I think I have a trojan (or something..). My computer has been very slow so I ran SuperAntiSpyware and that only showed a couple of adware things that I got rid of, so I ran OTL.
It came back with a temp file in Documents~1\...\...\Catch Me. I'm thinking that's probably the culpert of part of it anyway.
Here is my OTL results. Hope someone can help. Thanks, Dianne
OTL logfile created on: 11/29/2010 11:59:06 AM - Run 6
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Dianne\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82.69 Gb Total Space | 17.76 Gb Free Space | 21.48% Space Free | Partition Type: NTFS
Drive D: | 465.65 Gb Total Space | 109.86 Gb Free Space | 23.59% Space Free | Partition Type: FAT32
Drive H: | 66.36 Gb Total Space | 31.75 Gb Free Space | 47.84% Space Free | Partition Type: NTFS
Drive K: | 488.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive P: | 473.63 Gb Total Space | 232.66 Gb Free Space | 49.12% Space Free | Partition Type: NTFS
Drive R: | 457.88 Gb Total Space | 445.79 Gb Free Space | 97.36% Space Free | Partition Type: NTFS
Drive S: | 341.80 Gb Total Space | 7.50 Gb Free Space | 2.19% Space Free | Partition Type: NTFS
Drive T: | 1055.46 Gb Total Space | 44.99 Gb Free Space | 4.26% Space Free | Partition Type: NTFS
Computer Name: MYOTIE-245E29DE | User Name: Dianne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/29 11:55:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dianne\Desktop\OTL.exe
PRC - [2010/11/21 06:43:04 | 001,113,600 | ---- | M] () -- C:\Program Files\Free Desktop Clock\DesktopClock.exe
PRC - [2010/10/23 09:30:36 | 002,836,656 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2010/09/25 05:19:54 | 000,353,736 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
PRC - [2010/09/25 05:19:53 | 000,255,432 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2010/09/20 19:25:06 | 003,117,200 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2010/09/20 19:25:04 | 000,913,552 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2010/09/18 05:45:58 | 000,066,040 | ---- | M] (Siber Systems) -- H:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/08/09 13:53:18 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/07/30 16:12:54 | 002,195,824 | ---- | M] (GFI Software Ltd.) -- H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe
PRC - [2010/07/30 16:12:52 | 000,858,480 | ---- | M] (GFI Software Ltd.) -- H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe
PRC - [2010/07/30 16:12:50 | 002,324,848 | ---- | M] (GFI Software Ltd.) -- H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe
PRC - [2010/06/24 13:34:52 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/06/24 13:34:50 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/03/11 11:58:14 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2010/02/18 16:40:26 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/11/12 13:48:56 | 000,071,096 | ---- | M] () -- H:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/10/07 11:41:20 | 000,122,472 | ---- | M] () -- C:\Program Files\DriveSentry\DriveSentryService.exe
PRC - [2009/08/29 01:00:12 | 000,966,656 | ---- | M] () -- C:\Documents and Settings\Dianne\Local Settings\Apps\F.lux\flux.exe
PRC - [2008/09/21 16:59:06 | 001,292,800 | ---- | M] (FSL - FreeSoftLand) -- C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
========== Modules (SafeList) ==========
MOD - [2010/11/29 11:55:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dianne\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/11/26 05:46:32 | 000,018,200 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV - [2010/10/28 12:02:14 | 000,240,976 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Zentimo\ZentimoService.exe -- (ZentimoService)
SRV - [2010/09/20 19:25:06 | 003,117,200 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2010/08/09 13:53:18 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/07/30 16:12:52 | 000,858,480 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe -- (GFIBckHAtt)
SRV - [2010/07/30 16:12:50 | 002,324,848 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe -- (GFIBckHSched)
SRV - [2010/07/29 19:27:42 | 000,220,128 | ---- | M] () [Auto | Stopped] -- S:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2010/06/24 13:34:52 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/03/18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/11 11:58:14 | 000,063,488 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [On_Demand | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/12 13:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- H:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009/10/07 11:41:20 | 000,122,472 | ---- | M] () [Auto | Running] -- C:\Program Files\DriveSentry\DriveSentryService.exe -- (DriveSentryService)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Dianne\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/07/29 19:28:02 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2010/07/21 21:02:06 | 000,112,456 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2010/07/21 21:02:06 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2010/07/15 07:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 07:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/07/13 10:57:16 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010/06/18 15:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/06/18 14:41:34 | 000,019,968 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2010/06/17 12:41:12 | 000,129,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2010/06/17 06:35:52 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/06/15 04:52:06 | 000,019,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wimmount.sys -- (wimmount)
DRV - [2010/05/27 17:39:32 | 000,141,384 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2010/05/22 19:42:07 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/04/30 12:46:52 | 000,111,624 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2010/04/21 16:00:32 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/04/21 16:00:32 | 000,034,392 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/04/01 13:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/03/10 07:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/25 18:56:44 | 000,009,472 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2010/01/04 13:50:02 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/01/04 13:50:02 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/01/04 13:50:02 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/01/04 13:50:02 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/01/04 13:50:02 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2009/12/30 11:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/29 21:09:06 | 000,059,904 | ---- | M] (wj32) [Kernel | On_Demand | Stopped] -- C:\Program Files\Process Hacker\kprocesshacker.sys -- (KProcessHacker)
DRV - [2009/12/29 14:10:04 | 000,009,088 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nielgfx.sys -- (NielGfx)
DRV - [2009/12/29 14:09:44 | 000,024,192 | ---- | M] (The Nielsen Company) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nielprt.sys -- (nielprt)
DRV - [2009/12/29 14:08:04 | 000,015,360 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)
DRV - [2009/12/29 14:08:02 | 000,010,368 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)
DRV - [2009/12/18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/07 11:35:58 | 000,011,864 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DriveSentryKeeperDriver.sys -- (DriveSentryKeeperDriver)
DRV - [2009/10/07 11:35:47 | 000,016,856 | ---- | M] (DriveSentry Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DriveSentryRegHookDriver.sys -- (DriveSentryRegHookDriver)
DRV - [2009/10/07 11:35:38 | 000,019,800 | ---- | M] (DriveSentry Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DriveSentryFilterDriver2Lite.sys -- (DriveSentryFilterDriver2Lite)
DRV - [2009/10/07 11:35:32 | 000,023,768 | ---- | M] (DriveSentry Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DriveSentryCommsDriver.sys -- (DriveSentryCommsDriver)
DRV - [2009/09/28 18:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/06/30 08:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/03/15 15:13:10 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/02/17 07:19:00 | 000,057,672 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/17 07:17:00 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 16:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/08/11 11:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/02 14:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/06/15 10:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/01/13 10:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2005/01/10 18:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 18:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/10/26 10:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [1999/03/08 13:15:00 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PMEMNT.SYS -- (PMEM)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://thundercloud.net/start/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.selectedEngine: "Search The Web"
FF - prefs.js..browser.startup.homepage: "http://thundercloud.net/start/"
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.0
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.5.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:6.9.1
FF - prefs.js..extensions.enabledItems: {D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}:5.2.4.10
FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.7
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.9.9
FF - prefs.js..extensions.enabledItems: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}:1.0.0.0
FF - prefs.js..keyword.URL: "http://search.yahoo....=PCAFSI1143&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}: C:\Program Files\NetRatingsNetSight\NetSight\meter1\FFAddon\ [2010/08/12 08:39:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Panda Security\Panda ID Protect\Firefox [2010/09/08 14:19:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: H:\Program Files\Siber Systems\AI RoboForm\Firefox [2010/02/18 09:43:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/26 15:43:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/17 04:56:23 | 000,000,000 | ---D | M]
[2010/08/23 17:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Extensions
[2010/04/05 17:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Extensions\[email protected]
[2010/03/11 09:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Extensions\[email protected]
[2010/11/28 13:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions
[2010/10/27 07:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/08/28 07:51:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/20 05:42:15 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010/11/26 09:09:27 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/23 08:30:30 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/09/14 06:31:02 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/29 05:39:00 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2010/11/28 07:44:23 | 000,000,000 | ---D | M] (Somoto Toolbar) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}
[2010/11/04 14:41:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/26 09:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/09/16 05:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\[email protected]
[2010/11/24 09:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\extensions\[email protected]
[2010/09/25 05:20:28 | 000,002,030 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Mozilla\Firefox\Profiles\95aab36r.default\searchplugins\MyStart Search.xml
[2010/11/28 13:36:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/11 12:13:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/04 08:34:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/11/20 15:05:31 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/20 15:05:32 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 11:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010/11/28 07:44:33 | 000,002,280 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\search.xml
O1 HOSTS File: ([2010/07/07 13:00:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (FlpLauncher Class) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipPublisher\FpLaunch.dll ()
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O2 - BHO: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Big Fish Games Toolbar) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files\BfgBar\bfg.dll ()
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - H:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Ocster Backup] C:\Program Files\Ocster Backup\bin\backupClient-ox.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKCU..\Run: [360Amigo] H:\Program Files\360Amigo\360Amigo.exe (360 Amigo)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [EarthAlerts] H:\Program Files\Earth Alerts\EarthAlerts.exe (South Wind Technologies)
O4 - HKCU..\Run: [F.lux] C:\Documents and Settings\Dianne\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [GFI Backup 2009 - Home Edition] H:\Program Files\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe (GFI Software Ltd.)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [RoboForm] H:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SkinClock] File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Calendar Magic.lnk = C:\EuroSoft\Calendar Magic\calendar.exe (EuroSoft)
O4 - Startup: C:\Documents and Settings\Dianne\Start Menu\Programs\Startup\FSL Launcher.lnk = C:\Program Files\FSL\FSL_Launcher\FSL_Launcher.exe (FSL - FreeSoftLand)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Fill Forms - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Logoff - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O8 - Extra context menu item: RoboForm Toolbar - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Logoff - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O9 - Extra 'Tools' menuitem : Logoff - {320AF880-6646-11D3-ABEE-C5DBF3571F55} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O9 - Extra Button: Identities - {45DB34C3-955C-11D3-ABEF-444553540000} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html ()
O9 - Extra 'Tools' menuitem : Identities Editor - {45DB34C3-955C-11D3-ABEF-444553540000} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html ()
O9 - Extra Button: Passcards - {45DB34C3-955C-11D3-ABEF-444553540001} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html ()
O9 - Extra 'Tools' menuitem : Passcards Editor - {45DB34C3-955C-11D3-ABEF-444553540001} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html ()
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - H:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\Dianne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dianne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/17 21:53:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/09/26 15:55:14 | 000,000,000 | ---D | M] - D:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2010/05/05 11:01:30 | 000,000,000 | ---D | M] - D:\AUTORUN_.INF -- [ FAT32 ]
O32 - AutoRun File - [2010/10/29 06:42:10 | 000,000,016 | -H-- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2001/08/23 07:00:00 | 000,000,110 | R--- | M] () - K:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010/05/05 10:00:55 | 000,000,000 | ---D | M] - T:\AUTORUN_.INF -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/11/29 11:55:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dianne\Desktop\OTL.exe
[2010/11/29 07:35:24 | 000,163,696 | ---- | C] (Altiris) -- C:\WINDOWS\GFIBckHUnwise.EXE
[2010/11/28 13:30:24 | 000,688,640 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\3Planesoft_Screensaver_Manager.scr
[2010/11/28 13:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\3Planesoft Screensaver Manager
[2010/11/28 13:28:49 | 000,960,512 | ---- | C] (3Planesoft) -- C:\WINDOWS\System32\Autumn_Wonderland_3D_Screensaver.scr
[2010/11/28 13:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Autumn Wonderland 3D Screensaver
[2010/11/28 11:40:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\LD Fonts
[2010/11/28 11:37:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\Lovely Font Pack 39 fonts
[2010/11/28 11:36:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\Calligraphics
[2010/11/28 07:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\LittleGamesCompany
[2010/11/28 07:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LittleGamesCompany
[2010/11/28 07:50:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\JodieDrake
[2010/11/28 07:44:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\dtband
[2010/11/28 07:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\somototoolbar
[2010/11/28 07:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\somototoolbar
[2010/11/28 07:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Free Desktop Clock Toolbar
[2010/11/28 07:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Free Desktop Clock
[2010/11/27 15:34:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/11/27 07:38:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysResources Manager
[2010/11/27 07:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\SysResources Manager
[2010/11/26 15:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Local Settings\Application Data\360Amigo
[2010/11/25 12:36:44 | 000,000,000 | ---D | C] -- C:\Temp
[2010/11/25 09:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BrainsBreaker puzzles
[2010/11/24 07:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\My Web CEO Projects
[2010/11/19 10:44:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\lianscripts
[2010/11/19 08:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\DzSoft
[2010/11/18 10:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\DVDFab
[2010/11/17 08:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\Sothink
[2010/11/17 04:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative Home
[2010/11/17 04:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Creative Home
[2010/11/17 04:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nova Development
[2010/11/16 14:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Teorex
[2010/11/16 13:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Wipe 2011
[2010/11/16 13:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Local Settings\Application Data\MediaMonkey
[2010/11/16 12:51:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\letterkes
[2010/11/16 08:48:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\jellyka_western_princess
[2010/11/16 08:47:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\justice_by_dirt2
[2010/11/15 07:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\V CAST Media Manager
[2010/11/15 07:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\vlc
[2010/11/15 07:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Verizon
[2010/11/15 07:29:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Local Settings\Application Data\V CAST Media Manager
[2010/11/15 07:28:57 | 000,023,936 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\motmodem.sys
[2010/11/15 07:26:41 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/11/15 07:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/11/14 13:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2010/11/14 13:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Simple Internet Meter Lite
[2010/11/14 13:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\speedtestv13
[2010/11/14 07:00:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dianne\IECompatCache
[2010/11/14 07:00:06 | 000,000,000 | ---D | C] -- C:\Blogs
[2010/11/14 07:00:06 | 000,000,000 | ---D | C] -- C:\Bills
[2010/11/14 07:00:06 | 000,000,000 | ---D | C] -- C:\Banks
[2010/11/14 07:00:05 | 000,000,000 | ---D | C] -- C:\Design
[2010/11/14 07:00:04 | 000,000,000 | ---D | C] -- C:\Dogs
[2010/11/14 07:00:03 | 000,000,000 | ---D | C] -- C:\Geneaology
[2010/11/14 07:00:03 | 000,000,000 | ---D | C] -- C:\Games
[2010/11/14 07:00:03 | 000,000,000 | ---D | C] -- C:\FaceBook
[2010/11/14 07:00:02 | 000,000,000 | ---D | C] -- C:\MarbleHill
[2010/11/14 07:00:02 | 000,000,000 | ---D | C] -- C:\Low Carb
[2010/11/14 07:00:02 | 000,000,000 | ---D | C] -- C:\Icons
[2010/11/14 07:00:02 | 000,000,000 | ---D | C] -- C:\Groups
[2010/11/14 07:00:01 | 000,000,000 | ---D | C] -- C:\Music
[2010/11/14 07:00:00 | 000,000,000 | ---D | C] -- C:\RS
[2010/11/14 07:00:00 | 000,000,000 | ---D | C] -- C:\My Stuff
[2010/11/14 06:59:58 | 000,000,000 | ---D | C] -- C:\Techie
[2010/11/14 06:59:58 | 000,000,000 | ---D | C] -- C:\Software
[2010/11/14 06:59:57 | 000,000,000 | ---D | C] -- C:\WS4 Tutorials
[2010/11/14 06:59:57 | 000,000,000 | ---D | C] -- C:\WebStudio
[2010/11/14 06:59:57 | 000,000,000 | ---D | C] -- C:\Virus
[2010/11/14 06:59:57 | 000,000,000 | ---D | C] -- C:\Cloud
[2010/11/14 06:55:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dianne\PrivacIE
[2010/11/13 21:01:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dianne\IETldCache
[2010/11/13 20:47:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/11/13 20:46:55 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/11/13 20:44:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/11/13 20:14:39 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/11/13 20:14:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/11/13 20:12:35 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/11/13 20:12:26 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/11/13 14:08:14 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/11/13 14:08:12 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/11/13 14:07:40 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/11/13 14:04:10 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010/11/13 09:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\The Revills Games
[2010/11/13 09:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\4 Score Games
[2010/11/13 06:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\My Kindle Content
[2010/11/13 06:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Local Settings\Application Data\Amazon
[2010/11/13 05:30:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/11/13 04:54:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/11/13 04:34:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/11/13 04:34:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/11/13 04:34:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/11/13 04:34:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/11/12 17:36:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/11/12 16:49:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010/11/12 16:49:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/11/12 16:49:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010/11/12 16:49:00 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/11/12 16:48:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010/11/12 16:48:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010/11/12 16:48:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010/11/12 16:48:56 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010/11/12 16:48:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010/11/12 16:48:51 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010/11/12 16:48:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010/11/12 16:48:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010/11/12 16:48:50 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010/11/12 16:48:50 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010/11/12 16:48:50 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010/11/12 16:48:50 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010/11/12 16:48:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010/11/12 16:48:44 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010/11/12 16:48:44 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010/11/12 16:48:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010/11/12 16:48:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010/11/12 16:48:40 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010/11/12 16:48:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010/11/12 16:48:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010/11/12 16:48:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010/11/12 16:48:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010/11/12 16:48:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2010/11/12 16:48:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2010/11/12 16:48:29 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010/11/12 16:48:29 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010/11/12 16:48:29 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010/11/12 16:48:29 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010/11/12 16:48:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010/11/12 16:48:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010/11/12 16:48:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010/11/12 16:48:28 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010/11/12 16:48:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010/11/12 16:48:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010/11/12 16:48:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010/11/12 16:48:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010/11/12 16:48:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010/11/12 16:48:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010/11/12 16:48:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010/11/12 16:48:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010/11/12 16:48:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/11/12 16:48:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/11/12 09:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\admintools
[2010/11/12 07:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Fugazo
[2010/11/10 08:11:50 | 000,389,120 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\igxpun.exe
[2010/11/10 08:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010/11/10 06:58:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\Animated Wallpaper Examples
[2010/11/07 08:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Playrix Entertainment
[2010/11/07 06:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Hulubulu
[2010/11/06 20:17:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/11/06 09:52:18 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll
[2010/11/06 09:52:17 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wvc1dmod.dll
[2010/11/06 09:52:17 | 000,626,688 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2010/11/06 09:52:17 | 000,273,408 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\Pncrt.dll
[2010/11/06 09:52:17 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll
[2010/11/06 09:52:17 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll
[2010/11/06 09:52:17 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll
[2010/11/06 09:52:17 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll
[2010/11/06 09:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2010/11/06 09:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\ConvertXToDVD
[2010/11/06 09:17:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Dianne\Application Data\pcouffin.sys
[2010/11/06 09:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Vso
[2010/11/06 09:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\PcSetup
[2010/11/06 05:48:11 | 001,000,992 | ---- | C] (Bennet-Tec Information Systems, Inc) -- C:\WINDOWS\System32\TList8.ocx
[2010/11/06 05:48:11 | 000,450,560 | ---- | C] (LogicNP Software (http://www.ssware.com)) -- C:\WINDOWS\System32\fldrvw90.ocx
[2010/11/06 05:48:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\AllDup
[2010/11/06 05:48:10 | 002,344,880 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.CommandBars.v13.2.1.ocx
[2010/11/06 05:48:10 | 000,171,752 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtRTF2.ocx
[2010/11/06 05:48:10 | 000,089,888 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtFrame.ocx
[2010/11/06 05:48:10 | 000,086,016 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtSplitter.ocx
[2010/11/06 05:48:10 | 000,044,736 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtSubclass.dll
[2010/11/05 19:54:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PhotoMail
[2010/11/05 19:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoMail Maker
[2010/11/04 16:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\Any Video Converter
[2010/11/04 16:33:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\AnvSoft
[2010/11/04 16:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\HamsterSoft
[2010/11/04 08:34:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/04 08:34:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/04 08:34:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/03 12:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\Rosie
[2010/11/03 09:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\Zentimo
[2010/11/03 09:08:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ZentimoService
[2010/11/03 09:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Zentimo
[2010/11/02 15:30:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\Christmas 2004-1
[2010/10/30 16:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Application Data\FontHit
[2010/10/30 16:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\My Documents\My Fonts
[2010/10/30 16:41:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dianne\Local Settings\Application Data\ApplicationHistory
[2010/10/30 16:02:47 | 000,000,000 | ---D | C] -- C:\Program Files\FontHit Software
[2010/10/30 15:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\NexusFont
[2010/10/30 15:37:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2002/04/11 09:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/29 12:13:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/29 11:55:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dianne\Desktop\OTL.exe
[2010/11/29 11:55:57 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\My DAP Downloads.lnk
[2010/11/29 11:30:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-682003330-1801674531-1003UA.job
[2010/11/29 11:18:32 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2AD53E8D-64D5-4A08-A71F-F5F181E086A1}.job
[2010/11/29 07:35:38 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\GFI Backup 2009 - Home Edition.lnk
[2010/11/29 07:28:10 | 000,013,932 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.PW2
[2010/11/29 07:16:09 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ocster Backup Pro.lnk
[2010/11/29 01:13:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/28 16:30:03 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-682003330-1801674531-1003Core.job
[2010/11/28 13:31:55 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Play More Playrix Games!.lnk
[2010/11/28 13:31:55 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Atlantis Quest.lnk
[2010/11/28 13:30:24 | 000,688,640 | ---- | M] (3Planesoft) -- C:\WINDOWS\System32\3Planesoft_Screensaver_Manager.scr
[2010/11/28 13:28:53 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Autumn Wonderland 3D Wallpaper.lnk
[2010/11/28 13:28:53 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Autumn Wonderland 3D Screensaver.lnk
[2010/11/28 07:44:08 | 000,000,535 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\FreeDesktopClock.ini
[2010/11/28 07:43:44 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Free Desktop Clock.lnk
[2010/11/28 07:28:02 | 000,001,103 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Chronicles of Mystery The Legend of the Sacred Treasure.lnk
[2010/11/28 07:23:16 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Kings Smith 2.lnk
[2010/11/28 07:18:06 | 000,012,848 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.1.pw2-bak
[2010/11/27 15:56:58 | 000,001,064 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Mystery Case Files 13th Skull Collectors Edition.lnk
[2010/11/27 15:52:20 | 000,000,973 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Mystery Age 2 The Dark Priests.lnk
[2010/11/27 15:51:24 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Hidden Mysteries Salem Secrets.lnk
[2010/11/27 15:49:51 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Master Thief Skyscraping Sting.lnk
[2010/11/27 15:48:42 | 000,001,036 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Nightmare on the Pacific.lnk
[2010/11/27 15:39:53 | 000,000,903 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Puzzle Agent.lnk
[2010/11/27 15:25:14 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Downtown Secrets.lnk
[2010/11/27 15:23:54 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Dianne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/27 15:17:54 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pirate Mysteries.lnk
[2010/11/27 15:07:08 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Jodie Drake.lnk
[2010/11/27 15:05:32 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Jane Lucky .lnk
[2010/11/27 15:04:10 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\The Mystery of the Dragon Prince.lnk
[2010/11/27 08:19:01 | 000,015,620 | ---- | M] () -- C:\WINDOWS\System32\SystemRs11.sm.SYS
[2010/11/27 08:17:55 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\SysResources Manager.lnk
[2010/11/27 07:48:07 | 000,012,848 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.2.pw2-bak
[2010/11/26 15:43:35 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\360 Amigo System Speedup.lnk
[2010/11/26 10:50:59 | 000,012,848 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.3.pw2-bak
[2010/11/26 09:16:49 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Duplicate Cleaner.lnk
[2010/11/26 07:24:02 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Switch to Gaming Mode.lnk
[2010/11/26 07:15:15 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft Flac to MP3 (freeware).lnk
[2010/11/26 07:12:51 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft CD to MP3 (freeware).lnk
[2010/11/26 07:02:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/26 07:00:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/25 18:36:42 | 004,346,504 | ---- | M] () -- C:\WINDOWS\TempCloudAV1125170642_396.csv
[2010/11/25 13:36:53 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2010/11/25 12:06:19 | 000,657,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/25 09:03:38 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BrainsBreaker.lnk
[2010/11/25 08:46:17 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Fishdom Seasons Under the Sea.lnk
[2010/11/25 08:44:46 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Cursed House.lnk
[2010/11/25 08:44:01 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Buried In Time.lnk
[2010/11/25 08:42:58 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Artifact Quest.lnk
[2010/11/24 07:59:30 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\WebCEO.lnk
[2010/11/23 17:09:44 | 524,288,012 | ---- | M] () -- C:\WINDOWS\TempCloudAV1123182743_5100.csv
[2010/11/23 13:27:27 | 000,029,098 | ---- | M] () -- C:\WINDOWS\TempCloudAV1123152516_436.csv
[2010/11/23 04:34:08 | 015,305,119 | ---- | M] () -- C:\WINDOWS\TempCloudAV1123061621_5236.csv
[2010/11/23 01:13:01 | 287,241,893 | ---- | M] () -- C:\WINDOWS\TempCloudAV1123005911_1712.csv
[2010/11/22 20:34:59 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\Paragon Archive name arc_290810150824531.job
[2010/11/22 20:34:33 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\Paragon File Archive name arc_231110012025734_11222010.job
[2010/11/22 19:56:57 | 467,680,110 | ---- | M] () -- C:\WINDOWS\TempCloudAV1122134249_1228.csv
[2010/11/22 19:49:05 | 000,008,192 | ---- | M] () -- C:\s-1-5-21-602162358-682003330-1801674531-1004.rrr
[2010/11/22 04:38:03 | 001,433,370 | ---- | M] () -- C:\WINDOWS\TempCloudAV1122054920_2180.csv
[2010/11/21 08:18:10 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Around the World in 80 Days.lnk
[2010/11/21 08:14:59 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft Photo Magic Maker.lnk
[2010/11/20 18:06:12 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Orgfinances.lnk
[2010/11/20 06:48:41 | 000,000,161 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/11/19 18:20:52 | 002,442,117 | ---- | M] () -- C:\WINDOWS\TempCloudAV1119134706_552.csv
[2010/11/19 08:41:40 | 000,000,861 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quick Image Resizer.lnk
[2010/11/18 10:47:55 | 000,000,582 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\DVDFab 8.lnk
[2010/11/18 10:40:23 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EASEUS Data Recovery Wizard 5.0.1.lnk
[2010/11/17 08:16:00 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink Flash Menu.lnk
[2010/11/17 08:16:00 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sothink Flash Menu.lnk
[2010/11/16 17:39:39 | 000,581,586 | ---- | M] () -- C:\WINDOWS\TempCloudAV1116183111_992.csv
[2010/11/16 13:25:40 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaMonkey.lnk
[2010/11/16 13:16:34 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/11/16 12:43:37 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\MiPony.lnk
[2010/11/16 12:43:37 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2010/11/15 09:16:21 | 000,926,783 | ---- | M] () -- C:\WINDOWS\TempCloudAV1115120855_2044.csv
[2010/11/15 07:17:07 | 000,493,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/15 07:17:07 | 000,084,052 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/15 03:04:57 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/13 21:01:38 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/12 17:44:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/12 15:13:18 | 000,001,886 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Carbonite InfoCenter.lnk
[2010/11/12 12:17:29 | 524,288,163 | ---- | M] () -- C:\WINDOWS\TempCloudAV1112120850_1604.csv
[2010/11/12 09:15:29 | 000,000,055 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Windows XP Tips - Ramesh.url
[2010/11/11 18:56:24 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Dianne\Start Menu\Programs\Startup\FSL Launcher.lnk
[2010/11/11 11:18:47 | 000,174,216 | ---- | M] () -- C:\WINDOWS\TempCloudAV1111112620_1984.csv
[2010/11/11 07:19:01 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2010/11/10 06:58:34 | 000,161,173 | ---- | M] () -- C:\WINDOWS\Animated Wallpaper Maker Uninstaller.exe
[2010/11/09 00:13:18 | 000,361,061 | ---- | M] () -- C:\WINDOWS\TempCloudAV1108121007_1640.csv
[2010/11/08 06:58:49 | 000,001,044 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\vso_ts_preview.xml
[2010/11/07 08:35:52 | 000,000,022 | ---- | M] () -- C:\WINDOWS\System32\msxml.p2i
[2010/11/07 08:35:52 | 000,000,022 | ---- | M] () -- C:\WINDOWS\msxml.p2i
[2010/11/06 09:52:28 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\inst.exe
[2010/11/06 09:52:28 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Dianne\Application Data\pcouffin.sys
[2010/11/06 09:52:28 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\pcouffin.cat
[2010/11/06 09:52:28 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\pcouffin.inf
[2010/11/05 07:40:18 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\burnaware.ini
[2010/11/04 20:31:10 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\Dianne\Desktop\Google Chrome.lnk
[2010/11/04 20:31:10 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/04 15:21:10 | 000,458,661 | ---- | M] () -- C:\Documents and Settings\Dianne\MyMoney.mmw
[2010/11/04 09:21:51 | 000,726,023 | ---- | M] () -- C:\WINDOWS\TempCloudAV1104125030_1528.csv
[2010/11/04 09:19:33 | 000,000,114 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.SYL
[2010/11/03 17:43:46 | 000,000,024 | ---- | M] () -- C:\WINDOWS\AM_D8.PRF
[2010/11/03 16:04:48 | 000,015,086 | ---- | M] () -- C:\WINDOWS\sfudoc.ico
[2010/11/03 12:02:06 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Leesburg VA.doc
[2010/11/03 12:02:06 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding.doc
[2010/11/03 12:02:06 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Timonium MD.doc
[2010/11/03 12:02:06 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Harrisburg PA.doc
[2010/11/03 12:02:06 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita fitchburg jan.doc
[2010/11/03 12:02:06 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 09.doc
[2010/11/03 12:02:06 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 09.doc
[2010/11/03 12:02:06 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding 09.doc
[2010/11/03 12:02:06 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding 0712.doc
[2010/11/03 12:02:06 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 0803.doc
[2010/11/03 12:02:06 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 0713.doc
[2010/11/03 12:02:06 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 0705.doc
[2010/11/03 12:02:06 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding May 09.doc
[2010/11/03 12:02:06 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 0608.doc
[2010/11/03 09:08:42 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Zentimo.lnk
[2010/11/01 01:03:06 | 000,787,256 | ---- | M] () -- C:\WINDOWS\trashco.ttf
[2010/11/01 01:03:06 | 000,701,820 | ---- | M] () -- C:\WINDOWS\PANHEAD_.ttf
[2010/11/01 01:03:06 | 000,323,352 | ---- | M] () -- C:\WINDOWS\Jellyka_Castle_s_Queen.ttf
[2010/11/01 01:03:06 | 000,119,000 | ---- | M] () -- C:\WINDOWS\OlhodeBoi.ttf
[2010/11/01 01:03:06 | 000,103,176 | ---- | M] () -- C:\WINDOWS\VtksSonho.ttf
[2010/11/01 01:03:06 | 000,085,808 | ---- | M] () -- C:\WINDOWS\MINUS___.TTF
[2010/11/01 01:03:06 | 000,077,204 | ---- | M] () -- C:\WINDOWS\Waste.ttf
[2010/11/01 01:03:06 | 000,035,328 | ---- | M] () -- C:\WINDOWS\The_Chemical_Parade_by_ravenblackhardt.ttf
[2010/11/01 01:03:06 | 000,026,500 | ---- | M] () -- C:\WINDOWS\scrubble.ttf
[2010/10/30 20:50:54 | 000,296,724 | ---- | M] () -- C:\WINDOWS\TempCloudAV1030213651_1764.csv
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/29 07:35:38 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\GFI Backup 2009 - Home Edition.lnk
[2010/11/29 07:16:09 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ocster Backup Pro.lnk
[2010/11/28 13:31:55 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Atlantis Quest.lnk
[2010/11/28 13:28:53 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Autumn Wonderland 3D Wallpaper.lnk
[2010/11/28 13:28:53 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Autumn Wonderland 3D Screensaver.lnk
[2010/11/28 07:44:07 | 000,000,535 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\FreeDesktopClock.ini
[2010/11/28 07:43:44 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Free Desktop Clock.lnk
[2010/11/28 07:28:01 | 000,001,103 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Chronicles of Mystery The Legend of the Sacred Treasure.lnk
[2010/11/28 07:23:16 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Kings Smith 2.lnk
[2010/11/27 15:56:58 | 000,001,064 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Mystery Case Files 13th Skull Collectors Edition.lnk
[2010/11/27 15:52:19 | 000,000,973 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Mystery Age 2 The Dark Priests.lnk
[2010/11/27 15:51:24 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Hidden Mysteries Salem Secrets.lnk
[2010/11/27 15:49:51 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Master Thief Skyscraping Sting.lnk
[2010/11/27 15:48:42 | 000,001,036 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Nightmare on the Pacific.lnk
[2010/11/27 15:39:53 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Puzzle Agent.lnk
[2010/11/27 15:25:13 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Downtown Secrets.lnk
[2010/11/27 15:17:54 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pirate Mysteries.lnk
[2010/11/27 15:07:08 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Jodie Drake.lnk
[2010/11/27 15:05:32 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Jane Lucky .lnk
[2010/11/27 15:04:10 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\The Mystery of the Dragon Prince.lnk
[2010/11/27 08:19:01 | 000,015,620 | ---- | C] () -- C:\WINDOWS\System32\SystemRs11.sm.SYS
[2010/11/27 07:38:26 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\SysResources Manager.lnk
[2010/11/26 15:43:35 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\360 Amigo System Speedup.lnk
[2010/11/26 09:16:49 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Duplicate Cleaner.lnk
[2010/11/26 07:15:15 | 000,000,604 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft Flac to MP3 (freeware).lnk
[2010/11/26 07:12:51 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft CD to MP3 (freeware).lnk
[2010/11/25 13:36:53 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MediaMonkey.lnk
[2010/11/25 12:07:22 | 004,346,504 | ---- | C] () -- C:\WINDOWS\TempCloudAV1125170642_396.csv
[2010/11/25 09:03:38 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BrainsBreaker.lnk
[2010/11/25 08:46:17 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Fishdom Seasons Under the Sea.lnk
[2010/11/25 08:44:46 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Cursed House.lnk
[2010/11/25 08:44:01 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Buried In Time.lnk
[2010/11/25 08:42:58 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Artifact Quest.lnk
[2010/11/24 07:58:27 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\WebCEO.lnk
[2010/11/23 13:48:15 | 524,288,012 | ---- | C] () -- C:\WINDOWS\TempCloudAV1123182743_5100.csv
[2010/11/23 10:25:53 | 000,029,098 | ---- | C] () -- C:\WINDOWS\TempCloudAV1123152516_436.csv
[2010/11/23 01:18:18 | 015,305,119 | ---- | C] () -- C:\WINDOWS\TempCloudAV1123061621_5236.csv
[2010/11/22 20:34:33 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\Paragon File Archive name arc_231110012025734_11222010.job
[2010/11/22 20:04:07 | 287,241,893 | ---- | C] () -- C:\WINDOWS\TempCloudAV1123005911_1712.csv
[2010/11/22 19:49:05 | 000,008,192 | ---- | C] () -- C:\s-1-5-21-602162358-682003330-1801674531-1004.rrr
[2010/11/22 08:43:29 | 467,680,110 | ---- | C] () -- C:\WINDOWS\TempCloudAV1122134249_1228.csv
[2010/11/22 00:50:30 | 001,433,370 | ---- | C] () -- C:\WINDOWS\TempCloudAV1122054920_2180.csv
[2010/11/21 08:18:10 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Around the World in 80 Days.lnk
[2010/11/21 08:14:59 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Boxoft Photo Magic Maker.lnk
[2010/11/20 18:06:12 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Orgfinances.lnk
[2010/11/19 08:48:15 | 002,442,117 | ---- | C] () -- C:\WINDOWS\TempCloudAV1119134706_552.csv
[2010/11/19 08:41:40 | 000,000,861 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quick Image Resizer.lnk
[2010/11/18 10:47:55 | 000,000,582 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\DVDFab 8.lnk
[2010/11/18 10:40:23 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EASEUS Data Recovery Wizard 5.0.1.lnk
[2010/11/17 08:16:00 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Sothink Flash Menu.lnk
[2010/11/17 08:16:00 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Sothink Flash Menu.lnk
[2010/11/17 08:15:46 | 000,015,086 | ---- | C] () -- C:\WINDOWS\sfudoc.ico
[2010/11/16 13:32:19 | 000,581,586 | ---- | C] () -- C:\WINDOWS\TempCloudAV1116183111_992.csv
[2010/11/16 13:25:40 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaMonkey.lnk
[2010/11/16 13:16:34 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Switch to Gaming Mode.lnk
[2010/11/15 07:26:41 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/11/15 07:10:16 | 000,926,783 | ---- | C] () -- C:\WINDOWS\TempCloudAV1115120855_2044.csv
[2010/11/14 07:00:14 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2AD53E8D-64D5-4A08-A71F-F5F181E086A1}.job
[2010/11/12 16:48:35 | 000,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2010/11/12 15:13:18 | 000,001,886 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Carbonite InfoCenter.lnk
[2010/11/12 09:15:28 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Windows XP Tips - Ramesh.url
[2010/11/12 07:12:06 | 524,288,163 | ---- | C] () -- C:\WINDOWS\TempCloudAV1112120850_1604.csv
[2010/11/11 18:56:24 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\Dianne\Start Menu\Programs\Startup\FSL Launcher.lnk
[2010/11/11 06:27:11 | 000,174,216 | ---- | C] () -- C:\WINDOWS\TempCloudAV1111112620_1984.csv
[2010/11/10 08:39:40 | 000,012,848 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.3.pw2-bak
[2010/11/10 08:39:40 | 000,012,848 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.2.pw2-bak
[2010/11/10 08:39:40 | 000,012,848 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\otieatkins.1.pw2-bak
[2010/11/10 06:58:34 | 000,161,173 | ---- | C] () -- C:\WINDOWS\Animated Wallpaper Maker Uninstaller.exe
[2010/11/10 03:24:47 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sysres10.dat
[2010/11/08 07:42:11 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\MiPony.lnk
[2010/11/08 07:42:11 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2010/11/08 07:10:57 | 000,361,061 | ---- | C] () -- C:\WINDOWS\TempCloudAV1108121007_1640.csv
[2010/11/07 08:37:26 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Dianne\Desktop\Play More Playrix Games!.lnk
[2010/11/07 08:35:52 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\msxml.p2i
[2010/11/07 08:35:52 | 000,000,022 | ---- | C] () -- C:\WINDOWS\msxml.p2i
[2010/11/06 09:17:41 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\vso_ts_preview.xml
[2010/11/06 09:17:26 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\pcouffin.log
[2010/11/06 09:17:16 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\inst.exe
[2010/11/06 09:17:16 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\pcouffin.cat
[2010/11/06 09:17:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\pcouffin.inf
[2010/11/04 07:52:39 | 000,726,023 | ---- | C] () -- C:\WINDOWS\TempCloudAV1104125030_1528.csv
[2010/11/03 17:43:46 | 000,000,024 | ---- | C] () -- C:\WINDOWS\AM_D8.PRF
[2010/11/03 12:06:12 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Leesburg VA.doc
[2010/11/03 12:06:12 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding.doc
[2010/11/03 12:06:12 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Timonium MD.doc
[2010/11/03 12:06:12 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Harrisburg PA.doc
[2010/11/03 12:06:12 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita fitchburg jan.doc
[2010/11/03 12:06:12 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 09.doc
[2010/11/03 12:06:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 09.doc
[2010/11/03 12:06:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding 09.doc
[2010/11/03 12:06:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding 0712.doc
[2010/11/03 12:06:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 0803.doc
[2010/11/03 12:06:12 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rosalita Boarding 0713.doc
[2010/11/03 12:06:12 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 0705.doc
[2010/11/03 12:06:12 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding May 09.doc
[2010/11/03 12:06:12 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Dianne\My Documents\Rumor Rosalita Boarding June 0608.doc
[2010/11/03 09:08:42 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\Microsoft\Internet Explorer\Quick Launch\Zentimo.lnk
[2010/11/01 07:55:33 | 000,787,256 | ---- | C] () -- C:\WINDOWS\trashco.ttf
[2010/11/01 07:55:33 | 000,701,820 | ---- | C] () -- C:\WINDOWS\PANHEAD_.ttf
[2010/11/01 07:55:33 | 000,119,000 | ---- | C] () -- C:\WINDOWS\OlhodeBoi.ttf
[2010/11/01 07:55:33 | 000,103,176 | ---- | C] () -- C:\WINDOWS\VtksSonho.ttf
[2010/11/01 07:55:33 | 000,077,204 | ---- | C] () -- C:\WINDOWS\Waste.ttf
[2010/11/01 07:55:33 | 000,035,328 | ---- | C] () -- C:\WINDOWS\The_Chemical_Parade_by_ravenblackhardt.ttf
[2010/11/01 07:55:33 | 000,026,500 | ---- | C] () -- C:\WINDOWS\scrubble.ttf
[2010/11/01 07:55:32 | 000,323,352 | ---- | C] () -- C:\WINDOWS\Jellyka_Castle_s_Queen.ttf
[2010/11/01 07:55:32 | 000,085,808 | ---- | C] () -- C:\WINDOWS\MINUS___.TTF
[2010/10/30 16:38:20 | 000,296,724 | ---- | C] () -- C:\WINDOWS\TempCloudAV1030213651_1764.csv
[2010/10/30 09:47:14 | 000,002,686 | ---- | C] () -- C:\WINDOWS\ips.INI
[2010/10/30 09:24:25 | 000,855,641 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\PandaIDProtectHelp.chm
[2010/10/27 04:37:37 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\init.dll
[2010/10/27 04:37:37 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\SYSTEM32.dll
[2010/10/27 04:37:27 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\sound.dll
[2010/10/27 04:35:43 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/27 04:35:35 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2010/09/02 06:27:46 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/09/02 06:27:31 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/09/02 06:27:31 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/08/19 20:14:58 | 001,054,032 | ---- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/08/19 18:57:12 | 002,385,136 | ---- | C] () -- C:\WINDOWS\System32\winsflt_x64.dll
[2010/08/17 17:32:12 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/08/17 17:32:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\akrip32.dll
[2010/08/17 17:32:02 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\Mp3Ctrl.dll
[2010/08/08 07:07:34 | 000,219,136 | ---- | C] () -- C:\WINDOWS\sqlite3_engine.dll
[2010/08/08 07:07:18 | 000,219,136 | ---- | C] () -- C:\WINDOWS\System32\sqlite3_engine.dll
[2010/07/21 08:17:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Winlogonevents.dll
[2010/07/21 08:17:46 | 000,011,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\DriveSentryKeeperDriver.sys
[2010/07/10 07:13:18 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/06/26 08:54:05 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\Dianne\Application Data\burnaware.ini
[2010/06/24 10:58:26 | 000,000,074 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2010/06/24 10:56:21 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2010/06/24 10:56:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2010/05/28 20:02:16 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/05/08 10:37:03 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Rav.ini
[2010/04/29 08:08:30 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/29 08:08:12 | 000,231,976 | ---- | C] () -- C:\WINDOWS\System32\eDoc.Organizer_nat.dll
[2010/04/10 07:32:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ITNetUtils.dll
[2010/04/10 07:32:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\diffiedll.dll
[2010/03/25 07:56:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Curses.INI
[2010/03/17 17:49:10 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Dianne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/13 20:05:10 | 000,000,097 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2010/03/11 10:36:29 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010/03/10 19:29:40 | 000,000,100 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010/03/10 09:05:55 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2010/03/09 13:20:38 | 000,001,714 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/03/09 13:20:26 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010/03/04 07:16:31 | 000,000,224 | ---- | C] () -- C:\WINDOWS\MP32WAV.INI
[2010/03/03 04:58:22 | 000,000,228 | ---- | C] () -- C:\WINDOWS\Q-Dir.ini
[2010/03/02 11:06:39 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/02/21 09:19:49 | 000,005,663 | ---- | C] () -- C:\WINDOWS\System32\ludap17.ini
[2010/02/21 09:19:49 | 000,000,075 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/02/21 07:43:35 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010/02/21 05:49:49 | 000,004,925 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dnlfgmeo.zuz
[2010/02/17 12:14:53 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/23 10:29:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\KmxAgent.sys
[2009/10/03 12:36:01 | 011,476,992 | ---- | C] () -- C:\WINDOWS\System32\common_res.dll
[2009/09/30 15:51:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\KmxCfg.sys
[2009/06/08 09:02:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxstart.sys
[2009/03/15 15:13:10 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/02/05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Dianne\Local Settings\Application Data\setup.txt
[2007/02/06 23:58:00 | 000,000,525 | ---- | C] () -- C:\WINDOWS\xxclone.ini
[2005/05/03 19:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2005/02/05 14:46:00 | 000,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2004/04/28 14:17:44 | 000,002,372 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/10/30 12:29:00 | 000,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbvcoin.ini
[2003/10/02 18:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2002/11/13 10:40:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbvvs.dll
[2002/07/01 09:13:30 | 000,000,229 | -HS- | C] () -- C:\Documents and Settings\Dianne\Application Data\matrox_drv16.dat
[2002/07/01 09:13:30 | 000,000,224 | -HS- | C] () -- C:\Documents and Settings\Dianne\Application Data\brun_nbeta12.dat
[1998/01/13 14:52:30 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\LOTRN13.DLL
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B50A605
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:72F57408
@Alternate Data Stream - 266 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B11E0DF
@Alternate Data Stream - 254 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5
@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:918B7566
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F5E90ED3
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98982C88
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08D8BB20
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8944C195
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF76F21
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98DFF516
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93F3E4C9
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1E61D6A
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7547DA5B
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F
@Alternate Data Stream - 185 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F68098AE
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B9D8E22
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB65A4AA
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2398E95B
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B4F0E275
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0656FCD2
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F64FC07C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1CD2545
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75494C12
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:19823AC6
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B2B96C
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:242231A9
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1DA424AA
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BFE23423
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C43ED645
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4573A78F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A296A63F
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EFDF5FB
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F95AE81
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61F0C8FB
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D853F961
< End of report >