C:\Adobe Reader 9.lnk
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/05/18 14:57:06 | 000,021,504 | -H-- | M] () -- C:\bcd-info.LOG
[2010/05/18 14:57:06 | 000,000,000 | -H-- | M] () -- C:\bcd-info.LOG1
[2010/05/18 14:57:06 | 000,000,000 | -H-- | M] () -- C:\bcd-info.LOG2
[2010/05/18 14:58:55 | 000,021,504 | -H-- | M] () -- C:\bcd-info.txt.LOG
[2010/05/18 14:58:55 | 000,000,000 | -H-- | M] () -- C:\bcd-info.txt.LOG1
[2010/05/18 14:58:55 | 000,000,000 | -H-- | M] () -- C:\bcd-info.txt.LOG2
[2010/07/09 05:14:51 | 000,024,576 | ---- | M] () -- C:\bcd_backup
[2010/07/09 05:14:50 | 000,021,504 | -H-- | M] () -- C:\bcd_backup.LOG
[2010/07/09 05:14:50 | 000,000,000 | -H-- | M] () -- C:\bcd_backup.LOG1
[2010/07/09 05:14:50 | 000,000,000 | -H-- | M] () -- C:\bcd_backup.LOG2
[2010/04/14 07:19:09 | 001,051,926 | ---- | M] () -- C:\bootlog414.csv
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/04/27 06:39:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/02/08 12:21:04 | 000,036,200 | ---- | M] () -- C:\caavsetupLog.txt
[2010/04/21 11:57:54 | 000,001,094 | ---- | M] () -- C:\caEntitlementLog.txt
[2010/04/30 21:46:14 | 000,107,027 | ---- | M] () -- C:\caisslog.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2004/01/21 20:52:24 | 000,114,176 | R--- | M] (Soeperman Enterprises Ltd.) -- C:\CWShredder.exe
[2010/07/15 21:34:40 | 000,001,245 | ---- | M] () -- C:\EventLOG.txt
[2010/02/01 05:07:01 | 001,840,232 | ---- | M] (Trend Micro) -- C:\HousecallLauncher.exe
[2009/07/06 08:10:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/21 19:08:38 | 000,166,152 | ---- | M] (Kaspersky Lab) -- C:\KK.exe
[2010/07/15 08:12:32 | 226,490,113 | ---- | M] () -- C:\kkreport.txt
[2008/04/01 01:46:45 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2008/05/18 04:36:05 | 000,000,027 | ---- | M] () -- C:\modernDesk.rmd
[2009/07/06 08:10:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/09/15 11:29:56 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/09/15 11:29:56 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2008/10/24 20:17:37 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2008/10/24 20:17:38 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{9084beb6-a1d4-11dd-888d-0003254e8698}.TM.blf
[2008/10/24 20:17:38 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9084beb6-a1d4-11dd-888d-0003254e8698}.TMContainer00000000000000000001.regtrans-ms
[2008/10/24 20:17:38 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9084beb6-a1d4-11dd-888d-0003254e8698}.TMContainer00000000000000000002.regtrans-ms
[2009/09/15 11:29:56 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{e9c3b1b2-a8ac-11dd-b8d3-0003254e8698}.TM.blf
[2009/09/15 11:29:56 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{e9c3b1b2-a8ac-11dd-b8d3-0003254e8698}.TMContainer00000000000000000001.regtrans-ms
[2008/11/07 06:16:39 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{e9c3b1b2-a8ac-11dd-b8d3-0003254e8698}.TMContainer00000000000000000002.regtrans-ms
[2010/07/26 00:00:17 | 3524,988,928 | -HS- | M] () -- C:\pagefile.sys
[2010/05/05 09:54:06 | 002,268,176 | ---- | M] (Greatis Software ) -- C:\platinum.exe
[2008/04/01 01:47:49 | 000,000,163 | ---- | M] () -- C:\power2go.log
[2004/05/13 13:26:36 | 000,003,627 | ---- | M] () -- C:\ReadMe.txt
[2010/04/12 04:34:48 | 000,000,000 | ---- | M] () -- C:\RootkitReveal.txt
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/01/20 22:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2010/03/17 08:51:42 | 000,082,184 | ---- | M] (Microsoft Corporation.) -- C:\Windows\System32\spool\prtprocs\w32x86\lmdippr8.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.scr >
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2010/05/13 20:55:55 | 000,000,299 | ---- | M] () -- C:\Program Files\APREG.url
[2008/01/20 22:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/20 22:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/20 22:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/04/27 06:39:10 | 012,820,480 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2010/04/27 06:39:04 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2010/04/27 06:39:10 | 000,028,672 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2010/04/27 06:39:19 | 017,408,000 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2010/04/27 06:39:21 | 006,758,400 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\user32.dll /md5 >
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 05:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-26 03:57:49
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3AC4C770
< End of report >
EXTRAS
OTL Extras logfile created on: 7/26/2010 7:24:59 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Vanessa\Desktop\G2G Malware Guide
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 81.44 Gb Free Space | 28.37% Space Free | Partition Type: NTFS
Drive D: | 11.01 Gb Total Space | 7.68 Gb Free Space | 69.74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 959.72 Mb Total Space | 816.38 Mb Free Space | 85.06% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VANESSA-PC
Current User Name: Vanessa
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2483244698-3053260658-1397059924-1003]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2483244698-3053260658-1397059924-1004]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A7FF809-61F7-48FA-A541-0B523060A9E3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{238CD684-7044-4268-B91F-9F07752BFDAE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{25538EC6-7EDC-48D4-A377-2907C86EEC36}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{44DEBABE-4E15-401B-B26C-CAB051BDA359}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4EACF2DF-FC0E-43DA-8A7D-D1EC66E796E3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5424FB03-98C3-47D6-B71E-EDCF8B1E83BE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{5C5BEAA7-B67E-4C1D-9396-E7F9A856109D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{620297DC-D4CA-4639-B8A6-6FCC15C3B340}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9BAA630F-2159-4951-9BFA-55279B0D2A47}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{B383E83D-34F3-48AD-B2FA-5F905D5B1919}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{C9891C3D-33AA-4E35-BCE2-5A8E92482F87}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D76FE831-4AA9-41B5-BF81-3EC77B40BD4A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{D973BA4F-1645-46E6-AED6-AF90DCEDD6C7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{D9BDD1C5-6E35-4476-BA82-6992D672AE0A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EDAB2FCC-8B48-4FCD-988C-E1EBA0ECB301}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
"{F1EDE8B0-65F8-42AE-A858-4AB3C0E0ABC3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FA648A76-5A17-47CC-93FA-3A0E9935ADFF}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052C1589-AE60-4313-9115-801D80308084}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2E8A51B6-FCFC-4BDF-9B6B-00041889B887}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5827FFB2-C82B-428E-9EAA-CE9129A611BA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{58D7DC68-0B65-4AB0-9EFD-5F2B2A9A0C39}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{76EE53CB-1173-4793-AB12-65AD9307DA0A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7977BD57-FF55-4ADC-BD12-CA5FA013021B}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8BD4F873-55CD-4314-9D47-1872CDA21B6F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A6B2E7CC-95C7-4A24-8355-E27CFE67E702}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20292BBB-C7D7-4526-9E38-42C4A5C2A3A6}" = H&R Block Deluxe + Efile 2009
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{433AF48D-1FB7-47DD-9784-93E7291C85AE}" = Verizon Yahoo! Music Jukebox
"{46B3CC07-3B29-41B4-9B22-0988425E8E2C}_is1" = Auslogics Duplicate File Finder
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{97F4D62E-5AEB-4649-BABF-4712C6EF6845}" = DeductionPro 2009
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4C95F28-A6B0-4F27-8B65-D159225B87F6}" = Wi-Fi Connect
"{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}" = Cheetah DVD Burner
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis True Image WD Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"CCleaner" = CCleaner
"DriveLook" = DriveLook
"EasyBCD" = EasyBCD 1.7.2
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Pdf995" = Pdf995 (installed by H&R Block)
"PdfEdit995" = PdfEdit995 (installed by H&R Block)
"PowerISO" = PowerISO
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.87
"TaxCut Basic 2006" = TaxCut Basic 2006
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WinDirStat" = WinDirStat 1.1.2
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Please Help