Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Used Hitman pro 3.5 to remove google redirect virus and now computer w


  • This topic is locked This topic is locked

#1
shotmetrouble

shotmetrouble

    New Member

  • Member
  • Pip
  • 7 posts
I found that my wife's laptop was infected with a search redirect virus and other malware. Symptoms were that she would often get Internect connection broken and needs to be repaired message, when she would search in google she would get redirected when clicking on links, and iexplore pages that were not visible were playing audio. I would open taskmgr and see an iexplore.exe process running and have to kill the process to end the audio. In my infinite wisdom I tried to remove the virus/malware using malwayre bytes (no luck), and hitman pro 3.5. Hitman showed I had multiple infections but after I ran it and repaired the items found her laptop would BSOD and send me to Startup repair mode. I tried to restore to different restore points offered but had no such luck.

I used the Dell DataSafe Restore and Emergency Backup tool offered in my System Recovery Options to back up her files to my external hard drive. Can anyone help me restore my computer or do I need to reimage and re-install everything?

Thanks for your help in advance!!!
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
:)

Lets give it a try. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

  • 0

#3
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thanks for your help on this I really appreciate it!!

Here are the results

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.7
Ran by SYSTEM at 2011-11-08 08:43:03
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-02-02] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [166424 2010-04-07] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391192 2010-04-07] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [413720 2010-04-07] (Intel Corporation)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3217056 2010-04-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] ()
HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [1527128 2011-06-14] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-08-19] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\Jessica\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-08-24] (Google Inc.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2011-09-18] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ======

3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [206072 2010-10-12] (WildTangent, Inc.)
2 QBCFMonitorService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe" [45056 2011-07-06] (Intuit)
3 QBFCService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe" [61440 2009-07-23] (Intuit Inc.)
2 QBVSS; "C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe" [1248256 2011-06-30] (Intuit Inc.)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\Users\All Users\Application Data\Hitman Pro
2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-07 01:12 - 2011-11-07 00:58 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-07 00:32 - 2011-11-07 00:32 - 0013850 ____A C:\Users\Jessica\Desktop\fixme.log
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\Application Data\Malwarebytes
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-06 23:45 - 2011-11-06 23:45 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-06 22:45 - 2011-11-07 00:22 - 0000000 ____D C:\Users\Jessica\Application Data\HPAppData
2011-11-06 22:45 - 2011-11-07 00:22 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\HPAppData
2011-11-06 16:05 - 2011-11-07 07:22 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-06 16:05 - 2011-11-07 07:22 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-06 16:05 - 2011-11-06 16:05 - 0743534 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-06 16:04 - 2010-04-09 05:06 - 0374664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2011-11-06 15:55 - 2011-11-06 16:01 - 10165440 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\mseinstall.exe
2011-11-06 15:52 - 2011-11-06 16:05 - 76165328 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\msert.exe
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\AppData\Local\ElevatedDiagnostics
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\AppData\Local\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:11 - 2011-11-07 07:23 - 0000000 ____D C:\Users\Jessica\My Documents\jess pictures
2011-11-02 09:11 - 2011-11-07 07:23 - 0000000 ____D C:\Users\Jessica\Documents\jess pictures
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-10-27 09:36 - 2011-11-07 07:23 - 0000000 ____D C:\Windows\Minidump
2011-10-27 09:36 - 2011-10-27 09:36 - 456305824 ____A C:\Windows\MEMORY.DMP
2011-10-27 09:36 - 2011-10-27 09:36 - 0278968 ____A C:\Windows\Minidump\102711-29842-01.dmp
2011-10-24 23:36 - 2011-05-24 19:14 - 0270720 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-10-24 23:19 - 2011-11-02 09:08 - 0063496 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:13 - 2011-10-24 23:12 - 10063872 __RAH C:\Users\Jessica\My Documents\Roots Beauty Salon.qbm
2011-10-24 23:13 - 2011-10-24 23:12 - 10063872 __RAH C:\Users\Jessica\Documents\Roots Beauty Salon.qbm
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\IsolatedStorage
2011-10-24 22:34 - 2011-10-24 22:34 - 0000000 ____D C:\Windows\Sun
2011-10-24 22:33 - 2011-10-03 05:06 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2011-10-24 22:33 - 2011-10-03 05:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2011-10-24 22:33 - 2011-10-03 05:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2011-10-24 22:32 - 2011-10-24 22:33 - 0004416 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ____D C:\Program Files\Microsoft IntelliPoint
2011-10-24 20:13 - 2011-10-24 20:13 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2011-10-22 14:19 - 2011-11-01 16:03 - 0002306 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-10-22 14:19 - 2011-11-01 16:03 - 0002306 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2011-10-22 14:06 - 2011-10-22 14:06 - 0000000 ____D C:\Program Files (x86)\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\ProgramData\DivX
2011-10-22 14:03 - 2011-10-22 14:06 - 0000000 ___HD C:\Windows\AxInstSV
2011-10-20 22:44 - 2011-10-20 22:45 - 0001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-20 22:44 - 2011-10-20 22:45 - 0001976 ____A C:\Users\All Users\Desktop\Adobe Reader 9.lnk
2011-10-20 22:44 - 2011-10-20 22:44 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzPr
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\Users\All Users\~1kAlMiG2Kb7FzPr
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\ProgramData\~1kAlMiG2Kb7FzPr
2011-10-20 22:20 - 2011-10-20 22:25 - 0000432 ___AH C:\Users\All Users\Application Data\1kAlMiG2Kb7FzP
2011-10-20 22:20 - 2011-10-20 22:25 - 0000432 ___AH C:\Users\All Users\1kAlMiG2Kb7FzP
2011-10-20 22:20 - 2011-10-20 22:25 - 0000432 ___AH C:\ProgramData\1kAlMiG2Kb7FzP
2011-10-20 22:20 - 2011-10-20 22:24 - 0000240 ___AH C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzP
2011-10-20 22:20 - 2011-10-20 22:24 - 0000240 ___AH C:\Users\All Users\~1kAlMiG2Kb7FzP
2011-10-20 22:20 - 2011-10-20 22:24 - 0000240 ___AH C:\ProgramData\~1kAlMiG2Kb7FzP
2011-10-20 22:17 - 2011-10-20 22:17 - 0000000 ____D C:\Windows\system64
2011-10-19 15:49 - 2011-10-19 15:49 - 0000143 ___AH C:\Users\Jessica\Desktop\More Games at GameHouse.com.url
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\Application Data\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ____D C:\Program Files (x86)\RealArcade
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-13 09:01 - 2011-09-30 23:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-10-13 09:01 - 2011-09-30 22:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-10-13 09:01 - 2011-09-30 21:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-10-13 09:01 - 2011-09-30 20:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-10-13 09:01 - 2011-09-05 21:07 - 3134976 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-10-13 09:01 - 2011-08-26 23:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-10-13 09:01 - 2011-08-26 23:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-10-13 09:01 - 2011-08-26 22:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-10-13 09:01 - 2011-08-26 22:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-10-13 09:01 - 2011-08-19 23:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-10-13 09:01 - 2011-08-19 23:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-10-13 09:01 - 2011-08-19 23:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-10-13 09:01 - 2011-08-19 23:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-10-13 09:01 - 2011-08-19 23:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-10-13 09:01 - 2011-08-19 22:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-10-13 09:01 - 2011-08-19 22:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-10-13 09:01 - 2011-08-19 22:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-10-13 09:01 - 2011-08-19 22:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-10-13 09:01 - 2011-08-19 22:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-10-13 09:01 - 2011-08-19 22:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-10-13 09:01 - 2011-08-19 22:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-10-13 09:01 - 2011-08-19 21:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-10-13 09:01 - 2011-08-16 23:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-10-13 09:01 - 2011-08-16 23:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-10-13 09:01 - 2011-08-16 22:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-10-13 09:01 - 2011-08-16 22:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax


============ 3 Months Modified Files and Folders =============

2011-11-08 08:43 - 2011-11-08 08:42 - 0000000 ____D C:\FRST
2011-11-07 07:27 - 2011-08-15 14:33 - 0000000 ____D C:\users\Jessica
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\TAPI
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sppui
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Recovery
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ras
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\InstallShield
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\icsxml
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\com
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sppui
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Setup
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ras
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\oobe
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\migwiz
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\manifeststore
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\icsxml
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ias
2011-11-07 07:26 - 2009-07-14 01:45 - 0000000 ____D C:\Windows\ShellNew
2011-11-07 07:26 - 2009-07-14 01:45 - 0000000 ____D C:\Program Files\Windows Journal
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\Offline Web Pages
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\addins
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Defender
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\DVD Maker
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Defender
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 __RSD C:\Windows\Media
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-TW
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-HK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-CN
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\uk-UA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\tr-TR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\th-TH
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sv-SE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sl-SI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sk-SK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ru-RU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ro-RO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pt-PT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pt-BR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pl-PL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\nl-NL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\nb-NO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\lv-LV
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\lt-LT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ko-KR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ja-JP
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\it-IT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\hu-HU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\hr-HR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\he-IL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\fi-FI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\et-EE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\el-GR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\de-DE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\bg-BG
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ar-SA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-TW
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-HK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-CN
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\uk-UA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\tr-TR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\th-TH
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sysprep
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sv-SE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sr-Latn-CS
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sl-SI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sk-SK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ru-RU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ro-RO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pt-PT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pt-BR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pl-PL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\nl-NL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\nb-NO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\lv-LV
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\lt-LT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ko-KR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ja-JP
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\it-IT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\hu-HU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\hr-HR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\he-IL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\fi-FI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\et-EE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\es-ES
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\el-GR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Dism
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\de-DE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\da-DK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\com
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\bg-BG
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ar-SA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\servicing
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\L2Schemas
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\IME
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Cursors
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\winrm
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\WCN
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\slmgr
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Speech
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Msdtc
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\IME
2011-11-07 07:23 - 2011-11-02 09:11 - 0000000 ____D C:\Users\Jessica\My Documents\jess pictures
2011-11-07 07:23 - 2011-11-02 09:11 - 0000000 ____D C:\Users\Jessica\Documents\jess pictures
2011-11-07 07:23 - 2011-10-27 09:36 - 0000000 ____D C:\Windows\Minidump
2011-11-07 07:23 - 2011-08-24 22:53 - 0000000 ____D C:\Users\Jessica\Desktop\QUICKBOOKS FILES
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\Local Settings\PowerDVD DX
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\PowerDVD DX
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\PowerDVD DX
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\winrm
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\WCN
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\slmgr
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\spp
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Speech
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\SMI
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Msdtc
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\IME
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\schemas
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Resources
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\PLA
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Globalization
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Branding
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\AppCompat
2011-11-07 07:22 - 2011-11-06 16:05 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-07 07:22 - 2011-11-06 16:05 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\Local Settings\Intuit
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Intuit
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\AppData\Local\Intuit
2011-11-07 07:22 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Microsoft Games
2011-11-07 07:22 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Windows NT
2011-11-07 07:22 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files (x86)\Windows NT
2011-11-07 07:20 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\registration
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\Users\All Users\McAfee
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\Users\All Users\Application Data\McAfee
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\ProgramData\McAfee
2011-11-07 06:50 - 2011-01-29 17:08 - 0000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2011-11-07 06:50 - 2011-01-29 16:29 - 0000000 ____D C:\Program Files (x86)\Java
2011-11-07 02:06 - 2011-01-29 17:13 - 0000000 ____D C:\Program Files (x86)\McAfee
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\Users\All Users\Application Data\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:12 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-07 00:32 - 2011-11-07 00:32 - 0013850 ____A C:\Users\Jessica\Desktop\fixme.log
2011-11-07 00:28 - 2011-01-29 18:19 - 3061186560 __ASH C:\hiberfil.sys
2011-11-07 00:22 - 2011-11-06 22:45 - 0000000 ____D C:\Users\Jessica\Application Data\HPAppData
2011-11-07 00:22 - 2011-11-06 22:45 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\HPAppData
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\Application Data\Malwarebytes
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-06 23:45 - 2011-11-06 23:45 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\VirtualStore
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\VirtualStore
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\VirtualStore
2011-11-06 16:25 - 2009-07-13 23:10 - 1955118 ____A C:\Windows\WindowsUpdate.log
2011-11-06 16:25 - 2009-07-13 22:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-06 16:25 - 2009-07-13 22:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-06 16:23 - 2009-07-13 23:13 - 0729688 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-06 16:18 - 2011-08-24 18:25 - 0000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\Local Settings\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2011-11-06 16:18 - 2009-07-13 23:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-06 16:18 - 2009-07-13 22:51 - 0026782 ____A C:\Windows\setupact.log
2011-11-06 16:05 - 2011-11-06 16:05 - 0743534 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-06 16:05 - 2011-11-06 15:52 - 76165328 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\msert.exe
2011-11-06 16:01 - 2011-11-06 15:55 - 10165440 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\mseinstall.exe
2011-11-06 15:59 - 2011-08-24 18:25 - 0000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\AppData\Local\ElevatedDiagnostics
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\AppData\Local\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:08 - 2011-10-24 23:19 - 0063496 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\Local Settings\Google
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Google
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Google
2011-11-01 16:03 - 2011-10-22 14:19 - 0002306 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-11-01 16:03 - 2011-10-22 14:19 - 0002306 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2011-11-01 15:31 - 2011-09-11 22:13 - 0000000 ___HD C:\Users\Jessica\Application Data\HpUpdate
2011-11-01 15:31 - 2011-09-11 22:13 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\HpUpdate
2011-10-27 09:36 - 2011-10-27 09:36 - 456305824 ____A C:\Windows\MEMORY.DMP
2011-10-27 09:36 - 2011-10-27 09:36 - 0278968 ____A C:\Windows\Minidump\102711-29842-01.dmp
2011-10-24 23:47 - 2011-01-29 18:19 - 0518502 ____A C:\Windows\PFRO.log
2011-10-24 23:29 - 2011-08-15 14:54 - 0000000 ___HD C:\Users\Jessica\My Backup Files
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:12 - 2011-10-24 23:13 - 10063872 __RAH C:\Users\Jessica\My Documents\Roots Beauty Salon.qbm
2011-10-24 23:12 - 2011-10-24 23:13 - 10063872 __RAH C:\Users\Jessica\Documents\Roots Beauty Salon.qbm
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\IsolatedStorage
2011-10-24 22:34 - 2011-10-24 22:34 - 0000000 ____D C:\Windows\Sun
2011-10-24 22:33 - 2011-10-24 22:32 - 0004416 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-10-24 21:53 - 2009-07-13 22:45 - 0284912 ____A C:\Windows\System32\FNTCACHE.DAT
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ____D C:\Program Files\Microsoft IntelliPoint
2011-10-24 20:13 - 2011-10-24 20:13 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2011-10-22 14:19 - 2011-08-24 18:25 - 0000000 ____D C:\Program Files (x86)\Google
2011-10-22 14:06 - 2011-10-22 14:06 - 0000000 ____D C:\Program Files (x86)\DivX
2011-10-22 14:06 - 2011-10-22 14:03 - 0000000 ___HD C:\Windows\AxInstSV
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\ProgramData\DivX
2011-10-20 22:45 - 2011-10-20 22:44 - 0001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-20 22:45 - 2011-10-20 22:44 - 0001976 ____A C:\Users\All Users\Desktop\Adobe Reader 9.lnk
2011-10-20 22:45 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-10-20 22:44 - 2011-10-20 22:44 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\Local Settings\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\Users\All Users\Application Data\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\Users\All Users\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\ProgramData\Adobe
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\Users\All Users\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\Users\All Users\Application Data\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\ProgramData\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\Users\All Users\HP
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\Users\All Users\Application Data\HP
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\ProgramData\HP
2011-10-20 22:39 - 2011-08-19 23:23 - 0000000 ____D C:\Users\Jessica\Desktop\printables
2011-10-20 22:39 - 2011-08-15 17:56 - 0000000 ____D C:\Users\Jessica\Application Data\Creative
2011-10-20 22:39 - 2011-08-15 17:56 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Creative
2011-10-20 22:39 - 2011-08-15 17:43 - 0000000 ____D C:\Users\Jessica\Application Data\Macrovision
2011-10-20 22:39 - 2011-08-15 17:43 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Macrovision
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Stardock_Corporation
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Stardock_Corporation
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Application Data\Roxio
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Roxio
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\Stardock_Corporation
2011-10-20 22:39 - 2011-01-29 17:12 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\Users\All Users\WildTangent
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\Users\All Users\Application Data\WildTangent
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\ProgramData\WildTangent
2011-10-20 22:39 - 2011-01-29 16:49 - 0000000 ____D C:\Windows\en
2011-10-20 22:39 - 2011-01-29 16:47 - 0000000 ____D C:\Program Files (x86)\Windows Live
2011-10-20 22:39 - 2011-01-29 16:46 - 0000000 ____D C:\Program Files\Windows Live
2011-10-20 22:38 - 2011-10-02 12:45 - 0000000 ____D C:\BigFishGamesCache
2011-10-20 22:38 - 2011-09-11 22:08 - 0000000 ____D C:\Program Files (x86)\HP
2011-10-20 22:38 - 2010-12-30 08:12 - 0000000 ____D C:\DELL
2011-10-20 22:37 - 2009-07-14 01:44 - 0000000 __RHD C:\Users\Public\Recorded TV
2011-10-20 22:37 - 2009-07-13 21:20 - 0000000 ___RD C:\users\Public
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\Local Settings\Panasonic
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Panasonic
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\AppData\Local\Panasonic
2011-10-20 22:36 - 2011-08-15 16:54 - 0000000 ____D C:\Users\Jessica\Application Data\Adobe
2011-10-20 22:36 - 2011-08-15 16:54 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Adobe
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:33 - 0000000 ____D C:\Users\Jessica\AppData\LocalLow
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\Users\All Users\Intuit
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\Users\All Users\Application Data\Intuit
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\ProgramData\Intuit
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\Users\All Users\Application Data\Apple Computer
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\ProgramData\Apple Computer
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\Users\All Users\CyberLink
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\Users\All Users\Application Data\CyberLink
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\ProgramData\CyberLink
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\Users\All Users\Application Data\Apple
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\Users\All Users\Apple
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\ProgramData\Apple
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\Users\All Users\Uninstall
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\Users\All Users\Application Data\Uninstall
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\ProgramData\Uninstall
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\Users\All Users\Macrovision
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\Users\All Users\Application Data\Macrovision
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\ProgramData\Macrovision
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\Users\All Users\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\Users\All Users\Application Data\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\ProgramData\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\Users\All Users\Dell
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\Users\All Users\Application Data\Dell
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\ProgramData\Dell
2011-10-20 22:25 - 2011-10-20 22:20 - 0000432 ___AH C:\Users\All Users\Application Data\1kAlMiG2Kb7FzP
2011-10-20 22:25 - 2011-10-20 22:20 - 0000432 ___AH C:\Users\All Users\1kAlMiG2Kb7FzP
2011-10-20 22:25 - 2011-10-20 22:20 - 0000432 ___AH C:\ProgramData\1kAlMiG2Kb7FzP
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzPr
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\Users\All Users\~1kAlMiG2Kb7FzPr
2011-10-20 22:24 - 2011-10-20 22:24 - 0000128 ___AH C:\ProgramData\~1kAlMiG2Kb7FzPr
2011-10-20 22:24 - 2011-10-20 22:20 - 0000240 ___AH C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzP
2011-10-20 22:24 - 2011-10-20 22:20 - 0000240 ___AH C:\Users\All Users\~1kAlMiG2Kb7FzP
2011-10-20 22:24 - 2011-10-20 22:20 - 0000240 ___AH C:\ProgramData\~1kAlMiG2Kb7FzP
2011-10-20 22:17 - 2011-10-20 22:17 - 0000000 ____D C:\Windows\system64
2011-10-19 15:49 - 2011-10-19 15:49 - 0000143 ___AH C:\Users\Jessica\Desktop\More Games at GameHouse.com.url
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\Application Data\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ____D C:\Program Files (x86)\RealArcade
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\Local Settings\Windows Live
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Windows Live
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Windows Live
2011-10-17 22:17 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-10-17 22:16 - 2011-01-29 16:44 - 0000561 ____A C:\Windows\DirectX.log
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:07 - 2011-08-15 23:39 - 0000000 ___HD C:\Users\Jessica\Tracing
2011-10-14 21:04 - 2011-01-29 16:43 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Apple Computer
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Local Settings\Apple Computer
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Apple Computer
2011-10-03 18:59 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Application Data\Apple Computer
2011-10-03 18:59 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Apple Computer
2011-10-03 05:06 - 2011-10-24 22:33 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2011-10-03 05:06 - 2011-10-24 22:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2011-10-03 05:06 - 2011-10-24 22:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2011-10-03 05:06 - 2011-01-29 16:29 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2011-09-30 23:24 - 2011-10-13 09:01 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-09-30 22:42 - 2011-10-13 09:01 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-09-30 21:21 - 2011-10-13 09:01 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-09-30 20:59 - 2011-10-13 09:01 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-09-24 21:06 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\NDF
2011-09-18 23:19 - 2011-09-18 23:19 - 0000241 ___AH C:\Users\Jessica\Desktop\HP Windows 7 Full Feature Printer Software alert 1.url
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\SoftThinks
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\SoftThinks
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\SoftThinks
2011-09-12 19:34 - 2011-09-12 19:34 - 0000000 ____D C:\PFS6_TMP
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\Users\All Users\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\Users\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\Users\All Users\Panasonic
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\Users\All Users\Application Data\Panasonic
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\ProgramData\Panasonic
2011-09-11 23:02 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Application Data\HP
2011-09-11 23:02 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\HP
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\Users\All Users\WEBREG
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\Users\All Users\Application Data\WEBREG
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\ProgramData\WEBREG
2011-09-11 22:40 - 2011-09-11 22:04 - 0206517 ____A C:\Windows\hpoins49.dat
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\Users\All Users\hpzinstall.log
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\Users\All Users\Application Data\hpzinstall.log
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\ProgramData\hpzinstall.log
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\HP
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\HP
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\HP
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\Local Settings\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\AppData\Local\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2009-07-13 20:34 - 0000438 ____A C:\Windows\win.ini
2011-09-11 22:14 - 2011-09-11 22:14 - 0000000 ____D C:\Program Files (x86)\Coupons
2011-09-11 22:13 - 2011-09-11 22:13 - 0001123 ____A C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001123 ____A C:\Users\All Users\Desktop\Shop for HP Supplies.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001063 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001063 ____A C:\Users\All Users\Desktop\HP Photo Creations.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0000000 ____D C:\Program Files (x86)\HP Photo Creations
2011-09-11 22:12 - 2011-09-11 22:12 - 0002061 ____A C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0001277 ____A C:\Users\Public\Desktop\HP Solution Center.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0001277 ____A C:\Users\All Users\Desktop\HP Solution Center.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\Users\All Users\HP Product Assistant
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\Users\All Users\Application Data\HP Product Assistant
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\ProgramData\HP Product Assistant
2011-09-11 22:11 - 2011-09-11 22:11 - 0001976 ____A C:\Users\Public\Desktop\HP ePrinterCenter.lnk
2011-09-11 22:11 - 2011-09-11 22:11 - 0001976 ____A C:\Users\All Users\Desktop\HP ePrinterCenter.lnk
2011-09-11 22:06 - 2011-09-11 22:06 - 0000000 ____D C:\Program Files\HP
2011-09-06 22:51 - 2011-09-06 22:51 - 3002967 ___AH C:\Users\Jessica\Downloads\do_your_chores_gbursett.pdf
2011-09-05 21:07 - 2011-10-13 09:01 - 3134976 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-08-31 21:07 - 2011-08-31 21:07 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-08-28 11:58 - 2011-08-28 11:58 - 0069402 ___AH C:\Users\Jessica\Downloads\61772754-Before-You-Speak-Think.pdf
2011-08-27 15:09 - 2011-08-27 15:09 - 0001745 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-08-27 15:09 - 2011-08-27 15:09 - 0001745 ____A C:\Users\All Users\Desktop\iTunes.lnk
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Users\All Users\Application Data\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files\iTunes
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-08-27 15:08 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files\iPod
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files\Bonjour
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-08-27 14:51 - 2011-08-15 14:37 - 0000072 ____A C:\Windows\SysWOW64\ToasterLauncherLog.log
2011-08-26 23:40 - 2011-10-13 09:01 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-08-26 23:40 - 2011-10-13 09:01 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-08-26 22:43 - 2011-10-13 09:01 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-08-26 22:43 - 2011-10-13 09:01 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-08-25 13:37 - 2011-08-25 13:37 - 0288678 ____A C:\Windows\msxml4-KB973688-enu.LOG
2011-08-25 13:37 - 2011-08-25 13:36 - 0294060 ____A C:\Windows\msxml4-KB954430-enu.LOG
2011-08-24 20:33 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\rescache
2011-08-24 19:01 - 2011-08-24 18:26 - 0000000 ___HD C:\Users\Jessica\Application Data\Google
2011-08-24 19:01 - 2011-08-24 18:26 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\All Users\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\All Users\Application Data\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\ProgramData\Google
2011-08-24 18:25 - 2011-08-24 18:25 - 0000000 ____D C:\Program Files\Google
2011-08-24 16:15 - 2011-08-24 16:15 - 0000000 ____D C:\Program Files\Common Files\Intuit
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\SQL Anywhere 11
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Application Data\SQL Anywhere 11
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\ProgramData\SQL Anywhere 11
2011-08-24 16:12 - 2011-08-24 16:08 - 0000095 ____A C:\Windows\QBChanUtil_Trigger.ini
2011-08-24 16:11 - 2011-08-24 16:11 - 0002396 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002215 ____A C:\Users\Public\Desktop\QuickBooks File Manager.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002215 ____A C:\Users\All Users\Desktop\QuickBooks File Manager.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002183 ____A C:\Users\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002143 ____A C:\Users\Public\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002143 ____A C:\Users\All Users\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0001992 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\Public\Documents\Intuit
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Documents\Intuit
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Application Data\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\ProgramData\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ____D C:\Program Files (x86)\Intuit
2011-08-24 16:07 - 2011-08-24 16:07 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-08-24 08:25 - 2011-08-24 08:25 - 0001807 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-08-24 08:25 - 2011-08-24 08:25 - 0001807 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2011-08-24 08:25 - 2011-08-15 23:24 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-08-24 08:08 - 2011-08-24 08:08 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-08-23 17:44 - 2011-08-23 17:44 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-08-19 23:45 - 2011-10-13 09:01 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-19 23:44 - 2011-10-13 09:01 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-19 23:44 - 2011-10-13 09:01 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-19 23:42 - 2011-10-13 09:01 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-19 23:37 - 2011-10-13 09:01 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-08-19 22:38 - 2011-10-13 09:01 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-19 22:38 - 2011-10-13 09:01 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-19 22:38 - 2011-10-13 09:01 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-19 22:36 - 2011-10-13 09:01 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-08-19 22:34 - 2011-10-13 09:01 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-08-19 22:32 - 2011-10-13 09:01 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-08-19 22:20 - 2011-10-13 09:01 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-08-19 21:26 - 2011-10-13 09:01 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-08-18 10:34 - 2011-08-18 10:34 - 0000000 ____D C:\Windows\Intuit
2011-08-18 00:02 - 2011-08-17 22:20 - 567708432 ____A (Intuit, Inc. ) C:\Users\Jessica\Desktop\QuickBooksPremier2011.exe
2011-08-18 00:02 - 2011-08-17 22:20 - 0000000 ___HD C:\Users\Jessica\Application Data\Download Manager
2011-08-18 00:02 - 2011-08-17 22:20 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Download Manager
2011-08-17 23:42 - 2011-08-17 22:20 - 0001815 ____A C:\Users\Jessica\Desktop\Setup_QuickBooksPremier2011[1].lnk
2011-08-17 22:20 - 2011-08-17 22:20 - 0000000 ____D C:\Program Files (x86)\Akamai
2011-08-16 23:32 - 2011-10-13 09:01 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-08-16 23:27 - 2011-10-13 09:01 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-08-16 22:26 - 2011-10-13 09:01 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-08-16 22:22 - 2011-10-13 09:01 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-08-16 11:19 - 2011-08-16 11:02 - 0000000 ___HD C:\Users\Jessica\Desktop\Maple Springs Photos
2011-08-16 11:18 - 2011-08-16 11:18 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2011-08-16 00:06 - 2011-08-16 00:06 - 0001290 ____A C:\Users\Jessica\Desktop\Contacts - Shortcut.lnk
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Apple
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\Local Settings\Apple
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Apple
2011-08-15 22:00 - 2011-08-15 22:00 - 0000000 ___HD C:\Users\Jessica\Application Data\InstallShield
2011-08-15 22:00 - 2011-08-15 22:00 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\InstallShield
2011-08-15 21:59 - 2011-08-15 21:59 - 0002436 ____A C:\Users\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:59 - 2011-08-15 21:59 - 0002143 ____A C:\Users\Public\Desktop\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:59 - 2011-08-15 21:59 - 0002143 ____A C:\Users\All Users\Desktop\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:58 - 2011-08-15 21:58 - 0000000 ____D C:\Program Files (x86)\Panasonic
2011-08-15 21:58 - 2011-01-29 16:34 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-08-15 18:18 - 2011-08-15 18:18 - 0000000 ____D C:\Program Files (x86)\Cozi Express
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\Users\All Users\Cozi
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\Users\All Users\Application Data\Cozi
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\ProgramData\Cozi
2011-08-15 17:57 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\Jessica\My Documents\Dell WebCam Central
2011-08-15 17:57 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\Jessica\Documents\Dell WebCam Central
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\All Users\Creative
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\All Users\Application Data\Creative
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\ProgramData\Creative
2011-08-15 17:22 - 2011-08-15 17:22 - 0002622 ____A C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
2011-08-15 17:22 - 2011-08-15 17:22 - 0002622 ____A C:\Users\All Users\Desktop\WildTangent Games App - dell.lnk
2011-08-15 17:21 - 2011-08-15 17:21 - 0000000 ____D C:\Program Files (x86)\WildTangent Games
2011-08-15 17:18 - 2011-08-15 17:18 - 0000000 ___HD C:\Users\Jessica\Application Data\Macromedia
2011-08-15 17:18 - 2011-08-15 17:18 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Macromedia
2011-08-15 17:01 - 2009-07-13 21:20 - 0000000 __RHD C:\Users\Public\Libraries
2011-08-15 14:47 - 2011-08-15 14:47 - 0000000 ___HD C:\Users\Jessica\Application Data\CyberLink
2011-08-15 14:47 - 2011-08-15 14:47 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\CyberLink
2011-08-15 14:40 - 2011-08-15 14:39 - 0000000 __SHD C:\System Recovery
2011-08-15 14:39 - 2011-08-15 14:39 - 0000000 ___HD C:\Users\Jessica\Application Data\Dell
2011-08-15 14:39 - 2011-08-15 14:39 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Dell
2011-08-15 14:38 - 2011-08-15 14:38 - 0001984 ____A C:\Users\Jessica\Start Menu\Programs\Startup\Dell Dock.lnk
2011-08-15 14:38 - 2011-08-15 14:38 - 0001984 ____A C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2011-08-15 14:38 - 2011-08-15 14:38 - 0000402 __ASH C:\Users\Jessica\My Documents\desktop.ini
2011-08-15 14:38 - 2011-08-15 14:38 - 0000174 ___SH C:\Users\Jessica\Start Menu\Programs\Startup\desktop.ini
2011-08-15 14:38 - 2011-08-15 14:38 - 0000174 ___SH C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-08-15 14:37 - 2009-07-13 21:18 - 0000000 __SHD C:\$RECYCLE.BIN
2011-08-15 14:33 - 2011-08-15 14:33 - 0000020 __ASH C:\Users\Jessica\ntuser.ini
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Templates
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Start Menu
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\PrintHood
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\NetHood
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Videos
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Pictures
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Music
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\History
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Application Data\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Application Data\History
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Videos
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Pictures
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Music
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\AppData\Local\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\AppData\Local\History
2011-08-15 13:15 - 2009-07-13 23:01 - 0039252 ____A C:\Windows\SysWOW64\license.rtf
2011-08-15 13:15 - 2009-07-13 23:01 - 0039252 ____A C:\Windows\System32\license.rtf
2011-08-15 13:13 - 2011-01-29 18:07 - 0000000 ____D C:\Windows\Panther

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 3892.52 MB
Available physical RAM: 3313.46 MB
Total Pagefile: 3890.67 MB
Available Pagefile: 3298.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:399.73 GB) NTFS
2 Drive d: (Oct 17 2011) (CDROM) (Total:0.69 GB) (Free:0.06 GB) UDF
3 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.29 GB) NTFS
5 Drive g: () (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-11-02 09:44

======================= End Of Log ==========================
  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Download MBRFix from here.

Save and extract its contents to the working computer's desktop. There are three files in the MBRFix folder. From these, only copy the MBRFix64.exe to the USB drive.

Also download the enclosed file and save it in the USB drive.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). It will also create a file labeled MBRDUMP.txt. Copy and Paste the contents of the Fixlog.txt in your next reply, but attach the MBRDUMP.txt as it is a hex file.
  • 0

#5
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Results from fixlog.txt and attached MBRDUMP.txt

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.2.7)
Ran by SYSTEM at 2011-11-08 11:27:29 R:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore Value deleted successfully.
C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzPr moved successfully.
C:\Users\All Users\~1kAlMiG2Kb7FzPr not found.
C:\ProgramData\~1kAlMiG2Kb7FzPr not found.
C:\Users\All Users\Application Data\1kAlMiG2Kb7FzP moved successfully.
C:\Users\All Users\1kAlMiG2Kb7FzP not found.
C:\ProgramData\1kAlMiG2Kb7FzP not found.
C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzP moved successfully.
C:\Users\All Users\~1kAlMiG2Kb7FzP not found.
C:\ProgramData\~1kAlMiG2Kb7FzP not found.
C:\Windows\system64 moved successfully.
C:\Users\All Users\Application Data\1kAlMiG2Kb7FzP not found.
C:\Users\All Users\1kAlMiG2Kb7FzP not found.
C:\ProgramData\1kAlMiG2Kb7FzP not found.
C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzPr not found.
C:\Users\All Users\~1kAlMiG2Kb7FzPr not found.
C:\ProgramData\~1kAlMiG2Kb7FzPr not found.
C:\Users\All Users\Application Data\~1kAlMiG2Kb7FzP not found.
C:\Users\All Users\~1kAlMiG2Kb7FzP not found.
C:\ProgramData\~1kAlMiG2Kb7FzP not found.
C:\Windows\system64 not found.

========= G:\MbrFix64.exe /drive 0 savembr G:\MBRDUMP.txt =========


========= End of CMD: =========


==== End of Fixlog ====

Thanks again

Attached Files


  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Please run FRST64 once again. Press Scan button.

It will make a log (FRST.txt) in the flash drive. Please copy and paste it in your next reply.
  • 0

#7
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.7
Ran by SYSTEM at 2011-11-08 12:36:13
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-02-02] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [166424 2010-04-07] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391192 2010-04-07] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [413720 2010-04-07] (Intel Corporation)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3217056 2010-04-01] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] ()
HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [1527128 2011-06-14] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-08-19] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\Jessica\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-08-24] (Google Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2011-09-18] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ======

3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [206072 2010-10-12] (WildTangent, Inc.)
2 QBCFMonitorService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe" [45056 2011-07-06] (Intuit)
3 QBFCService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe" [61440 2009-07-23] (Intuit Inc.)
2 QBVSS; "C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe" [1248256 2011-06-30] (Intuit Inc.)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\Users\All Users\Application Data\Hitman Pro
2011-11-07 01:30 - 2011-11-07 00:58 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-07 01:12 - 2011-11-07 00:58 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-07 00:32 - 2011-11-07 00:32 - 0013850 ____A C:\Users\Jessica\Desktop\fixme.log
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\Application Data\Malwarebytes
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-06 23:45 - 2011-11-06 23:45 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-06 22:45 - 2011-11-07 00:22 - 0000000 ____D C:\Users\Jessica\Application Data\HPAppData
2011-11-06 22:45 - 2011-11-07 00:22 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\HPAppData
2011-11-06 16:05 - 2011-11-07 07:22 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-06 16:05 - 2011-11-07 07:22 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-06 16:05 - 2011-11-06 16:05 - 0743534 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-06 16:04 - 2010-04-09 05:06 - 0374664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2011-11-06 15:55 - 2011-11-06 16:01 - 10165440 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\mseinstall.exe
2011-11-06 15:52 - 2011-11-06 16:05 - 76165328 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\msert.exe
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\AppData\Local\ElevatedDiagnostics
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\AppData\Local\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:11 - 2011-11-07 07:23 - 0000000 ____D C:\Users\Jessica\My Documents\jess pictures
2011-11-02 09:11 - 2011-11-07 07:23 - 0000000 ____D C:\Users\Jessica\Documents\jess pictures
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-10-27 09:36 - 2011-11-07 07:23 - 0000000 ____D C:\Windows\Minidump
2011-10-27 09:36 - 2011-10-27 09:36 - 456305824 ____A C:\Windows\MEMORY.DMP
2011-10-27 09:36 - 2011-10-27 09:36 - 0278968 ____A C:\Windows\Minidump\102711-29842-01.dmp
2011-10-24 23:36 - 2011-05-24 19:14 - 0270720 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-10-24 23:19 - 2011-11-02 09:08 - 0063496 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:13 - 2011-10-24 23:12 - 10063872 __RAH C:\Users\Jessica\My Documents\Roots Beauty Salon.qbm
2011-10-24 23:13 - 2011-10-24 23:12 - 10063872 __RAH C:\Users\Jessica\Documents\Roots Beauty Salon.qbm
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\IsolatedStorage
2011-10-24 22:34 - 2011-10-24 22:34 - 0000000 ____D C:\Windows\Sun
2011-10-24 22:33 - 2011-10-03 05:06 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2011-10-24 22:33 - 2011-10-03 05:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2011-10-24 22:33 - 2011-10-03 05:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2011-10-24 22:32 - 2011-10-24 22:33 - 0004416 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ____D C:\Program Files\Microsoft IntelliPoint
2011-10-24 20:13 - 2011-10-24 20:13 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2011-10-22 14:19 - 2011-11-01 16:03 - 0002306 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-10-22 14:19 - 2011-11-01 16:03 - 0002306 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2011-10-22 14:06 - 2011-10-22 14:06 - 0000000 ____D C:\Program Files (x86)\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\ProgramData\DivX
2011-10-22 14:03 - 2011-10-22 14:06 - 0000000 ___HD C:\Windows\AxInstSV
2011-10-20 22:44 - 2011-10-20 22:45 - 0001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-20 22:44 - 2011-10-20 22:45 - 0001976 ____A C:\Users\All Users\Desktop\Adobe Reader 9.lnk
2011-10-20 22:44 - 2011-10-20 22:44 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-10-19 15:49 - 2011-10-19 15:49 - 0000143 ___AH C:\Users\Jessica\Desktop\More Games at GameHouse.com.url
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\Application Data\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ____D C:\Program Files (x86)\RealArcade
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-13 09:01 - 2011-09-30 23:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-10-13 09:01 - 2011-09-30 22:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-10-13 09:01 - 2011-09-30 21:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-10-13 09:01 - 2011-09-30 20:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-10-13 09:01 - 2011-09-05 21:07 - 3134976 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-10-13 09:01 - 2011-08-26 23:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-10-13 09:01 - 2011-08-26 23:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-10-13 09:01 - 2011-08-26 22:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-10-13 09:01 - 2011-08-26 22:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-10-13 09:01 - 2011-08-19 23:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-10-13 09:01 - 2011-08-19 23:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-10-13 09:01 - 2011-08-19 23:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-10-13 09:01 - 2011-08-19 23:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-10-13 09:01 - 2011-08-19 23:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-10-13 09:01 - 2011-08-19 23:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-10-13 09:01 - 2011-08-19 23:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-10-13 09:01 - 2011-08-19 22:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-10-13 09:01 - 2011-08-19 22:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-10-13 09:01 - 2011-08-19 22:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-10-13 09:01 - 2011-08-19 22:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-10-13 09:01 - 2011-08-19 22:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-10-13 09:01 - 2011-08-19 22:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-10-13 09:01 - 2011-08-19 22:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-10-13 09:01 - 2011-08-19 22:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-10-13 09:01 - 2011-08-19 21:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-10-13 09:01 - 2011-08-16 23:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-10-13 09:01 - 2011-08-16 23:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-10-13 09:01 - 2011-08-16 23:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-10-13 09:01 - 2011-08-16 22:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-10-13 09:01 - 2011-08-16 22:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-10-13 09:01 - 2011-08-16 22:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax


============ 3 Months Modified Files and Folders =============

2011-11-08 12:36 - 2011-11-08 08:42 - 0000000 ____D C:\FRST
2011-11-07 07:27 - 2011-08-15 14:33 - 0000000 ____D C:\users\Jessica
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\TAPI
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sppui
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Recovery
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ras
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\InstallShield
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\icsxml
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\com
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sppui
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Setup
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ras
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\oobe
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\migwiz
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\manifeststore
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\icsxml
2011-11-07 07:27 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ias
2011-11-07 07:26 - 2009-07-14 01:45 - 0000000 ____D C:\Windows\ShellNew
2011-11-07 07:26 - 2009-07-14 01:45 - 0000000 ____D C:\Program Files\Windows Journal
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\Offline Web Pages
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Windows\addins
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Windows Defender
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\DVD Maker
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2011-11-07 07:26 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files (x86)\Windows Defender
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 __RSD C:\Windows\Media
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-TW
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-HK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\zh-CN
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\uk-UA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\tr-TR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\th-TH
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sv-SE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sl-SI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\sk-SK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ru-RU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ro-RO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pt-PT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pt-BR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\pl-PL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\nl-NL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\nb-NO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\lv-LV
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\lt-LT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ko-KR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ja-JP
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\it-IT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\hu-HU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\hr-HR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\he-IL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\fi-FI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\et-EE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\el-GR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\de-DE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\bg-BG
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\ar-SA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-TW
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-HK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\zh-CN
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\uk-UA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\tr-TR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\th-TH
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sysprep
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sv-SE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sr-Latn-CS
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sl-SI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\sk-SK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ru-RU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ro-RO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pt-PT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pt-BR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\pl-PL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\nl-NL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\nb-NO
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\lv-LV
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\lt-LT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ko-KR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ja-JP
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\it-IT
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\hu-HU
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\hr-HR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\he-IL
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\fi-FI
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\et-EE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\es-ES
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\el-GR
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Dism
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\de-DE
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\da-DK
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\com
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\bg-BG
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\ar-SA
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\servicing
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\L2Schemas
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\IME
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Cursors
2011-11-07 07:26 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\winrm
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\WCN
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\slmgr
2011-11-07 07:24 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Speech
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\Msdtc
2011-11-07 07:24 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\SysWOW64\IME
2011-11-07 07:23 - 2011-11-02 09:11 - 0000000 ____D C:\Users\Jessica\My Documents\jess pictures
2011-11-07 07:23 - 2011-11-02 09:11 - 0000000 ____D C:\Users\Jessica\Documents\jess pictures
2011-11-07 07:23 - 2011-10-27 09:36 - 0000000 ____D C:\Windows\Minidump
2011-11-07 07:23 - 2011-08-24 22:53 - 0000000 ____D C:\Users\Jessica\Desktop\QUICKBOOKS FILES
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\Local Settings\PowerDVD DX
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\PowerDVD DX
2011-11-07 07:23 - 2011-08-15 23:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\PowerDVD DX
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\winrm
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\WCN
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\slmgr
2011-11-07 07:23 - 2009-07-13 23:37 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\spp
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Speech
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\SMI
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\Msdtc
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\IME
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\schemas
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Resources
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\PLA
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Globalization
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\Branding
2011-11-07 07:23 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\AppCompat
2011-11-07 07:22 - 2011-11-06 16:05 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-07 07:22 - 2011-11-06 16:05 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\Local Settings\Intuit
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Intuit
2011-11-07 07:22 - 2011-08-24 16:13 - 0000000 ____D C:\Users\Jessica\AppData\Local\Intuit
2011-11-07 07:22 - 2009-07-13 23:32 - 0000000 ____D C:\Program Files\Microsoft Games
2011-11-07 07:22 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Windows NT
2011-11-07 07:22 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files (x86)\Windows NT
2011-11-07 07:20 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\registration
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\Users\All Users\McAfee
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\Users\All Users\Application Data\McAfee
2011-11-07 06:52 - 2011-01-29 17:14 - 0000000 ____D C:\ProgramData\McAfee
2011-11-07 06:50 - 2011-01-29 17:08 - 0000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2011-11-07 06:50 - 2011-01-29 16:29 - 0000000 ____D C:\Program Files (x86)\Java
2011-11-07 02:06 - 2011-01-29 17:13 - 0000000 ____D C:\Program Files (x86)\McAfee
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\Users\All Users\Application Data\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:30 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-07 00:58 - 2011-11-07 01:12 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-07 00:32 - 2011-11-07 00:32 - 0013850 ____A C:\Users\Jessica\Desktop\fixme.log
2011-11-07 00:28 - 2011-01-29 18:19 - 3061186560 __ASH C:\hiberfil.sys
2011-11-07 00:22 - 2011-11-06 22:45 - 0000000 ____D C:\Users\Jessica\Application Data\HPAppData
2011-11-07 00:22 - 2011-11-06 22:45 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\HPAppData
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\Application Data\Malwarebytes
2011-11-06 23:58 - 2011-11-06 23:58 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-11-06 23:55 - 2011-11-06 23:55 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-06 23:45 - 2011-11-06 23:45 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\VirtualStore
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\VirtualStore
2011-11-06 23:45 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\VirtualStore
2011-11-06 16:25 - 2009-07-13 23:10 - 1955118 ____A C:\Windows\WindowsUpdate.log
2011-11-06 16:25 - 2009-07-13 22:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-06 16:25 - 2009-07-13 22:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-06 16:23 - 2009-07-13 23:13 - 0729688 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-06 16:18 - 2011-08-24 18:25 - 0000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\Local Settings\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2011-11-06 16:18 - 2011-08-15 14:37 - 0000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2011-11-06 16:18 - 2009-07-13 23:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-06 16:18 - 2009-07-13 22:51 - 0026782 ____A C:\Windows\setupact.log
2011-11-06 16:05 - 2011-11-06 16:05 - 0743534 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-06 16:05 - 2011-11-06 15:52 - 76165328 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\msert.exe
2011-11-06 16:01 - 2011-11-06 15:55 - 10165440 ____A (Microsoft Corporation) C:\Users\Jessica\Downloads\mseinstall.exe
2011-11-06 15:59 - 2011-08-24 18:25 - 0000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\ElevatedDiagnostics
2011-11-05 02:05 - 2011-11-05 02:05 - 0000000 ____D C:\Users\Jessica\AppData\Local\ElevatedDiagnostics
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\Local Settings\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-04 21:23 - 2011-11-04 21:23 - 0000000 ____D C:\Users\Jessica\AppData\Local\{972FE493-1554-4E66-8A24-DFC7B7987239}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\Local Settings\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 22:33 - 2011-11-02 22:33 - 0000000 ____D C:\Users\Jessica\AppData\Local\{6CC05846-5F97-4D11-A28C-1E7CBDD519C4}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\Local Settings\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 17:17 - 2011-11-02 17:17 - 0000000 ____D C:\Users\Jessica\AppData\Local\{B0F48199-CE63-45F0-8C07-4B7551867B13}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\Local Settings\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:18 - 2011-11-02 09:18 - 0000000 ____D C:\Users\Jessica\AppData\Local\{28D1FEB3-C709-4875-BA63-0FAAD6C4428D}
2011-11-02 09:08 - 2011-10-24 23:19 - 0063496 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\Local Settings\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:58 - 2011-11-01 17:58 - 0000000 ____D C:\Users\Jessica\AppData\Local\{DF18B3ED-BBBA-4791-80FA-D12B97280A55}
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\Local Settings\Google
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Google
2011-11-01 17:52 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Google
2011-11-01 16:03 - 2011-10-22 14:19 - 0002306 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-11-01 16:03 - 2011-10-22 14:19 - 0002306 ____A C:\Users\All Users\Desktop\Google Chrome.lnk
2011-11-01 15:31 - 2011-09-11 22:13 - 0000000 ___HD C:\Users\Jessica\Application Data\HpUpdate
2011-11-01 15:31 - 2011-09-11 22:13 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\HpUpdate
2011-10-27 09:36 - 2011-10-27 09:36 - 456305824 ____A C:\Windows\MEMORY.DMP
2011-10-27 09:36 - 2011-10-27 09:36 - 0278968 ____A C:\Windows\Minidump\102711-29842-01.dmp
2011-10-24 23:47 - 2011-01-29 18:19 - 0518502 ____A C:\Windows\PFRO.log
2011-10-24 23:29 - 2011-08-15 14:54 - 0000000 ___HD C:\Users\Jessica\My Backup Files
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000385 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.DSN
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\My Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:14 - 2011-10-24 23:14 - 0000384 ____A C:\Users\Jessica\Documents\Roots Beauty Salon.QBm.ND
2011-10-24 23:12 - 2011-10-24 23:13 - 10063872 __RAH C:\Users\Jessica\My Documents\Roots Beauty Salon.qbm
2011-10-24 23:12 - 2011-10-24 23:13 - 10063872 __RAH C:\Users\Jessica\Documents\Roots Beauty Salon.qbm
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\IsolatedStorage
2011-10-24 22:41 - 2011-10-24 22:41 - 0000000 ____D C:\Users\Jessica\AppData\Local\IsolatedStorage
2011-10-24 22:34 - 2011-10-24 22:34 - 0000000 ____D C:\Windows\Sun
2011-10-24 22:33 - 2011-10-24 22:32 - 0004416 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-10-24 21:53 - 2009-07-13 22:45 - 0284912 ____A C:\Windows\System32\FNTCACHE.DAT
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf
2011-10-24 20:17 - 2011-10-24 20:17 - 0000000 ____D C:\Program Files\Microsoft IntelliPoint
2011-10-24 20:13 - 2011-10-24 20:13 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2011-10-22 14:19 - 2011-08-24 18:25 - 0000000 ____D C:\Program Files (x86)\Google
2011-10-22 14:06 - 2011-10-22 14:06 - 0000000 ____D C:\Program Files (x86)\DivX
2011-10-22 14:06 - 2011-10-22 14:03 - 0000000 ___HD C:\Windows\AxInstSV
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2011-10-22 14:04 - 2011-10-22 14:04 - 0000000 ____D C:\ProgramData\DivX
2011-10-20 22:45 - 2011-10-20 22:44 - 0001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2011-10-20 22:45 - 2011-10-20 22:44 - 0001976 ____A C:\Users\All Users\Desktop\Adobe Reader 9.lnk
2011-10-20 22:45 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-10-20 22:44 - 2011-10-20 22:44 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\Local Settings\Adobe
2011-10-20 22:44 - 2011-08-15 20:14 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\Users\All Users\Application Data\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\Users\All Users\Adobe
2011-10-20 22:44 - 2011-01-29 16:53 - 0000000 ____D C:\ProgramData\Adobe
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\Users\All Users\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\Users\All Users\Application Data\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:13 - 0000000 ____D C:\ProgramData\HP Photo Creations
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\Users\All Users\HP
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\Users\All Users\Application Data\HP
2011-10-20 22:39 - 2011-09-11 22:04 - 0000000 ____D C:\ProgramData\HP
2011-10-20 22:39 - 2011-08-19 23:23 - 0000000 ____D C:\Users\Jessica\Desktop\printables
2011-10-20 22:39 - 2011-08-15 17:56 - 0000000 ____D C:\Users\Jessica\Application Data\Creative
2011-10-20 22:39 - 2011-08-15 17:56 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Creative
2011-10-20 22:39 - 2011-08-15 17:43 - 0000000 ____D C:\Users\Jessica\Application Data\Macrovision
2011-10-20 22:39 - 2011-08-15 17:43 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Macrovision
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Stardock_Corporation
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Stardock_Corporation
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Application Data\Roxio
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Roxio
2011-10-20 22:39 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\Stardock_Corporation
2011-10-20 22:39 - 2011-01-29 17:12 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\Users\All Users\WildTangent
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\Users\All Users\Application Data\WildTangent
2011-10-20 22:39 - 2011-01-29 17:02 - 0000000 ____D C:\ProgramData\WildTangent
2011-10-20 22:39 - 2011-01-29 16:49 - 0000000 ____D C:\Windows\en
2011-10-20 22:39 - 2011-01-29 16:47 - 0000000 ____D C:\Program Files (x86)\Windows Live
2011-10-20 22:39 - 2011-01-29 16:46 - 0000000 ____D C:\Program Files\Windows Live
2011-10-20 22:38 - 2011-10-02 12:45 - 0000000 ____D C:\BigFishGamesCache
2011-10-20 22:38 - 2011-09-11 22:08 - 0000000 ____D C:\Program Files (x86)\HP
2011-10-20 22:38 - 2010-12-30 08:12 - 0000000 ____D C:\DELL
2011-10-20 22:37 - 2009-07-14 01:44 - 0000000 __RHD C:\Users\Public\Recorded TV
2011-10-20 22:37 - 2009-07-13 21:20 - 0000000 ___RD C:\users\Public
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\Local Settings\Panasonic
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\Panasonic
2011-10-20 22:36 - 2011-08-15 23:22 - 0000000 ____D C:\Users\Jessica\AppData\Local\Panasonic
2011-10-20 22:36 - 2011-08-15 16:54 - 0000000 ____D C:\Users\Jessica\Application Data\Adobe
2011-10-20 22:36 - 2011-08-15 16:54 - 0000000 ____D C:\Users\Jessica\AppData\Roaming\Adobe
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\Local Settings\Application Data\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:38 - 0000000 ____D C:\Users\Jessica\AppData\Local\SupportSoft
2011-10-20 22:36 - 2011-08-15 14:33 - 0000000 ____D C:\Users\Jessica\AppData\LocalLow
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\Users\All Users\Intuit
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\Users\All Users\Application Data\Intuit
2011-10-20 22:34 - 2011-08-24 16:08 - 0000000 ____D C:\ProgramData\Intuit
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\Users\All Users\Application Data\Apple Computer
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-10-20 22:34 - 2011-08-24 08:24 - 0000000 ____D C:\ProgramData\Apple Computer
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\Users\All Users\CyberLink
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\Users\All Users\Application Data\CyberLink
2011-10-20 22:34 - 2011-08-15 23:41 - 0000000 ____D C:\ProgramData\CyberLink
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\Users\All Users\Application Data\Apple
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\Users\All Users\Apple
2011-10-20 22:34 - 2011-08-15 23:23 - 0000000 ____D C:\ProgramData\Apple
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\Users\All Users\Uninstall
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\Users\All Users\Application Data\Uninstall
2011-10-20 22:34 - 2011-01-29 17:17 - 0000000 ____D C:\ProgramData\Uninstall
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\Users\All Users\Macrovision
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\Users\All Users\Application Data\Macrovision
2011-10-20 22:34 - 2011-01-29 17:16 - 0000000 ____D C:\ProgramData\Macrovision
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\Users\All Users\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\Users\All Users\Application Data\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:55 - 0000000 ____D C:\ProgramData\SupportSoft
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\Users\All Users\Dell
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\Users\All Users\Application Data\Dell
2011-10-20 22:34 - 2011-01-29 16:31 - 0000000 ____D C:\ProgramData\Dell
2011-10-19 15:49 - 2011-10-19 15:49 - 0000143 ___AH C:\Users\Jessica\Desktop\More Games at GameHouse.com.url
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\Application Data\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\WinRAR
2011-10-19 15:44 - 2011-10-19 15:44 - 0000000 ____D C:\Program Files (x86)\RealArcade
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\Local Settings\Windows Live
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Windows Live
2011-10-18 17:17 - 2011-08-15 17:53 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Windows Live
2011-10-17 22:17 - 2009-07-13 21:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-10-17 22:16 - 2011-01-29 16:44 - 0000561 ____A C:\Windows\DirectX.log
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\Local Settings\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-17 22:10 - 2011-10-17 22:10 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{11B3EC8F-20CC-4861-99AA-F085BD2170A8}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\Local Settings\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:08 - 2011-10-14 21:08 - 0000000 ___HD C:\Users\Jessica\AppData\Local\{316F4603-6BA6-4FFD-BF85-A36C951D8C0A}
2011-10-14 21:07 - 2011-08-15 23:39 - 0000000 ___HD C:\Users\Jessica\Tracing
2011-10-14 21:04 - 2011-01-29 16:43 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Apple Computer
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Local Settings\Apple Computer
2011-10-04 15:16 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Apple Computer
2011-10-03 18:59 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\Application Data\Apple Computer
2011-10-03 18:59 - 2011-08-27 15:09 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Apple Computer
2011-10-03 05:06 - 2011-10-24 22:33 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2011-10-03 05:06 - 2011-10-24 22:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2011-10-03 05:06 - 2011-10-24 22:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2011-10-03 05:06 - 2011-01-29 16:29 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2011-09-30 23:24 - 2011-10-13 09:01 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-09-30 22:42 - 2011-10-13 09:01 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-09-30 21:21 - 2011-10-13 09:01 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-09-30 20:59 - 2011-10-13 09:01 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-09-24 21:06 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\System32\NDF
2011-09-18 23:19 - 2011-09-18 23:19 - 0000241 ___AH C:\Users\Jessica\Desktop\HP Windows 7 Full Feature Printer Software alert 1.url
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\SoftThinks
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\SoftThinks
2011-09-18 22:32 - 2011-08-15 14:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\SoftThinks
2011-09-12 19:34 - 2011-09-12 19:34 - 0000000 ____D C:\PFS6_TMP
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\Users\All Users\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\Users\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000127 ___AH C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\Users\All Users\Panasonic
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\Users\All Users\Application Data\Panasonic
2011-09-12 19:33 - 2011-09-12 19:33 - 0000000 ___HD C:\ProgramData\Panasonic
2011-09-11 23:02 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Application Data\HP
2011-09-11 23:02 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\HP
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\Users\All Users\WEBREG
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\Users\All Users\Application Data\WEBREG
2011-09-11 22:40 - 2011-09-11 22:40 - 0000000 ___HD C:\ProgramData\WEBREG
2011-09-11 22:40 - 2011-09-11 22:04 - 0206517 ____A C:\Windows\hpoins49.dat
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\Users\All Users\hpzinstall.log
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\Users\All Users\Application Data\hpzinstall.log
2011-09-11 22:40 - 2011-09-11 22:04 - 0001224 ____A C:\ProgramData\hpzinstall.log
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\HP
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\HP
2011-09-11 22:37 - 2011-09-11 22:37 - 0000000 ___HD C:\Users\Jessica\AppData\Local\HP
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\Local Settings\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2011-08-15 14:33 - 0063104 ___AH C:\Users\Jessica\AppData\Local\GDIPFONTCACHEV1.DAT
2011-09-11 22:37 - 2009-07-13 20:34 - 0000438 ____A C:\Windows\win.ini
2011-09-11 22:14 - 2011-09-11 22:14 - 0000000 ____D C:\Program Files (x86)\Coupons
2011-09-11 22:13 - 2011-09-11 22:13 - 0001123 ____A C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001123 ____A C:\Users\All Users\Desktop\Shop for HP Supplies.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001063 ____A C:\Users\Public\Desktop\HP Photo Creations.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0001063 ____A C:\Users\All Users\Desktop\HP Photo Creations.lnk
2011-09-11 22:13 - 2011-09-11 22:13 - 0000000 ____D C:\Program Files (x86)\HP Photo Creations
2011-09-11 22:12 - 2011-09-11 22:12 - 0002061 ____A C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0001277 ____A C:\Users\Public\Desktop\HP Solution Center.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0001277 ____A C:\Users\All Users\Desktop\HP Solution Center.lnk
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\Users\All Users\HP Product Assistant
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\Users\All Users\Application Data\HP Product Assistant
2011-09-11 22:12 - 2011-09-11 22:12 - 0000000 ____D C:\ProgramData\HP Product Assistant
2011-09-11 22:11 - 2011-09-11 22:11 - 0001976 ____A C:\Users\Public\Desktop\HP ePrinterCenter.lnk
2011-09-11 22:11 - 2011-09-11 22:11 - 0001976 ____A C:\Users\All Users\Desktop\HP ePrinterCenter.lnk
2011-09-11 22:06 - 2011-09-11 22:06 - 0000000 ____D C:\Program Files\HP
2011-09-06 22:51 - 2011-09-06 22:51 - 3002967 ___AH C:\Users\Jessica\Downloads\do_your_chores_gbursett.pdf
2011-09-05 21:07 - 2011-10-13 09:01 - 3134976 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-08-31 21:07 - 2011-08-31 21:07 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-08-28 11:58 - 2011-08-28 11:58 - 0069402 ___AH C:\Users\Jessica\Downloads\61772754-Before-You-Speak-Think.pdf
2011-08-27 15:09 - 2011-08-27 15:09 - 0001745 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-08-27 15:09 - 2011-08-27 15:09 - 0001745 ____A C:\Users\All Users\Desktop\iTunes.lnk
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Users\All Users\Application Data\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files\iTunes
2011-08-27 15:09 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-08-27 15:08 - 2011-08-27 15:08 - 0000000 ____D C:\Program Files\iPod
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files\Bonjour
2011-08-27 15:06 - 2011-08-27 15:06 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-08-27 14:51 - 2011-08-15 14:37 - 0000072 ____A C:\Windows\SysWOW64\ToasterLauncherLog.log
2011-08-26 23:40 - 2011-10-13 09:01 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-08-26 23:40 - 2011-10-13 09:01 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-08-26 22:43 - 2011-10-13 09:01 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-08-26 22:43 - 2011-10-13 09:01 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-08-25 13:37 - 2011-08-25 13:37 - 0288678 ____A C:\Windows\msxml4-KB973688-enu.LOG
2011-08-25 13:37 - 2011-08-25 13:36 - 0294060 ____A C:\Windows\msxml4-KB954430-enu.LOG
2011-08-24 20:33 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\rescache
2011-08-24 19:01 - 2011-08-24 18:26 - 0000000 ___HD C:\Users\Jessica\Application Data\Google
2011-08-24 19:01 - 2011-08-24 18:26 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\All Users\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\Users\All Users\Application Data\Google
2011-08-24 18:26 - 2011-08-24 18:25 - 0000000 ___HD C:\ProgramData\Google
2011-08-24 18:25 - 2011-08-24 18:25 - 0000000 ____D C:\Program Files\Google
2011-08-24 16:15 - 2011-08-24 16:15 - 0000000 ____D C:\Program Files\Common Files\Intuit
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\SQL Anywhere 11
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Application Data\SQL Anywhere 11
2011-08-24 16:15 - 2011-08-24 16:08 - 0000000 ___HD C:\ProgramData\SQL Anywhere 11
2011-08-24 16:12 - 2011-08-24 16:08 - 0000095 ____A C:\Windows\QBChanUtil_Trigger.ini
2011-08-24 16:11 - 2011-08-24 16:11 - 0002396 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002215 ____A C:\Users\Public\Desktop\QuickBooks File Manager.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002215 ____A C:\Users\All Users\Desktop\QuickBooks File Manager.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002183 ____A C:\Users\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002143 ____A C:\Users\Public\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0002143 ____A C:\Users\All Users\Desktop\QuickBooks Premier - Accountant Edition 2011.lnk
2011-08-24 16:11 - 2011-08-24 16:11 - 0001992 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\Public\Documents\Intuit
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Documents\Intuit
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\Users\All Users\Application Data\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ___HD C:\ProgramData\Nuance
2011-08-24 16:08 - 2011-08-24 16:08 - 0000000 ____D C:\Program Files (x86)\Intuit
2011-08-24 16:07 - 2011-08-24 16:07 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-08-24 08:25 - 2011-08-24 08:25 - 0001807 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-08-24 08:25 - 2011-08-24 08:25 - 0001807 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2011-08-24 08:25 - 2011-08-15 23:24 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-08-24 08:08 - 2011-08-24 08:08 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-08-23 17:44 - 2011-08-23 17:44 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-08-19 23:45 - 2011-10-13 09:01 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-19 23:44 - 2011-10-13 09:01 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-19 23:44 - 2011-10-13 09:01 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-19 23:42 - 2011-10-13 09:01 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-19 23:41 - 2011-10-13 09:01 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-08-19 23:40 - 2011-10-13 09:01 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-19 23:37 - 2011-10-13 09:01 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-08-19 22:38 - 2011-10-13 09:01 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-19 22:38 - 2011-10-13 09:01 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-19 22:38 - 2011-10-13 09:01 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-19 22:36 - 2011-10-13 09:01 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-19 22:35 - 2011-10-13 09:01 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-08-19 22:34 - 2011-10-13 09:01 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-08-19 22:32 - 2011-10-13 09:01 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-08-19 22:20 - 2011-10-13 09:01 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-08-19 21:26 - 2011-10-13 09:01 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-08-18 10:34 - 2011-08-18 10:34 - 0000000 ____D C:\Windows\Intuit
2011-08-18 00:02 - 2011-08-17 22:20 - 567708432 ____A (Intuit, Inc. ) C:\Users\Jessica\Desktop\QuickBooksPremier2011.exe
2011-08-18 00:02 - 2011-08-17 22:20 - 0000000 ___HD C:\Users\Jessica\Application Data\Download Manager
2011-08-18 00:02 - 2011-08-17 22:20 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Download Manager
2011-08-17 23:42 - 2011-08-17 22:20 - 0001815 ____A C:\Users\Jessica\Desktop\Setup_QuickBooksPremier2011[1].lnk
2011-08-17 22:20 - 2011-08-17 22:20 - 0000000 ____D C:\Program Files (x86)\Akamai
2011-08-16 23:32 - 2011-10-13 09:01 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-08-16 23:27 - 2011-10-13 09:01 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-08-16 23:27 - 2011-10-13 09:01 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-08-16 22:26 - 2011-10-13 09:01 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-08-16 22:22 - 2011-10-13 09:01 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-08-16 22:22 - 2011-10-13 09:01 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-08-16 11:19 - 2011-08-16 11:02 - 0000000 ___HD C:\Users\Jessica\Desktop\Maple Springs Photos
2011-08-16 11:18 - 2011-08-16 11:18 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2011-08-16 00:06 - 2011-08-16 00:06 - 0001290 ____A C:\Users\Jessica\Desktop\Contacts - Shortcut.lnk
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\Local Settings\Application Data\Apple
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\Local Settings\Apple
2011-08-15 23:23 - 2011-08-15 23:23 - 0000000 ___HD C:\Users\Jessica\AppData\Local\Apple
2011-08-15 22:00 - 2011-08-15 22:00 - 0000000 ___HD C:\Users\Jessica\Application Data\InstallShield
2011-08-15 22:00 - 2011-08-15 22:00 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\InstallShield
2011-08-15 21:59 - 2011-08-15 21:59 - 0002436 ____A C:\Users\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:59 - 2011-08-15 21:59 - 0002143 ____A C:\Users\Public\Desktop\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:59 - 2011-08-15 21:59 - 0002143 ____A C:\Users\All Users\Desktop\PHOTOfunSTUDIO 6.0.lnk
2011-08-15 21:58 - 2011-08-15 21:58 - 0000000 ____D C:\Program Files (x86)\Panasonic
2011-08-15 21:58 - 2011-01-29 16:34 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-08-15 18:18 - 2011-08-15 18:18 - 0000000 ____D C:\Program Files (x86)\Cozi Express
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\Users\All Users\Cozi
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\Users\All Users\Application Data\Cozi
2011-08-15 18:18 - 2011-01-29 17:08 - 0000000 ___HD C:\ProgramData\Cozi
2011-08-15 17:57 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\Jessica\My Documents\Dell WebCam Central
2011-08-15 17:57 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\Jessica\Documents\Dell WebCam Central
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\All Users\Creative
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\Users\All Users\Application Data\Creative
2011-08-15 17:56 - 2011-08-15 17:56 - 0000000 ___HD C:\ProgramData\Creative
2011-08-15 17:22 - 2011-08-15 17:22 - 0002622 ____A C:\Users\Public\Desktop\WildTangent Games App - dell.lnk
2011-08-15 17:22 - 2011-08-15 17:22 - 0002622 ____A C:\Users\All Users\Desktop\WildTangent Games App - dell.lnk
2011-08-15 17:21 - 2011-08-15 17:21 - 0000000 ____D C:\Program Files (x86)\WildTangent Games
2011-08-15 17:18 - 2011-08-15 17:18 - 0000000 ___HD C:\Users\Jessica\Application Data\Macromedia
2011-08-15 17:18 - 2011-08-15 17:18 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Macromedia
2011-08-15 17:01 - 2009-07-13 21:20 - 0000000 __RHD C:\Users\Public\Libraries
2011-08-15 14:47 - 2011-08-15 14:47 - 0000000 ___HD C:\Users\Jessica\Application Data\CyberLink
2011-08-15 14:47 - 2011-08-15 14:47 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\CyberLink
2011-08-15 14:40 - 2011-08-15 14:39 - 0000000 __SHD C:\System Recovery
2011-08-15 14:39 - 2011-08-15 14:39 - 0000000 ___HD C:\Users\Jessica\Application Data\Dell
2011-08-15 14:39 - 2011-08-15 14:39 - 0000000 ___HD C:\Users\Jessica\AppData\Roaming\Dell
2011-08-15 14:38 - 2011-08-15 14:38 - 0001984 ____A C:\Users\Jessica\Start Menu\Programs\Startup\Dell Dock.lnk
2011-08-15 14:38 - 2011-08-15 14:38 - 0001984 ____A C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2011-08-15 14:38 - 2011-08-15 14:38 - 0000402 __ASH C:\Users\Jessica\My Documents\desktop.ini
2011-08-15 14:38 - 2011-08-15 14:38 - 0000174 ___SH C:\Users\Jessica\Start Menu\Programs\Startup\desktop.ini
2011-08-15 14:38 - 2011-08-15 14:38 - 0000174 ___SH C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-08-15 14:37 - 2009-07-13 21:18 - 0000000 __SHD C:\$RECYCLE.BIN
2011-08-15 14:33 - 2011-08-15 14:33 - 0000020 __ASH C:\Users\Jessica\ntuser.ini
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Templates
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Start Menu
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\PrintHood
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\NetHood
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Videos
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Pictures
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents\My Music
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\My Documents
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\History
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Application Data\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Local Settings\Application Data\History
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Videos
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Pictures
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\Documents\My Music
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\AppData\Local\Temporary Internet Files
2011-08-15 14:33 - 2011-08-15 14:33 - 0000000 __SHD C:\Users\Jessica\AppData\Local\History
2011-08-15 13:15 - 2009-07-13 23:01 - 0039252 ____A C:\Windows\SysWOW64\license.rtf
2011-08-15 13:15 - 2009-07-13 23:01 - 0039252 ____A C:\Windows\System32\license.rtf
2011-08-15 13:13 - 2011-01-29 18:07 - 0000000 ____D C:\Windows\Panther

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 3892.52 MB
Available physical RAM: 3312.78 MB
Total Pagefile: 3890.67 MB
Available Pagefile: 3296.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:399.73 GB) NTFS
2 Drive d: (Oct 17 2011) (CDROM) (Total:0.69 GB) (Free:0.06 GB) UDF
3 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.29 GB) NTFS
5 Drive g: () (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-11-02 09:44

======================= End Of Log ==========================
  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Download the enclosed file and save it in the USB drive. Overwrite the existing one.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt). Please post it in your next reply.

Attempt to boot in Normal Mode, If successful, run combofix as follows:

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If any of these applications will not uninstall, it is first recommended to uninstall it with AppRemover by Opswat. http://www.appremove...ed-applications. Do not use AppRemover on Norton

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
  • 0

#9
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry I was called away to a meeting. I will go through these steps when I get back. I also wanted to thank you for your attention to detail in your instructions. Very easy to follow.
  • 0

#10
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Houston we have lift off!!! The system booted up and started windows this time. I logged in and performed the steps you requested. After combofix was done running it went into restart mode. After restart a combofix log came up, it looks like the same as the combofix.txt. Let me know if you need me to send that or not. I also got an error prompt that came up on reboot. I have copied it here and after that I have added the combofix.txt contents.


Error (sorry couldn't paste the prompt)

C:\Window\system32\Gfxui.exe

A device attached to the system is not functioning.


Combofix.txt contents

ComboFix 11-11-08.02 - Jessica 11/08/2011 17:33:51.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2119 [GMT -7:00]
Running from: c:\users\Jessica\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
.
.
((((((((((((((((((((((((( Files Created from 2011-10-09 to 2011-11-09 )))))))))))))))))))))))))))))))
.
.
2011-11-09 00:58 . 2011-11-09 00:58 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D6C63E50-D1AA-4D18-9D68-BF0C78895765}\offreg.dll
2011-11-09 00:56 . 2011-11-09 00:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-09 00:21 . 2011-11-09 00:21 917840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25BE5775-2C0A-47DE-BD3B-AA71661B8F50}\gapaengine.dll
2011-11-09 00:21 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D6C63E50-D1AA-4D18-9D68-BF0C78895765}\mpengine.dll
2011-11-08 14:42 . 2011-11-08 18:37 -------- d-----w- C:\FRST
2011-11-07 07:30 . 2011-11-07 06:58 -------- d-----w- c:\programdata\Hitman Pro
2011-11-07 07:12 . 2011-11-07 06:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-07 05:58 . 2011-11-07 05:58 -------- d-----w- c:\users\Jessica\AppData\Roaming\Malwarebytes
2011-11-07 05:55 . 2011-11-07 05:55 -------- d-----w- c:\programdata\Malwarebytes
2011-11-07 05:45 . 2011-11-07 05:45 -------- d-----w- c:\program files (x86)\Trend Micro
2011-11-06 22:05 . 2011-11-07 13:22 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-11-06 22:05 . 2011-11-07 13:22 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-06 22:04 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-11-05 08:05 . 2011-11-05 08:05 -------- d-----w- c:\users\Jessica\AppData\Local\ElevatedDiagnostics
2011-11-05 02:37 . 2011-10-18 08:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{16653D9F-2D06-4BE9-A9E2-FAB70A5271BA}\mpengine.dll
2011-10-25 20:00 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-25 20:00 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 05:36 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-25 04:41 . 2011-10-25 04:41 -------- d-----w- c:\users\Jessica\AppData\Local\IsolatedStorage
2011-10-25 04:34 . 2011-10-25 04:34 -------- d-----w- c:\windows\Sun
2011-10-25 04:34 . 2011-11-07 12:50 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-25 02:17 . 2011-10-25 02:17 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-10-22 20:06 . 2011-10-22 20:06 -------- d-----w- c:\program files (x86)\DivX
2011-10-22 20:04 . 2011-10-22 20:04 -------- d-----w- c:\programdata\DivX
2011-10-22 20:03 . 2011-10-22 20:06 -------- d--h--w- c:\windows\AxInstSV
2011-10-21 04:44 . 2011-10-21 04:44 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-10-19 21:44 . 2011-10-19 21:44 -------- d-----w- c:\program files (x86)\RealArcade
2011-10-18 04:17 . 2011-10-18 04:17 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-18 04:14 . 2011-10-18 04:14 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\7c5bbae41cc8d4c03\MeshBetaRemover.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-03 11:06 . 2011-01-29 22:29 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-27 03:51 . 2011-08-20 09:56 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-09-27 03:50 . 2011-08-20 09:56 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-09-27 03:39 . 2011-08-20 09:21 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-09-27 03:39 . 2011-08-16 02:53 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-05 17:16 . 2011-08-16 03:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-09-05 17:15 . 2011-08-16 02:59 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-09-05 16:26 . 2011-08-16 02:53 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-09-05 16:26 . 2011-09-05 16:26 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-09-01 03:07 . 2011-09-01 03:07 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-08-25 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-06-14 1527128]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-09-19 560128]
.
c:\users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-6-30 5832536]
PHOTOfunSTUDIO 6.0.lnk - c:\program files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [2011-8-15 174064]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-7-6 1156968]
QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2011\QBW32.EXE [2011-7-6 1178984]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-25 136176]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-25 136176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-06-30 1248256]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-25 00:25]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-25 00:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-03 10038304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-04-02 3217056]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2011-11-08 18:03:45 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-09 01:03
.
Pre-Run: 429,035,790,336 bytes free
Post-Run: 430,332,145,664 bytes free
.
- - End Of File - - 1C9A6B063607B66E170259E0E683B56B
  • 0

#11
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
All looks clear. Remove Hitman Pro. It is unable to handle boot sector's infection. How is the computer doing?
  • 0

#12
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts

I also got an error prompt that came up on reboot. I have copied it here and after that I have added the combofix.txt contents.


Error (sorry couldn't paste the prompt)

C:\Window\system32\Gfxui.exe

A device attached to the system is not functioning.


Sorry, missed this. Is it happening on every boot?
  • 0

#13
shotmetrouble

shotmetrouble

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Everything appears to be working well. My wife was able to use her quickbooks and that was her main worry. I did not see hitman pro on my computer anywhere. Not sure what happened to it. Also, the error I posted only showed up after the very first reboot. I have not seen it again.

I have a few minor questions for you

1. What should I do with the combofix
2. Not sure what you had to do but did we remove all the malware that started this whole thing
3. With this being a public forum is there any information in those logs I posted that expose my wife's computer?


Thanks again though for all you have done. I thouhgt this was going to be an arduos reimage and installing all of the software again.
  • 0

#14
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Follow these steps to uninstall Combofix.

  • Rename Combofix to Uninstall and click on it. That should launch and remove the application.

Manually remove any tool left.

I would recommend a complete scan with an antivirus and antimalware. For an antivirus use Microsoft Essentials as it is already installed in the computer. For an antimalware follow these steps:

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

There is no usable information in the logs, other than the info we needed to remove the malware. There is no risk involved.
  • 0

#15
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP