Per your request ... thanks for your help!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:24:49 AM, on 6/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Netopia\C3kWepN.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\AT&T\AT&T Internet Security Suite\Rps.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Gamevance\gamevance32.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AT&T\Internet Security Wizard\ISWComHandler.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3061127
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file)
O2 - BHO: Gamevance - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\AT&T\AT&T Internet Security Suite\pkR.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Gamevance Text - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [C2kWep] C:\Program Files\Netopia\C3kWepN.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN
O4 - HKLM\..\Run: [AT&T Internet Security Suite] "C:\Program Files\AT&T\AT&T Internet Security Suite\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\AT&T\AT&T Internet Security Suite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Gamevance] C:\Program Files\Gamevance\gamevance32.exe a
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Santa's%20Super%20Friends/Images/stg_drm.ocx
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com/pirates/online/testAc...OnlineGames.cab
O16 - DPF: {5EB6A98B-F75B-4AC7-821D-BAD2C29D18C2} (CVALAXObj Class) - https://mycampus.phoenix.edu/support/tutori...load/CVALAX.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara.com/UI/proxyhttps.php?a...165026OneCC.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab
O16 - DPF: {7D492D61-303A-45C3-8A55-63449339943D} (CPlayFirstNightShiftControl Object) - http://p.playfirst.com/play/game/nightshif...Web.1.0.0.5.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.shockwave.com/content/burgersho...esPlayer_v5.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Santa's%20Super%20Friends/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://games.pogo.com/online2/pogo/astropo...aploader_v6.cab
O16 - DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} (CPlayFirstDreamChronControl Object) - http://p.playfirst.com/play/game/dreamchro...eb.1.0.0.13.cab
O16 - DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} (CPlayFirstMahjongRoaControl Object) - http://p.playfirst.com/play/game/mahjongro...eb.1.0.0.16.cab
O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) - http://www.shockwave.com/content/chocolati...Web.1.0.0.6.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Kodak AiO Device Service (KodakSvc) - SDSD - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: AT&T Internet Security Suite Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe
O23 - Service: AT&T Internet Security Suite AT&T Firewall (RP_FWS) - AT&T - C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 14206 bytes

hi

Download Rooter.exe to your desktop

• Then doubleclick it to start the tool
• A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here

Here's the requested file. Thanks again.

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:233617 Mo/Free:1409 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Sat 06/06/2009| 7:29

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\system32\LEXBCES.EXE
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\system32\LEXPPS.EXE
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\system32\cisvc.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
---------- C:\WINDOWS\eHome\ehRecvr.exe
---------- C:\WINDOWS\eHome\ehSched.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
---------- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
---------- C:\Program Files\iWin Games\iWinTrusted.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Kodak\printer\center\KodakSvc.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
---------- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
---------- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\ehome\mcrdsvc.exe
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\WINDOWS\stsystra.exe
---------- C:\WINDOWS\system32\igfxpers.exe
---------- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
---------- C:\WINDOWS\system32\igfxtray.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\WINDOWS\ehome\ehtray.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\dllhost.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\DLA\DLACTRLW.EXE
---------- C:\Program Files\Netopia\C3kWepN.exe
---------- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
---------- C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
---------- C:\Program Files\AT&T\AT&T Internet Security Suite\Rps.exe
---------- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
---------- C:\WINDOWS\eHome\ehmsas.exe
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\Program Files\Gamevance\gamevance32.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
---------- C:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
---------- C:\Program Files\AT&T\Internet Security Wizard\ISWComHandler.exe
---------- C:\Program Files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe
---------- C:\Program Files\Java\jre6\bin\jucheck.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\WINDOWS\system32\cidaemon.exe
---------- C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\YCEREI4S\Rooter[1].exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sat 06/06/2009| 7:31

----------------------\\ Scan completed at 7:31

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]When the window appears, underneath Output at the top change it to Minimal Output.
[*]Check the boxes beside LOP Check and Purity Check.
[*]Under Custom Scan paste this in

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\System32\antiwpa.dll
%systemroot%\SYSTEM32\wpa.dll
%systemroot%\setup\scripts\biestart.exe
%systemroot%\system32\drivers\royal.sys
%SYSTEMDRIVE%\*.
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.


[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

[/list]

I'm confused. I ran the other scan, are you asking me to run the scan again? It doesn't give me any options that you referred to. Help (sorry I don't understand what you want me to do)!

sorry do this

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Under Custom Scan paste this in
  
  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  drivers32
  %systemroot%\System32\antiwpa.dll
  %systemroot%\SYSTEM32\wpa.dll
  %systemroot%\setup\scripts\biestart.exe
  %systemroot%\system32\drivers\royal.sys
  %SYSTEMDRIVE%\*.
  %SYSTEMDRIVE%\*.*
  %PROGRAMFILES%\*.
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Here are the scan files

OTL logfile created on: 6/6/2009 6:01:20 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Lloyd blauen\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.84 Mb Total Physical Memory | 535.52 Mb Available Physical Memory | 52.82% Memory free
2.38 Gb Paging File | 1.81 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.14 Gb Total Space | 189.17 Gb Free Space | 82.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BONNIE
Current User Name: Lloyd blauen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe (AT&T)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (Authentium, Inc.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (CA, Inc.)
PRC - C:\Program Files\iWin Games\iWinTrusted.exe (iWin Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Kodak\printer\center\KodakSvc.exe (SDSD)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe (ExtendMedia Inc.)
PRC - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\Netopia\C3kWepN.exe (Netopia, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\AT&T\Internet Security Wizard\ISW.exe (AT&T)
PRC - C:\Program Files\AT&T\AT&T Internet Security Suite\Rps.exe (AT&T)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Gamevance\gamevance32.exe ()
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\AT&T\Internet Security Wizard\ISWComHandler.exe (Radialpoint Inc.)
PRC - C:\Program Files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe (Radialpoint Inc.)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\cidaemon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\bfgclient\bfggameservices.exe ()
PRC - C:\Documents and Settings\Lloyd blauen\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dvpapi [Auto | Running]) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (Authentium, Inc.)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (GoToAssist [On_Demand | Stopped]) -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (ITMRTSVC [Auto | Running]) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (CA, Inc.)
SRV - (iWinTrusted [Auto | Running]) -- C:\Program Files\iWin Games\iWinTrusted.exe (iWin Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KodakCCS [On_Demand | Stopped]) -- File not found
SRV - (KodakSvc [Auto | Running]) -- C:\Program Files\Kodak\printer\center\KodakSvc.exe (SDSD)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (OpenCASE Media Agent [Auto | Running]) -- C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe (ExtendMedia Inc.)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PDAgent [Auto | Running]) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
SRV - (PDEngine [On_Demand | Stopped]) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)
SRV - (RPSUpdaterR [On_Demand | Running]) -- C:\Program Files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe (Radialpoint Inc.)
SRV - (RP_FWS [Auto | Running]) -- C:\Program Files\AT&T\AT&T Internet Security Suite\Fws.exe (AT&T)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (AnyDVD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (atksgt [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\atksgt.sys ()
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (CSS DVP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\css-dvp.sys (Authentium, Inc)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DefragFS [Boot | Running]) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (ElbyCDFL [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (lirsgt [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\lirsgt.sys ()
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NAL [On_Demand | Stopped]) -- C:\WINDOWS\system32\Drivers\iqvw32.sys (Intel Corporation )
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PCANDIS5 [On_Demand | Running]) -- C:\WINDOWS\system32\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (RPPKT [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys (Radialpoint, Inc.)
DRV - (RPSKT [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\rp_skt32.sys (Radialpoint Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (StarOpen [System | Running]) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (SWLD23U [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SWLD23U.sys (SAMSUNG Electro-Mechanics Co.,Ltd.)
DRV - (swlubtl [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\swlubtl.sys (Samsung Electro-Mechanics )
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3061127
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk-rel...html?channel=us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
IE - URLSearchHook: {ce0c2586-da36-452b-acdb-320d9bcb19bf} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.att.net/"

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/09 09:43:42 | 00,000,000 | ---D | M]

[2008/02/02 18:28:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\mozilla\Firefox\Profiles\vzy0j39g.default\extensions
[2008/02/02 18:35:30 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Application Data\Mozilla\FireFox\Profiles\vzy0j39g.default\searchplugins\siteadvisor.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Gamevance) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\AT&T\AT&T Internet Security Suite\pkR.dll (Radialpoint Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Gamevance Text) - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll (Gamevance LLC)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AT&T Internet Security Suite] "C:\Program Files\AT&T\AT&T Internet Security Suite\Rps.exe" (AT&T)
O4 - HKLM..\Run: [C2kWep] C:\Program Files\Netopia\C3kWepN.exe (Netopia, Inc.)
O4 - HKLM..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s (SlySoft, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [-FreedomNeedsReboot] "C:\Program Files\AT&T\AT&T Internet Security Suite\ZkRunOnceR.exe" (AT&T)
O4 - HKLM..\Run: [Gamevance] C:\Program Files\Gamevance\gamevance32.exe a ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN (AT&T)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries0000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Santa's%20Super%20Friends/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} http://disney.go.com/pirates/online/testAc...OnlineGames.cab (Disney Online Games ActiveX Control)
O16 - DPF: {5EB6A98B-F75B-4AC7-821D-BAD2C29D18C2} https://mycampus.phoenix.edu/support/tutori...load/CVALAX.CAB (CVALAXObj Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} https://as00.estara.com/UI/proxyhttps.php?a...165026OneCC.cab (OneCCCtl Class)
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {7D492D61-303A-45C3-8A55-63449339943D} http://p.playfirst.com/play/game/nightshif...Web.1.0.0.5.cab (CPlayFirstNightShiftControl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/download/bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://www.shockwave.com/content/burgersho...esPlayer_v5.cab (GoBit Games Player)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Santa's%20Super%20Friends/Images/armhelper.ocx (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://games.pogo.com/online2/pogo/astropo...aploader_v6.cab (Reg Error: Key error.)
O16 - DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} http://p.playfirst.com/play/game/dreamchro...eb.1.0.0.13.cab (CPlayFirstDreamChronControl Object)
O16 - DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} http://p.playfirst.com/play/game/mahjongro...eb.1.0.0.16.cab (CPlayFirstMahjongRoaControl Object)
O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} http://www.shockwave.com/content/chocolati...Web.1.0.0.6.cab (CPlayFirstChocolatieControl Object)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\httpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\httpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\system32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/06 18:00:46 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
NetSvcs: 6to4 -
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll (Microsoft Corporation)
NetSvcs: AudioSrv - C:\WINDOWS\System32\audiosrv.dll (Microsoft Corporation)
NetSvcs: Browser - C:\WINDOWS\System32\browser.dll (Microsoft Corporation)
NetSvcs: CryptSvc - C:\WINDOWS\System32\cryptsvc.dll (Microsoft Corporation)
NetSvcs: DMServer - C:\WINDOWS\System32\dmserver.dll (Microsoft Corp.)
NetSvcs: DHCP - C:\WINDOWS\System32\dhcpcsvc.dll (Microsoft Corporation)
NetSvcs: ERSvc - C:\WINDOWS\System32\ersvc.dll (Microsoft Corporation)
NetSvcs: EventSystem - C:\WINDOWS\system32\es.dll (Microsoft Corporation)
NetSvcs: FastUserSwitchingCompatibility - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll (Microsoft Corporation)
NetSvcs: Ias -
NetSvcs: Iprip -
NetSvcs: Irmon -
NetSvcs: LanmanServer - C:\WINDOWS\System32\srvsvc.dll (Microsoft Corporation)
NetSvcs: LanmanWorkstation - C:\WINDOWS\System32\wkssvc.dll (Microsoft Corporation)
NetSvcs: Messenger - C:\WINDOWS\System32\msgsvc.dll (Microsoft Corporation)
NetSvcs: Netman - C:\WINDOWS\System32\netman.dll (Microsoft Corporation)
NetSvcs: Nla - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
NetSvcs: Ntmssvc - C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation -
NetSvcs: Nwsapagent -
NetSvcs: Rasauto - C:\WINDOWS\System32\rasauto.dll (Microsoft Corporation)
NetSvcs: Rasman - C:\WINDOWS\System32\rasmans.dll (Microsoft Corporation)
NetSvcs: Remoteaccess - C:\WINDOWS\System32\mprdim.dll (Microsoft Corporation)
NetSvcs: Schedule - C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)
NetSvcs: Seclogon - C:\WINDOWS\System32\seclogon.dll (Microsoft Corporation)
NetSvcs: SENS - C:\WINDOWS\system32\sens.dll (Microsoft Corporation)
NetSvcs: Sharedaccess - C:\WINDOWS\System32\ipnathlp.dll (Microsoft Corporation)
NetSvcs: SRService - C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)
NetSvcs: Tapisrv - C:\WINDOWS\System32\tapisrv.dll (Microsoft Corporation)
NetSvcs: Themes - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: TrkWks - C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)
NetSvcs: W32Time - C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)
NetSvcs: WZCSVC - C:\WINDOWS\System32\wzcsvc.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\WINDOWS\System32\advapi32.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -
NetSvcs: winmgmt - C:\WINDOWS\system32\wbem\WMIsvc.dll (Microsoft Corporation)
NetSvcs: wscsvc - C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)
NetSvcs: xmlprov - C:\WINDOWS\System32\xmlprov.dll (Microsoft Corporation)
NetSvcs: MHN - C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
NetSvcs: BITS - C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)
NetSvcs: ShellHWDetection - C:\WINDOWS\System32\shsvcs.dll (Microsoft Corporation)
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: WmdmPmSN - C:\WINDOWS\system32\MsPMSNSv.dll (Microsoft Corporation)
NetSvcs: napagent - C:\WINDOWS\System32\qagentrt.dll (Microsoft Corporation)
NetSvcs: hkmsvc - C:\WINDOWS\System32\kmsvc.dll (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AppMgmt - (Microsoft Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CryptSvc - (Microsoft Corporation)
SafeBootMin: DcomLaunch - (Microsoft Corporation)
SafeBootMin: dmadmin - (Microsoft Corp., Veritas Software)
SafeBootMin: dmboot.sys - (Microsoft Corp., Veritas Software)
SafeBootMin: dmio.sys - (Microsoft Corp., Veritas Software)
SafeBootMin: dmload.sys - (Microsoft Corp., Veritas Software.)
SafeBootMin: dmserver - (Microsoft Corp.)
SafeBootMin: EventLog - (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - (Microsoft Corporation)
SafeBootMin: Lavasoft Ad-Aware Service - (Lavasoft)
SafeBootMin: Netlogon - (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PlugPlay - (Microsoft Corporation)
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcSs - (Microsoft Corporation)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: sr.sys - (Microsoft Corporation)
SafeBootMin: SRService - (Microsoft Corporation)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: vgasave.sys - (Microsoft Corporation)
SafeBootMin: WdfLoadGroup -
SafeBootMin: WinMgmt - (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AFD - (Microsoft Corporation)
SafeBootNet: AppMgmt - (Microsoft Corporation)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - (Microsoft Corporation)
SafeBootNet: CryptSvc - (Microsoft Corporation)
SafeBootNet: DcomLaunch - (Microsoft Corporation)
SafeBootNet: Dhcp - (Microsoft Corporation)
SafeBootNet: dmadmin - (Microsoft Corp., Veritas Software)
SafeBootNet: dmboot.sys - (Microsoft Corp., Veritas Software)
SafeBootNet: dmio.sys - (Microsoft Corp., Veritas Software)
SafeBootNet: dmload.sys - (Microsoft Corp., Veritas Software.)
SafeBootNet: dmserver - (Microsoft Corp.)
SafeBootNet: DnsCache - (Microsoft Corporation)
SafeBootNet: EventLog - (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - (Microsoft Corporation)
SafeBootNet: ip6fw.sys - (Microsoft Corporation)
SafeBootNet: ipnat.sys - (Microsoft Corporation)
SafeBootNet: LanmanServer - (Microsoft Corporation)
SafeBootNet: LanmanWorkstation - (Microsoft Corporation)
SafeBootNet: Lavasoft Ad-Aware Service - (Lavasoft)
SafeBootNet: LmHosts - (Microsoft Corporation)
SafeBootNet: Messenger - (Microsoft Corporation)
SafeBootNet: NDIS - (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: Ndisuio - (Microsoft Corporation)
SafeBootNet: NetBIOS - (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetBT - (Microsoft Corporation)
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Netlogon - (Microsoft Corporation)
SafeBootNet: NetMan - (Microsoft Corporation)
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NtLmSsp - (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PlugPlay - (Microsoft Corporation)
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpcdd.sys - (Microsoft Corporation)
SafeBootNet: rdpdd.sys - (Microsoft Corporation)
SafeBootNet: rdpwd.sys - (Microsoft Corporation)
SafeBootNet: rdsessmgr - (Microsoft Corporation)
SafeBootNet: RpcSs - (Microsoft Corporation)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: SharedAccess - (Microsoft Corporation)
SafeBootNet: sr.sys - (Microsoft Corporation)
SafeBootNet: SRService - (Microsoft Corporation)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: Tcpip - (Microsoft Corporation)
SafeBootNet: TDI - Driver Group
SafeBootNet: tdpipe.sys - (Microsoft Corporation)
SafeBootNet: tdtcp.sys - (Microsoft Corporation)
SafeBootNet: termservice - (Microsoft Corporation)
SafeBootNet: vga.sys - Driver
SafeBootNet: vgasave.sys - (Microsoft Corporation)
SafeBootNet: WdfLoadGroup -
SafeBootNet: WinMgmt - (Microsoft Corporation)
SafeBootNet: WZCSVC - (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
Drivers32: midi - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\system32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\L3CODECA.ACM (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\system32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\system32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\system32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\system32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\system32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\system32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\system32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\system32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\system32\DivX.dll (DivX, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\system32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\system32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\system32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\system32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\system32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\system32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\system32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\WINDOWS\system32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\*.tmp files]
[2009/06/06 18:00:46 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lloyd blauen\Desktop\OTL.exe
[2009/06/06 17:00:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/06/06 15:16:30 | 00,001,558 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2009/06/06 15:15:57 | 00,000,000 | ---D | C] -- C:\Program Files\Mystery in London
[2009/06/06 12:28:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\3rd Eye Solutions
[2009/06/06 12:17:35 | 00,001,725 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Book of Legends.lnk
[2009/06/06 11:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickClick
[2009/06/06 11:34:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Product
[2009/06/06 07:27:31 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/06 07:27:10 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Rooter.exe
[2009/06/05 07:24:41 | 00,000,000 | ---D | C] -- C:\Program Files\iWin Games
[2009/06/04 07:27:16 | 00,001,600 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Antique Shop.lnk
[2009/06/04 07:27:01 | 00,000,000 | ---D | C] -- C:\Program Files\Antique Shop
[2009/06/03 06:41:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\cupcakecafe
[2009/06/03 06:41:09 | 00,001,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Jessica's Cupcake Cafe.lnk
[2009/06/03 06:40:56 | 00,000,000 | ---D | C] -- C:\Program Files\Jessica's Cupcake Cafe
[2009/06/03 06:23:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/03 06:22:34 | 00,001,473 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Shortcut to AUTOBACK.lnk
[2009/06/02 08:09:27 | 00,001,131 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Delicious - Emilys Taste of Fame Deluxe.lnk
[2009/06/02 08:00:40 | 00,001,624 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Pet Playground.lnk
[2009/06/02 08:00:19 | 00,000,000 | ---D | C] -- C:\Program Files\Pet Playground
[2009/05/31 21:32:26 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/05/31 11:45:06 | 00,001,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Supermarket Management.lnk
[2009/05/31 11:44:50 | 00,000,000 | ---D | C] -- C:\Program Files\Supermarket Management
[2009/05/31 11:24:03 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/31 11:23:56 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/05/31 11:19:03 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/05/31 11:19:02 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/05/31 11:18:52 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/05/29 17:53:15 | 00,000,000 | ---- | C] () -- C:\20090529215315050.loc
[2009/05/29 17:53:14 | 00,000,000 | ---- | C] () -- C:\20090529215314894.loc
[2009/05/29 17:53:06 | 00,000,000 | ---- | C] () -- C:\20090529215306144.loc
[2009/05/29 14:16:53 | 00,000,000 | ---- | C] () -- C:\20090529181653812.loc
[2009/05/29 14:16:53 | 00,000,000 | ---- | C] () -- C:\20090529181653625.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | C] () -- C:\20090529181540375.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | C] () -- C:\20090529181540250.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | C] () -- C:\20090529181407515.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | C] () -- C:\20090529181407406.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | C] () -- C:\20090529181246843.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | C] () -- C:\20090529181246531.loc
[2009/05/29 08:52:16 | 00,002,064 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Wedding Dash - Ready Aim Love.lnk
[2009/05/29 08:52:16 | 00,001,288 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Get More Games at PlayFirst.com.lnk
[2009/05/28 17:00:52 | 00,000,000 | ---D | C] -- C:\Program Files\Gamevance
[2009/05/28 16:47:10 | 00,000,000 | ---- | C] () -- C:\20090528204710824.loc
[2009/05/28 16:47:09 | 00,000,000 | ---- | C] () -- C:\20090528204709528.loc
[2009/05/28 16:46:55 | 00,000,000 | ---- | C] () -- C:\20090528204655638.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | C] () -- C:\20090528202957895.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | C] () -- C:\20090528202957739.loc
[2009/05/28 16:29:51 | 00,000,000 | ---- | C] () -- C:\20090528202951348.loc
[2009/05/28 16:29:34 | 00,000,000 | ---- | C] () -- C:\20090528202934256.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | C] () -- C:\20090528202631797.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | C] () -- C:\20090528202631547.loc
[2009/05/28 16:21:16 | 00,000,000 | ---- | C] () -- C:\20090528202116068.loc
[2009/05/28 16:21:15 | 00,000,000 | ---- | C] () -- C:\20090528202115896.loc
[2009/05/28 16:21:09 | 00,000,000 | ---- | C] () -- C:\20090528202109318.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | C] () -- C:\20090528201742552.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | C] () -- C:\20090528201742395.loc
[2009/05/28 16:16:09 | 00,000,000 | ---- | C] () -- C:\20090528201609058.loc
[2009/05/28 16:16:08 | 00,000,000 | ---- | C] () -- C:\20090528201608902.loc
[2009/05/28 16:16:04 | 00,000,000 | ---- | C] () -- C:\20090528201604512.loc
[2009/05/28 16:08:05 | 00,000,000 | ---- | C] () -- C:\20090528200805983.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | C] () -- C:\20090528200600352.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | C] () -- C:\20090528200600133.loc
[2009/05/28 16:04:34 | 00,000,000 | ---- | C] () -- C:\20090528200434937.loc
[2009/05/28 16:03:56 | 00,000,000 | ---- | C] () -- C:\20090528200356284.loc
[2009/05/28 14:04:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\My Documents\MissTeriTale2
[2009/05/28 13:14:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\Artogon
[2009/05/28 12:56:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\IronCode
[2009/05/28 09:15:57 | 00,065,536 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\dell order
[2009/05/28 09:13:17 | 00,000,000 | ---- | C] () -- C:\20090528131317468.loc
[2009/05/27 10:09:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\Mean Hamster
[2009/05/27 10:09:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mean Hamster
[2009/05/27 10:09:03 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Play Ye Olde Sandwich Shoppe.lnk
[2009/05/27 10:08:45 | 00,000,000 | ---D | C] -- C:\Program Files\Ye Olde Sandwich Shoppe
[2009/05/26 17:28:52 | 00,138,752 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\My Documents\FFPP WALKTHRU.doc
[2009/05/26 17:17:27 | 00,000,000 | ---- | C] () -- C:\20090526211727514.loc
[2009/05/26 14:52:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Desktop\FAMILY PICTURES
[2009/05/26 13:09:40 | 00,001,697 | ---- | C] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Realore Game World.lnk
[2009/05/25 17:02:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\XLab
[2009/05/25 13:57:07 | 00,000,000 | ---D | C] -- C:\Program Files\3 Days - Zoo Mystery
[2009/05/24 12:10:33 | 00,000,000 | ---D | C] -- C:\Program Files\Hidden Mysteries - Civil War
[2009/05/22 12:58:20 | 00,000,000 | ---D | C] -- C:\Program Files\Righteous Kill 2 - Revenge of the Poet Killer
[2009/05/21 09:03:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\Righteous Kill
[2009/05/20 14:04:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2
[2009/05/20 13:14:05 | 00,000,000 | ---D | C] -- C:\Program Files\Legacy Interactive
[2009/05/20 13:11:41 | 00,000,000 | ---D | C] -- C:\Program Files\Pretty In Pink
[2009/05/20 11:42:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\Bigfish 3 Days Zoo Mystery
[2009/05/17 07:34:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\YoudaGames
[2009/05/17 07:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\My Documents\Slapdash Games
[2009/05/17 07:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Slapdash Games
[2009/05/17 07:08:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Slapdash Games
[2009/05/17 07:03:07 | 00,000,000 | ---D | C] -- C:\Program Files\Yard Sale Hidden Treasures - Lucky Junction
[2009/05/15 07:03:22 | 00,000,000 | ---D | C] -- C:\Program Files\Mystic Emporium
[2009/05/12 12:28:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/05/10 08:17:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lloyd blauen\Application Data\Enchanted Katya
[2009/05/10 08:16:06 | 00,000,000 | ---D | C] -- C:\Program Files\Enchanted Katya and the Mystery of the Lost Wizard
[2008/11/29 16:15:53 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008/11/29 16:15:52 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008/11/19 18:46:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Curses.INI
[2008/03/29 18:22:57 | 00,000,351 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/12/09 10:15:37 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2007/12/09 10:15:37 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2007/10/20 21:30:12 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\EKDeviceServices.dll
[2007/10/19 15:12:26 | 00,000,020 | ---- | C] () -- C:\WINDOWS\DropTarget.INI
[2007/08/24 18:18:38 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\imgman31.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/04/22 20:15:29 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/04/22 20:01:47 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/03/05 14:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/02/28 16:51:12 | 00,000,070 | ---- | C] () -- C:\WINDOWS\DBA93D59.ini
[2007/02/20 14:07:56 | 00,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/02/05 05:44:13 | 00,002,984 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/02/05 05:44:13 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\29EB6B541F.sys
[2007/01/03 17:27:19 | 00,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/20 11:28:10 | 00,000,204 | ---- | C] () -- C:\WINDOWS\CS_MD_T.ini
[2006/11/29 17:26:54 | 00,000,091 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/11/29 17:20:07 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/11/29 17:19:47 | 00,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/11/29 17:19:46 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/11/27 01:42:53 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/27 01:36:38 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/27 01:32:15 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/11/27 01:04:56 | 00,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2006/11/27 01:04:56 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2006/11/27 01:03:38 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 02:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 05:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:18:43 | 00,000,491 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/16 05:18:41 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

========== Files - Modified Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/06/06 18:00:47 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lloyd blauen\Desktop\OTL.exe
[2009/06/06 15:16:30 | 00,001,558 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\More Great Games.lnk
[2009/06/06 12:17:35 | 00,001,725 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Book of Legends.lnk
[2009/06/06 11:54:51 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/06 11:54:24 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Lloyd blauen\Local Settings\desktop.ini
[2009/06/06 11:54:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/06 11:54:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/06 11:54:21 | 10,631,65952 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/06 09:04:54 | 04,165,632 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\My Documents\oct2007.mny
[2009/06/06 09:04:49 | 00,753,344 | R--- | M] () -- C:\Documents and Settings\Lloyd blauen\My Documents\oct2007 Backup.mbf
[2009/06/06 07:27:11 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Rooter.exe
[2009/06/04 07:27:16 | 00,001,600 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Antique Shop.lnk
[2009/06/03 06:41:09 | 00,001,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Jessica's Cupcake Cafe.lnk
[2009/06/03 06:22:34 | 00,001,473 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Shortcut to AUTOBACK.lnk
[2009/06/02 08:09:27 | 00,001,131 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Delicious - Emilys Taste of Fame Deluxe.lnk
[2009/06/02 08:00:40 | 00,001,624 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Pet Playground.lnk
[2009/06/01 11:23:27 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/31 11:45:06 | 00,001,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Supermarket Management.lnk
[2009/05/31 11:40:04 | 00,000,450 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2009/05/31 11:23:43 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/05/31 11:23:11 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/05/31 11:19:02 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/05/29 17:58:08 | 00,327,680 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/05/29 17:57:28 | 00,518,144 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/05/29 17:53:15 | 00,000,000 | ---- | M] () -- C:\20090529215315050.loc
[2009/05/29 17:53:14 | 00,000,000 | ---- | M] () -- C:\20090529215314894.loc
[2009/05/29 17:53:06 | 00,000,000 | ---- | M] () -- C:\20090529215306144.loc
[2009/05/29 15:06:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2009/05/29 14:16:53 | 00,000,000 | ---- | M] () -- C:\20090529181653812.loc
[2009/05/29 14:16:53 | 00,000,000 | ---- | M] () -- C:\20090529181653625.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | M] () -- C:\20090529181540375.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | M] () -- C:\20090529181540250.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | M] () -- C:\20090529181407515.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | M] () -- C:\20090529181407406.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | M] () -- C:\20090529181246843.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | M] () -- C:\20090529181246531.loc
[2009/05/29 08:52:16 | 00,002,064 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Wedding Dash - Ready Aim Love.lnk
[2009/05/29 08:52:16 | 00,001,288 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Get More Games at PlayFirst.com.lnk
[2009/05/28 16:47:10 | 00,000,000 | ---- | M] () -- C:\20090528204710824.loc
[2009/05/28 16:47:09 | 00,000,000 | ---- | M] () -- C:\20090528204709528.loc
[2009/05/28 16:46:55 | 00,000,000 | ---- | M] () -- C:\20090528204655638.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | M] () -- C:\20090528202957895.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | M] () -- C:\20090528202957739.loc
[2009/05/28 16:29:51 | 00,000,000 | ---- | M] () -- C:\20090528202951348.loc
[2009/05/28 16:29:34 | 00,000,000 | ---- | M] () -- C:\20090528202934256.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | M] () -- C:\20090528202631797.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | M] () -- C:\20090528202631547.loc
[2009/05/28 16:21:16 | 00,000,000 | ---- | M] () -- C:\20090528202116068.loc
[2009/05/28 16:21:15 | 00,000,000 | ---- | M] () -- C:\20090528202115896.loc
[2009/05/28 16:21:09 | 00,000,000 | ---- | M] () -- C:\20090528202109318.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | M] () -- C:\20090528201742552.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | M] () -- C:\20090528201742395.loc
[2009/05/28 16:16:09 | 00,000,000 | ---- | M] () -- C:\20090528201609058.loc
[2009/05/28 16:16:08 | 00,000,000 | ---- | M] () -- C:\20090528201608902.loc
[2009/05/28 16:16:04 | 00,000,000 | ---- | M] () -- C:\20090528201604512.loc
[2009/05/28 16:08:05 | 00,000,000 | ---- | M] () -- C:\20090528200805983.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | M] () -- C:\20090528200600352.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | M] () -- C:\20090528200600133.loc
[2009/05/28 16:04:34 | 00,000,000 | ---- | M] () -- C:\20090528200434937.loc
[2009/05/28 16:03:56 | 00,000,000 | ---- | M] () -- C:\20090528200356284.loc
[2009/05/28 09:16:02 | 00,065,536 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\dell order
[2009/05/28 09:13:17 | 00,000,000 | ---- | M] () -- C:\20090528131317468.loc
[2009/05/27 10:09:03 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play Ye Olde Sandwich Shoppe.lnk
[2009/05/27 10:05:06 | 00,001,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Play My Games.lnk
[2009/05/26 17:37:29 | 00,052,040 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Application Data\wklnhst.dat
[2009/05/26 17:28:53 | 00,138,752 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\My Documents\FFPP WALKTHRU.doc
[2009/05/26 17:22:45 | 00,002,317 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Microsoft Word.lnk
[2009/05/26 17:17:27 | 00,000,000 | ---- | M] () -- C:\20090526211727514.loc
[2009/05/26 13:09:40 | 00,001,697 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Realore Game World.lnk
[2009/05/22 14:31:23 | 00,310,784 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\FarmFrenzyPizza.doc
[2009/05/15 07:03:40 | 00,001,645 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\Play More Games.lnk
[2009/05/13 12:13:39 | 00,156,672 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\Desktop\farmfrenzy2levelwalkthru.doc
[2009/05/11 11:57:26 | 00,014,208 | ---- | M] () -- C:\Documents and Settings\Lloyd blauen\My Documents\prf.dat

========== LOP Check ==========

[2009/06/06 12:28:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/05/31 11:19:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2008/03/25 17:26:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3 Blokes Studios
[2009/06/06 12:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\3rd Eye Solutions
[2008/09/08 14:11:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Absolutist
[2009/04/07 09:54:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/07/18 11:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2009/06/01 12:23:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2008/03/06 14:17:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aliasworlds
[2007/10/06 09:57:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/09/08 09:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2008/12/24 10:13:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2008/12/11 10:03:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashtons. Family Resort
[2008/03/25 08:22:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2008/05/19 08:26:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2007/10/28 09:18:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BellSouth
[2008/01/18 09:04:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFish
[2009/01/08 10:14:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishGames
[2009/06/06 15:42:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2009/01/28 13:44:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2008/12/16 16:15:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Burger Island 2
[2007/11/28 08:10:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Christmasville
[2007/12/23 10:53:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2006/11/27 01:27:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2009/06/06 17:10:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cupcakecafe
[2007/11/28 06:12:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2008/06/04 08:26:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigitalChocolate
[2008/11/17 12:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivoGames
[2008/01/17 10:07:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2009/01/02 06:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eGames
[2007/01/17 16:21:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2009/01/06 11:26:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ERS G-Studio
[2008/05/17 08:59:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Escape From Paradise
[2008/05/02 22:55:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
[2008/07/18 16:59:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ExtendMedia
[2008/07/14 21:11:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2009/01/13 12:57:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy-PizzaParty
[2008/03/21 08:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
[2008/06/27 09:12:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fitn17
[2008/05/30 11:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007/10/03 12:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames
[2008/06/29 08:37:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreshGames
[2007/12/18 14:29:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Friday's games
[2009/01/18 09:27:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2008/05/23 11:47:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2008/01/31 09:03:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet
[2008/09/22 14:56:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2009/03/03 09:56:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/06/06 12:28:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2008/02/02 15:01:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008/10/25 15:08:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grey Alien Games
[2006/11/27 01:37:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2007/12/27 22:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HiddenSecretsNightmare
[2008/07/14 16:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hot Lava Games
[2009/03/15 14:43:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HoverBee Studios
[2006/11/27 01:33:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2008/10/10 07:56:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2008/12/10 12:19:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterAction studios
[2009/02/22 09:22:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2009/04/22 07:50:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2008/02/23 16:24:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/10/20 21:46:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2008/01/17 10:59:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2008/09/17 16:57:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2007/10/03 19:32:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
[2008/11/01 23:49:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Legendo
[2008/05/22 14:01:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lifetime
[2008/01/04 07:57:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2007/10/02 00:18:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008/10/11 08:30:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Longbow Digital Arts
[2008/05/29 08:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2008/02/18 10:39:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/05/27 10:09:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mean Hamster
[2008/05/04 16:32:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Media Art
[2008/05/19 08:17:12 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/05/13 17:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/12/12 23:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Midnight Synergy
[2009/04/22 10:01:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MonteCristo
[2006/11/29 17:20:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2009/04/29 14:35:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/02/20 00:21:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Games
[2008/09/19 07:14:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2007/10/03 19:07:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/05/03 15:09:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Namco
[2007/10/26 10:21:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeptunesAdve
[2008/11/29 11:07:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NevoSoft Games
[2009/03/16 10:29:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nick Chase A Detective Story
[2009/04/07 10:02:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2008/09/13 08:23:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Games
[2008/01/10 11:58:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2008/09/10 08:48:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PBGsavesDirectory
[2009/02/14 16:55:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PiddlePup Games
[2009/05/29 09:00:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2008/12/19 08:16:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond
[2008/03/29 16:22:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/06/06 11:34:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Product
[2008/02/20 01:22:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QB9 S.R.L
[2008/12/03 08:58:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Questtracers
[2009/06/06 11:34:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickClick
[2008/09/27 06:46:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raxco
[2008/10/30 09:23:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2008/12/20 20:20:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2008/09/11 15:24:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScreenSeven
[2008/02/18 10:36:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/05/17 07:08:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Slapdash Games
[2008/04/26 07:53:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlapdashGames
[2007/02/28 16:23:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2006/11/27 01:32:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2009/03/15 09:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sortasoft
[2009/03/12 17:36:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpecialBit
[2009/01/16 11:57:11 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SugarGames
[2007/11/08 10:29:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/01/28 19:09:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2008/11/29 19:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages
[2009/06/06 17:54:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/07 14:05:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TikGames
[2007/10/03 10:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/06/23 16:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2008/11/14 07:30:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Valusoft
[2008/05/06 19:50:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualFarm
[2007/10/03 19:28:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/05/20 14:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2
[2006/11/29 18:14:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/05/25 17:02:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XLab
[2008/01/10 11:52:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2008/01/09 18:18:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008/02/23 12:09:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2007/10/03 18:15:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/05/28 13:14:15 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data
[2009/04/20 12:31:13 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\.#
[2007/10/21 11:34:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Abra Academy2
[2009/03/11 09:00:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Adobe
[2007/01/12 09:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\AdobeUM
[2009/03/03 09:06:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Alawar
[2008/10/25 14:15:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\AlterLab
[2008/07/23 08:08:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Amaranth Games
[2009/03/13 10:05:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Anabel
[2007/10/06 10:01:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Apple Computer
[2009/05/28 13:14:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Artogon
[2008/12/11 10:20:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Ashtons. Family Resort
[2008/02/19 19:27:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\AT&T
[2008/08/01 11:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BeachPartyCraze
[2007/10/28 09:18:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BellSouth
[2008/08/23 07:44:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BFG_JanesRealty
[2007/12/13 08:16:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Big Fish Games
[2008/01/18 09:04:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BigFish
[2009/05/20 11:43:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Bigfish 3 Days Zoo Mystery
[2009/04/15 12:33:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BigFishv1002
[2009/01/28 13:44:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\blg
[2008/01/12 08:51:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BloodTies
[2008/01/02 09:49:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Bloom
[2009/02/07 10:30:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Boolat Games
[2009/04/13 10:15:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Boomzap
[2009/03/12 15:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\BrandX Games
[2008/12/14 09:54:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\CatmoonGames
[2009/03/12 18:26:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Cat's Eye Games
[2008/06/08 07:59:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\cerasus.media
[2008/09/21 06:59:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Chicken Chase
[2009/05/12 12:28:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/07/13 21:16:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Corel
[2007/02/09 11:32:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\DivX
[2007/11/29 23:07:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\EA
[2009/01/02 06:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\eGames
[2009/02/27 10:01:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\EleFun Games
[2009/05/10 08:17:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Enchanted Katya
[2007/11/01 14:44:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Eyeblaster
[2009/01/16 13:09:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Fabulous Finds
[2008/07/12 14:25:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\FarmerJane
[2009/05/08 10:19:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\FirstColony
[2008/05/30 11:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Flood Light Games
[2007/10/03 12:05:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\FloodLightGames
[2009/03/12 15:43:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2008/10/17 18:32:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\FrostWire
[2008/07/04 22:52:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Gaijin Ent
[2008/10/24 18:13:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\GameHouse
[2008/11/25 08:02:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\GameInvest
[2008/12/03 09:59:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Gamelab
[2008/05/08 13:03:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Games
[2008/02/20 00:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\gemsweeperextractedgfx
[2009/06/06 12:28:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Gogii Games
[2008/08/14 17:51:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Go-Go Gourmet Chef of the Year
[2006/11/29 17:29:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Google
[2006/11/27 01:37:02 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Gtek
[2008/06/03 16:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Help
[2009/04/18 07:45:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\HiT-MM
[2007/12/14 09:09:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Home Sweet Home
[2008/09/05 08:32:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Home Sweet Home 2
[2009/04/30 13:26:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\HuruBeachParty
[2009/06/02 09:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Identities
[2006/11/27 01:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\InstallShield
[2009/05/28 12:56:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\IronCode
[2008/09/02 13:19:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\ITTNord
[2009/03/16 09:43:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\iWin
[2008/08/21 18:03:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\IWin_Janes_Realty
[2007/12/23 23:04:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\iWinArcade
[2007/10/03 10:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Jane s Hotel
[2008/03/12 10:01:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Jane s Hotel Family Hero
[2009/04/17 07:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Jane s Zoo
[2007/11/14 17:01:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Land Of Runes
[2007/03/02 10:40:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Leadertech
[2007/10/02 00:18:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Logitech
[2008/10/10 17:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Longbow Digital Arts
[2008/05/29 08:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Ludia
[2008/03/29 09:51:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Macromedia
[2007/10/03 14:09:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Magic Match
[2008/02/14 10:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Magic Seeds
[2007/02/28 16:44:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\McAfee
[2009/05/27 10:09:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Mean Hamster
[2009/06/04 07:27:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Meridian93
[2008/07/17 18:31:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Microsoft
[2008/06/21 09:04:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Mind Control Software
[2008/02/25 15:58:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Move Networks
[2008/02/02 18:27:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Mozilla
[2007/11/02 14:35:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\My Games
[2008/12/19 09:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\MysteryStudio
[2009/05/03 15:09:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Namco
[2008/09/13 08:23:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Oberon Games
[2008/01/10 11:58:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\OfficeUpdate12
[2008/10/09 09:06:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\panoramik
[2008/10/06 11:59:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\PendulumQuest
[2008/09/13 08:54:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\PetShowCraze
[2008/09/12 08:34:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Pi Eye Games
[2008/01/10 17:45:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Pirateville
[2009/05/29 09:00:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\PlayFirst
[2009/04/23 08:24:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Playrix Entertainment
[2008/10/31 08:36:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Pogo Games
[2008/08/29 07:45:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Realore_DressUpRush
[2009/05/21 12:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Righteous Kill
[2008/08/31 08:44:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Roogoo
[2007/10/27 09:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Sandlot Games
[2008/03/08 19:16:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SBTT
[2008/11/03 08:49:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\ScreenSeven
[2009/03/12 16:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SerpentOfIsis
[2009/04/02 09:09:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Shape games
[2009/04/03 09:36:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\ShinyTales
[2008/07/06 09:40:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Skinux
[2008/12/10 12:28:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Skip-Bo
[2009/04/18 12:22:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Skunk Studios
[2007/01/17 16:22:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SlySoft
[2007/03/02 10:40:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Sonic
[2009/03/15 09:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Sortasoft
[2007/12/04 14:30:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SpinTop
[2009/05/19 15:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SprillBermudeEng
[2008/05/23 12:03:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Sudden Games
[2008/05/22 07:52:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SultansLabyrinth
[2008/07/04 09:03:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\SulusGames
[2007/07/09 21:52:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Sun
[2007/10/07 14:39:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Super-Cow
[2008/06/23 15:39:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\System Tweaker
[2008/01/03 10:29:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Teggo
[2007/11/13 23:37:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Template
[2008/12/15 08:54:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Three days
[2009/05/07 14:05:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\TikGames
[2008/02/18 10:49:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Total Eclipse
[2009/02/19 12:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Uniblue
[2008/05/03 07:45:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\URSE Games
[2008/11/14 07:30:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Valusoft
[2009/01/30 08:50:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\ViquaSoft
[2008/12/16 08:30:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\World-LooM
[2009/05/17 07:34:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\YoudaGames
[2008/05/18 10:29:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\ZoomBrowser EX
[2008/12/12 23:31:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\Zylom
[2009/06/01 11:23:27 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2004/08/10 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/31 11:40:04 | 00,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2009/06/06 11:54:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/05/29 15:06:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/06/23 15:06:32 | 00,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2008/06/23 16:19:11 | 00,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job

========== Purity Check ==========


========== Custom Scans ==========


< %systemroot%\System32\antiwpa.dll >

< %systemroot%\SYSTEM32\wpa.dll >

< %systemroot%\setup\scripts\biestart.exe >

< %systemroot%\system32\drivers\royal.sys >

< %SYSTEMDRIVE%\*. >
[2009/06/06 18:00:46 | 00,000,000 | ---D | M] -- C:
[2009/04/01 12:07:27 | 00,000,000 | ---D | M] -- C:4bc80bfadcc5489881f30da16
[2009/04/01 08:06:21 | 00,000,000 | ---D | M] -- C:\16933e351b6d52231ba0876a742e92
[2006/11/29 18:43:24 | 00,000,000 | ---D | M] -- C:\397c10ff995ff1903d83
[2009/04/01 08:06:20 | 00,000,000 | ---D | M] -- C:\c34047606524c8eb63c88da7
[2007/01/17 16:22:56 | 00,000,000 | ---D | M] -- C:\CloneDVDTemp
[2009/06/05 13:06:43 | 00,000,000 | -H-D | M] -- C:\Config.Msi
[2008/07/22 11:38:19 | 00,000,000 | ---D | M] -- C:\dell
[2006/11/29 16:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2008/01/10 13:38:14 | 00,000,000 | ---D | M] -- C:\DownloadDirector
[2008/01/04 08:41:34 | 00,000,000 | ---D | M] -- C:\Downloads
[2006/10/08 14:57:14 | 00,000,000 | ---D | M] -- C:\drivers
[2006/11/27 01:25:56 | 00,000,000 | ---D | M] -- C:\drvrtmp
[2008/06/23 15:19:23 | 00,000,000 | -HSD | M] -- C:\found.000
[2008/08/21 17:10:40 | 00,000,000 | ---D | M] -- C:\GameFools
[2009/05/26 09:12:54 | 00,000,000 | ---D | M] -- C:\GameHouse Games
[2008/07/17 18:35:49 | 00,000,000 | ---D | M] -- C:\i386
[2007/10/19 15:14:49 | 00,000,000 | ---D | M] -- C:\Intel
[2008/02/19 12:51:14 | 00,000,000 | RH-D | M] -- C:\MSOCache
[2008/06/23 15:19:17 | 00,000,000 | ---D | M] -- C:\My Download Files
[2008/06/23 15:19:23 | 00,000,000 | ---D | M] -- C:\My Downloads
[2009/01/09 10:52:51 | 00,000,000 | ---D | M] -- C:\My Games
[2008/09/02 09:06:14 | 00,000,000 | ---D | M] -- C:\My Music
[2008/04/27 07:55:07 | 00,000,000 | ---D | M] -- C:\PetsFunHouse
[2009/06/06 15:15:57 | 00,000,000 | ---D | M] -- C:\Program Files
[2009/03/11 12:46:27 | 00,000,000 | ---D | M] -- C:\ProgramData
[2009/06/06 11:56:18 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2007/11/17 23:30:00 | 00,000,000 | ---D | M] -- C:\Return To Wonderland
[2009/06/06 14:32:04 | 00,000,000 | ---D | M] -- C:\Rooter$
[2008/04/11 09:39:13 | 00,000,000 | ---D | M] -- C:\spoolerlogs
[2006/12/25 17:35:43 | 00,000,000 | ---D | M] -- C:\Start Menu
[2007/02/01 12:23:06 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2008/01/15 14:34:38 | 00,000,000 | ---D | M] -- C:\TMOTM
[2008/05/22 13:39:45 | 00,000,000 | ---D | M] -- C:\users
[2009/06/06 17:00:59 | 00,000,000 | ---D | M] -- C:\WINDOWS
[2009/03/02 15:20:30 | 00,000,000 | ---D | M] -- C:\Wonderland v1.17

< %SYSTEMDRIVE%\*.* >
[2007/10/20 21:46:01 | 00,000,000 | ---- | M] () -- C:\20071021014600921.loc
[2007/12/11 13:05:30 | 00,000,000 | ---- | M] () -- C:\20071211170530855.loc
[2008/01/17 10:07:03 | 00,000,000 | ---- | M] () -- C:\20080117140703509.loc
[2008/01/17 10:24:42 | 00,000,000 | ---- | M] () -- C:\20080117142442871.loc
[2008/01/17 10:35:57 | 00,000,000 | ---- | M] () -- C:\20080117143557144.loc
[2008/02/23 11:59:00 | 00,000,000 | ---- | M] () -- C:\20080223155900289.loc
[2008/02/23 11:59:08 | 00,000,000 | ---- | M] () -- C:\20080223155908712.loc
[2008/02/23 11:59:08 | 00,000,000 | ---- | M] () -- C:\20080223155908962.loc
[2008/02/23 11:59:50 | 00,000,000 | ---- | M] () -- C:\20080223155950308.loc
[2008/02/23 11:59:50 | 00,000,000 | ---- | M] () -- C:\20080223155950464.loc
[2008/05/08 11:58:28 | 00,000,000 | ---- | M] () -- C:\20080508155828519.loc
[2008/07/01 08:50:47 | 00,000,000 | ---- | M] () -- C:\20080701125047655.loc
[2008/07/01 08:51:06 | 00,000,000 | ---- | M] () -- C:\20080701125106635.loc
[2008/07/01 08:51:06 | 00,000,000 | ---- | M] () -- C:\20080701125106870.loc
[2008/07/01 09:11:36 | 00,000,000 | ---- | M] () -- C:\20080701131135995.loc
[2008/07/01 09:11:42 | 00,000,000 | ---- | M] () -- C:\20080701131142025.loc
[2008/07/01 09:11:42 | 00,000,000 | ---- | M] () -- C:\20080701131142181.loc
[2008/07/01 16:05:22 | 00,000,000 | ---- | M] () -- C:\20080701200522135.loc
[2008/07/01 16:05:30 | 00,000,000 | ---- | M] () -- C:\20080701200530932.loc
[2008/07/01 16:05:31 | 00,000,000 | ---- | M] () -- C:\20080701200531073.loc
[2008/07/01 16:13:46 | 00,000,000 | ---- | M] () -- C:\20080701201346619.loc
[2008/07/01 16:13:46 | 00,000,000 | ---- | M] () -- C:\20080701201346838.loc
[2008/07/01 16:17:16 | 00,000,000 | ---- | M] () -- C:\20080701201716026.loc
[2008/07/01 16:19:37 | 00,000,000 | ---- | M] () -- C:\20080701201937823.loc
[2008/07/01 16:52:18 | 00,000,000 | ---- | M] () -- C:\20080701205217994.loc
[2008/07/01 16:53:33 | 00,000,000 | ---- | M] () -- C:\20080701205333166.loc
[2008/07/01 16:53:37 | 00,000,000 | ---- | M] () -- C:\20080701205337823.loc
[2008/07/01 16:53:37 | 00,000,000 | ---- | M] () -- C:\20080701205337948.loc
[2008/07/23 12:38:57 | 00,000,000 | ---- | M] () -- C:\20080723163857500.loc
[2008/07/23 12:39:10 | 00,000,000 | ---- | M] () -- C:\20080723163910546.loc
[2008/07/23 12:39:10 | 00,000,000 | ---- | M] () -- C:\20080723163910750.loc
[2008/07/29 15:28:42 | 00,000,000 | ---- | M] () -- C:\20080729192842437.loc
[2008/07/29 15:28:42 | 00,000,000 | ---- | M] () -- C:\20080729192842843.loc
[2008/07/29 15:30:59 | 00,000,000 | ---- | M] () -- C:\20080729193059250.loc
[2008/07/29 15:31:09 | 00,000,000 | ---- | M] () -- C:\20080729193109421.loc
[2008/07/29 15:31:09 | 00,000,000 | ---- | M] () -- C:\20080729193109562.loc
[2008/08/04 13:13:06 | 00,000,000 | ---- | M] () -- C:\20080804171306375.loc
[2008/08/04 13:13:37 | 00,000,000 | ---- | M] () -- C:\20080804171337062.loc
[2008/08/04 13:13:37 | 00,000,000 | ---- | M] () -- C:\20080804171337265.loc
[2008/08/27 13:21:48 | 00,000,000 | ---- | M] () -- C:\20080827172148109.loc
[2008/08/27 13:22:00 | 00,000,000 | ---- | M] () -- C:\20080827172200781.loc
[2008/08/27 13:22:00 | 00,000,000 | ---- | M] () -- C:\20080827172200953.loc
[2008/10/02 08:30:40 | 00,000,000 | ---- | M] () -- C:\20081002123040640.loc
[2008/10/02 08:30:47 | 00,000,000 | ---- | M] () -- C:\20081002123047203.loc
[2008/10/02 08:30:47 | 00,000,000 | ---- | M] () -- C:\20081002123047421.loc
[2008/10/02 08:43:46 | 00,000,000 | ---- | M] () -- C:\20081002124346671.loc
[2008/10/02 08:43:46 | 00,000,000 | ---- | M] () -- C:\20081002124346890.loc
[2008/11/02 11:18:14 | 00,000,000 | ---- | M] () -- C:\20081102151814015.loc
[2008/11/02 11:18:26 | 00,000,000 | ---- | M] () -- C:\20081102151826265.loc
[2008/11/02 11:18:26 | 00,000,000 | ---- | M] () -- C:\20081102151826437.loc
[2008/11/02 11:47:42 | 00,000,000 | ---- | M] () -- C:\20081102154742062.loc
[2008/11/02 11:56:45 | 00,000,000 | ---- | M] () -- C:\20081102155645515.loc
[2008/11/02 11:57:11 | 00,000,000 | ---- | M] () -- C:\20081102155711593.loc
[2008/11/02 11:57:11 | 00,000,000 | ---- | M] () -- C:\20081102155711765.loc
[2008/11/02 12:32:35 | 00,000,000 | ---- | M] () -- C:\20081102163235203.loc
[2008/11/02 12:32:40 | 00,000,000 | ---- | M] () -- C:\20081102163240890.loc
[2008/11/02 12:32:41 | 00,000,000 | ---- | M] () -- C:\20081102163241046.loc
[2008/11/02 12:47:48 | 00,000,000 | ---- | M] () -- C:\20081102164748781.loc
[2008/12/15 15:26:31 | 00,000,000 | ---- | M] () -- C:\20081215192631875.loc
[2008/12/15 15:26:42 | 00,000,000 | ---- | M] () -- C:\20081215192642171.loc
[2008/12/15 15:26:42 | 00,000,000 | ---- | M] () -- C:\20081215192642453.loc
[2009/01/13 09:19:00 | 00,000,000 | ---- | M] () -- C:\20090113131900218.loc
[2009/01/13 09:19:00 | 00,000,000 | ---- | M] () -- C:\20090113131900515.loc
[2009/01/13 09:20:45 | 00,000,000 | ---- | M] () -- C:\20090113132045312.loc
[2009/01/13 09:20:57 | 00,000,000 | ---- | M] () -- C:\20090113132057734.loc
[2009/01/13 09:20:57 | 00,000,000 | ---- | M] () -- C:\20090113132057875.loc
[2009/01/24 18:41:36 | 00,000,000 | ---- | M] () -- C:\20090124224136307.loc
[2009/01/24 18:41:49 | 00,000,000 | ---- | M] () -- C:\20090124224149948.loc
[2009/01/24 18:41:50 | 00,000,000 | ---- | M] () -- C:\20090124224150151.loc
[2009/02/21 13:29:59 | 00,000,000 | ---- | M] () -- C:\20090221172959515.loc
[2009/02/21 13:30:45 | 00,000,000 | ---- | M] () -- C:\20090221173045703.loc
[2009/05/06 23:53:12 | 00,000,000 | ---- | M] () -- C:\20090507035312913.loc
[2009/05/26 17:17:27 | 00,000,000 | ---- | M] () -- C:\20090526211727514.loc
[2009/05/28 09:13:17 | 00,000,000 | ---- | M] () -- C:\20090528131317468.loc
[2009/05/28 16:03:56 | 00,000,000 | ---- | M] () -- C:\20090528200356284.loc
[2009/05/28 16:04:34 | 00,000,000 | ---- | M] () -- C:\20090528200434937.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | M] () -- C:\20090528200600133.loc
[2009/05/28 16:06:00 | 00,000,000 | ---- | M] () -- C:\20090528200600352.loc
[2009/05/28 16:08:05 | 00,000,000 | ---- | M] () -- C:\20090528200805983.loc
[2009/05/28 16:16:04 | 00,000,000 | ---- | M] () -- C:\20090528201604512.loc
[2009/05/28 16:16:08 | 00,000,000 | ---- | M] () -- C:\20090528201608902.loc
[2009/05/28 16:16:09 | 00,000,000 | ---- | M] () -- C:\20090528201609058.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | M] () -- C:\20090528201742395.loc
[2009/05/28 16:17:42 | 00,000,000 | ---- | M] () -- C:\20090528201742552.loc
[2009/05/28 16:21:09 | 00,000,000 | ---- | M] () -- C:\20090528202109318.loc
[2009/05/28 16:21:15 | 00,000,000 | ---- | M] () -- C:\20090528202115896.loc
[2009/05/28 16:21:16 | 00,000,000 | ---- | M] () -- C:\20090528202116068.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | M] () -- C:\20090528202631547.loc
[2009/05/28 16:26:31 | 00,000,000 | ---- | M] () -- C:\20090528202631797.loc
[2009/05/28 16:29:34 | 00,000,000 | ---- | M] () -- C:\20090528202934256.loc
[2009/05/28 16:29:51 | 00,000,000 | ---- | M] () -- C:\20090528202951348.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | M] () -- C:\20090528202957739.loc
[2009/05/28 16:29:57 | 00,000,000 | ---- | M] () -- C:\20090528202957895.loc
[2009/05/28 16:46:55 | 00,000,000 | ---- | M] () -- C:\20090528204655638.loc
[2009/05/28 16:47:09 | 00,000,000 | ---- | M] () -- C:\20090528204709528.loc
[2009/05/28 16:47:10 | 00,000,000 | ---- | M] () -- C:\20090528204710824.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | M] () -- C:\20090529181246531.loc
[2009/05/29 14:12:46 | 00,000,000 | ---- | M] () -- C:\20090529181246843.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | M] () -- C:\20090529181407406.loc
[2009/05/29 14:14:07 | 00,000,000 | ---- | M] () -- C:\20090529181407515.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | M] () -- C:\20090529181540250.loc
[2009/05/29 14:15:40 | 00,000,000 | ---- | M] () -- C:\20090529181540375.loc
[2009/05/29 14:16:53 | 00,000,000 | ---- | M] () -- C:\20090529181653625.loc
[2009/05/29 14:16:53 | 00,000,000 | ---- | M] () -- C:\20090529181653812.loc
[2009/05/29 17:53:06 | 00,000,000 | ---- | M] () -- C:\20090529215306144.loc
[2009/05/29 17:53:14 | 00,000,000 | ---- | M] () -- C:\20090529215314894.loc
[2009/05/29 17:53:15 | 00,000,000 | ---- | M] () -- C:\20090529215315050.loc
[2009/06/06 11:54:20 | 00,003,176 | ---- | M] () -- C:\aaw7boot.log
[2005/08/16 05:43:04 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2007/09/06 22:41:57 | 22,650,138 | ---- | M] () -- C:\BellSouthIW.reg
[2007/11/25 10:30:06 | 00,000,209 | RHS- | M] () -- C:\boot.ini
[2005/08/16 05:43:04 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/11/27 01:08:54 | 00,006,788 | RH-- | M] () -- C:\dell.sdr
[2008/02/02 09:16:15 | 00,014,582 | ---- | M] () -- C:\Docum
[2008/05/22 13:37:50 | 00,000,097 | ---- | M] () -- C:\DownloadLog.txt
[2001/09/05 21:00:58 | 01,700,352 | ---- | M] (Microsoft Corporation) -- C:\gdiplus.dll
[2009/06/06 11:54:21 | 10,631,65952 | -HS- | M] () -- C:\hiberfil.sys
[2006/11/29 20:00:26 | 00,004,128 | ---- | M] () -- C:\INFCACHE.1
[2006/11/29 19:38:02 | 00,000,067 | ---- | M] () -- C:\inferno.log
[2005/08/16 05:43:04 | 00,000,000 | -H-- | M] () -- C:\IO.SYS
[2008/05/17 08:01:00 | 00,000,125 | ---- | M] () -- C:\ioSpecial.ini
[2008/07/06 08:27:07 | 00,107,519 | ---- | M] () -- C:\logfile
[2005/08/16 05:43:04 | 00,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/10 06:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/05/09 09:49:24 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/06/06 11:54:20 | 15,980,29824 | -HS- | M] () -- C:\pagefile.sys
[2009/06/06 14:32:04 | 00,004,773 | ---- | M] () -- C:\Rooter.txt
[2007/09/06 22:41:18 | 00,000,087 | ---- | M] () -- C:\setup.log
[2006/11/27 01:37:43 | 00,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2008/02/02 15:06:15 | 00,000,150 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2009/06/06 15:15:57 | 00,000,000 | ---D | M] -- C:\Program Files
[2009/05/25 13:58:24 | 00,000,000 | ---D | M] -- C:\Program Files\3 Days - Zoo Mystery
[2006/11/30 16:32:29 | 00,000,000 | ---D | M] -- C:\Program Files\Activision
[2009/04/07 09:55:00 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/11/29 16:16:45 | 00,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2008/04/22 15:01:42 | 00,000,000 | ---D | M] -- C:\Program Files\Airport Mania
[2009/05/29 19:54:33 | 00,000,000 | ---D | M] -- C:\Program Files\Alawar
[2007/10/17 16:12:24 | 00,000,000 | ---D | M] -- C:\Program Files\Alice Greenfingers
[2009/03/12 10:52:08 | 00,000,000 | ---D | M] -- C:\Program Files\Alice Greenfingers 2
[2008/10/12 06:44:24 | 00,000,000 | ---D | M] -- C:\Program Files\Anna`s Ice Cream
[2009/06/06 11:25:17 | 00,000,000 | ---D | M] -- C:\Program Files\Antique Shop
[2008/09/08 09:19:23 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/01/21 08:45:53 | 00,000,000 | ---D | M] -- C:\Program Files\Archive Entertainment
[2008/05/19 08:26:40 | 00,000,000 | ---D | M] -- C:\Program Files\AT&T
[2009/03/15 13:10:59 | 00,000,000 | ---D | M] -- C:\Program Files\Babysitting Mania
[2006/11/27 01:33:14 | 00,000,000 | ---D | M] -- C:\Program Files\BAE
[2009/05/25 13:38:40 | 00,000,000 | ---D | M] -- C:\Program Files\Beetle Bug 2
[2007/10/03 13:15:23 | 00,000,000 | ---D | M] -- C:\Program Files\Believe in Santa - Sandy`s Story
[2007/10/03 12:48:44 | 00,000,000 | ---D | M] -- C:\Program Files\Belle`s Beauty Boutique
[2007/10/28 09:18:22 | 00,000,000 | ---D | M] -- C:\Program Files\BellSouth
[2008/09/02 09:06:36 | 00,000,000 | ---D | M] -- C:\Program Files\BFG
[2009/05/27 10:05:06 | 00,000,000 | ---D | M] -- C:\Program Files\bfgclient
[2008/12/09 12:59:26 | 00,000,000 | ---D | M] -- C:\Program Files\Big Kahuna Reef 2 - Chain Reaction
[2007/10/19 09:36:54 | 00,000,000 | ---D | M] -- C:\Program Files\BLOX Deluxe
[2007/10/19 12:25:35 | 00,000,000 | ---D | M] -- C:\Program Files\BLOX Forever Deluxe
[2008/09/08 09:24:34 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2008/06/23 15:19:17 | 00,000,000 | ---D | M] -- C:\Program Files\BookDB2
[2007/10/03 18:51:23 | 00,000,000 | ---D | M] -- C:\Program Files\Boulder Dash
[2008/11/09 11:09:18 | 00,000,000 | ---D | M] -- C:\Program Files\Bubble Town
[2007/10/27 09:21:48 | 00,000,000 | ---D | M] -- C:\Program Files\Burger Island
[2007/10/07 08:20:26 | 00,000,000 | ---D | M] -- C:\Program Files\Burger Shop
[2008/05/19 08:26:48 | 00,000,000 | ---D | M] -- C:\Program Files\CA
[2007/10/03 13:49:08 | 00,000,000 | ---D | M] -- C:\Program Files\Cake Mania
[2007/10/13 14:52:37 | 00,000,000 | ---D | M] -- C:\Program Files\Cake Mania 2
[2008/10/02 07:32:50 | 00,000,000 | ---D | M] -- C:\Program Files\Cake Mania 3
[2007/10/10 13:28:35 | 00,000,000 | ---D | M] -- C:\Program Files\Cake Mania Back to the Bakery
[2008/08/19 22:21:34 | 00,000,000 | ---D | M] -- C:\Program Files\CakeMania 3 Focus Test
[2007/10/29 17:41:57 | 00,000,000 | ---D | M] -- C:\Program Files\Canon
[2007/10/03 11:43:40 | 00,000,000 | ---D | M] -- C:\Program Files\Card Tricks
[2007/11/05 15:02:05 | 00,000,000 | ---D | M] -- C:\Program Files\Carrie the Caregiver
[2007/10/03 12:07:21 | 00,000,000 | ---D | M] -- C:\Program Files\Cathy's Caribbean Club
[2007/10/03 15:12:18 | 00,000,000 | ---D | M] -- C:\Program Files\CCI Huntsville
[2008/01/03 10:27:07 | 00,000,000 | ---D | M] -- C:\Program Files\Champion Chef
[2008/12/09 10:20:01 | 00,000,000 | ---D | M] -- C:\Program Files\Chill
[2009/01/09 11:06:54 | 00,000,000 | ---D | M] -- C:\Program Files\Chocolate Shop Frenzy
[2007/12/23 10:52:28 | 00,000,000 | ---D | M] -- C:\Program Files\Citrix
[2009/03/11 09:00:34 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/08/16 05:38:36 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/01/11 14:03:28 | 00,000,000 | ---D | M] -- C:\Program Files\Conduit
[2006/11/27 01:10:44 | 00,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/04/14 15:59:35 | 00,000,000 | ---D | M] -- C:\Program Files\ContinentalCafe_at
[2006/11/27 01:27:36 | 00,000,000 | ---D | M] -- C:\Program Files\Corel
[2009/02/21 10:49:43 | 00,000,000 | ---D | M] -- C:\Program Files\Costume Chaos
[2009/05/06 12:08:42 | 00,000,000 | ---D | M] -- C:\Program Files\Coupons
[2008/07/11 10:54:39 | 00,000,000 | ---D | M] -- C:\Program Files\CrystalVoice
[2009/05/03 17:01:56 | 00,000,000 | ---D | M] -- C:\Program Files\Cubis Gold 2
[2006/12/20 11:09:47 | 00,000,000 | ---D | M] -- C:\Program Files\DATA
[2007/10/03 03:23:28 | 00,000,000 | ---D | M] -- C:\Program Files\Daycare Nightmare
[2009/03/16 10:56:59 | 00,000,000 | ---D | M] -- C:\Program Files\Daycare Nightmare - Mini-Monsters
[2007/12/23 09:43:24 | 00,000,000 | ---D | M] -- C:\Program Files\Delicious Deluxe
[2008/02/02 14:35:57 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2006/11/27 01:36:50 | 00,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2007/11/08 10:28:46 | 00,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2006/11/27 01:26:24 | 00,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2007/10/03 15:05:22 | 00,000,000 | ---D | M] -- C:\Program Files\Diner Dash
[2008/05/06 07:58:54 | 00,000,000 | ---D | M] -- C:\Program Files\Dirk Dashing
[2008/01/03 15:57:21 | 00,000,000 | ---D | M] -- C:\Program Files\Disney
[2007/06/01 13:48:56 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/12/19 09:46:17 | 00,000,000 | ---D | M] -- C:\Program Files\DQ Tycoon
[2007/10/03 02:29:44 | 00,000,000 | ---D | M] -- C:\Program Files\Dr. Daisy Pet Vet
[2007/10/03 13:20:16 | 00,000,000 | ---D | M] -- C:\Program Files\Dracula Twins
[2008/08/29 07:39:43 | 00,000,000 | ---D | M] -- C:\Program Files\Dress Up Rush
[2008/10/08 13:16:08 | 00,000,000 | ---D | M] -- C:\Program Files\DXBall2
[2008/01/13 14:59:40 | 00,000,000 | ---D | M] -- C:\Program Files\Dyno Kid
[2007/01/17 16:18:59 | 00,000,000 | ---D | M] -- C:\Program Files\Elaborate Bytes
[2007/10/03 03:26:13 | 00,000,000 | ---D | M] -- C:\Program Files\Emerald Tale
[2009/05/22 09:13:24 | 00,000,000 | ---D | M] -- C:\Program Files\Enchanted Katya and the Mystery of the Lost Wizard
[2005/08/16 21:51:50 | 00,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2009/05/03 15:07:16 | 00,000,000 | ---D | M] -- C:\Program Files\Everything Nice
[2008/09/11 15:24:03 | 00,000,000 | ---D | M] -- C:\Program Files\Fairy Jewels
[2008/08/07 08:25:41 | 00,000,000 | ---D | M] -- C:\Program Files\Fairy Jewels 2
[2008/08/04 08:50:52 | 00,000,000 | ---D | M] -- C:\Program Files\Farm Frenzy
[2008/07/12 08:29:16 | 00,000,000 | ---D | M] -- C:\Program Files\Farmer Jane
[2007/12/28 11:37:20 | 00,000,000 | ---D | M] -- C:\Program Files\Fashion Cents
[2009/04/27 00:38:21 | 00,000,000 | ---D | M] -- C:\Program Files\Fashion Cents Deluxe
[2007/11/09 08:06:51 | 00,000,000 | ---D | M] -- C:\Program Files\Fashion Fits!
[2008/01/11 09:40:05 | 00,000,000 | ---D | M] -- C:\Program Files\Fashion Rush
[2007/11/10 15:31:57 | 00,000,000 | ---D | M] -- C:\Program Files\Fever Frenzy
[2008/12/15 17:41:54 | 00,000,000 | ---D | M] -- C:\Program Files\Fitness Frenzy
[2008/12/14 09:12:34 | 00,000,000 | ---D | M] -- C:\Program Files\Floating Kingdoms
[2007/11/03 17:15:20 | 00,000,000 | ---D | M] -- C:\Program Files\Flower Shop - Big City Break
[2009/05/17 14:03:09 | 00,000,000 | ---D | M] -- C:\Program Files\Flux Family Secrets - The Ripple Effect
[2008/11/05 09:21:24 | 00,000,000 | ---D | M] -- C:\Program Files\Forgotten Lands - First Colony
[2009/03/11 09:00:37 | 00,000,000 | ---D | M] -- C:\Program Files\FOX News Live
[2008/10/17 18:32:16 | 00,000,000 | ---D | M] -- C:\Program Files\FrostWire
[2008/10/24 18:12:56 | 00,000,000 | ---D | M] -- C:\Program Files\GameHouse
[2008/12/10 12:46:23 | 00,000,000 | ---D | M] -- C:\Program Files\Games
[2008/06/05 10:28:20 | 00,000,000 | ---D | M] -- C:\Program Files\GamesCafe.com
[2009/05/28 17:00:56 | 00,000,000 | ---D | M] -- C:\Program Files\Gamevance
[2005/08/16 21:54:44 | 00,000,000 | ---D | M] -- C:\Program Files\GemMaster
[2008/02/21 09:33:15 | 00,000,000 | ---D | M] -- C:\Program Files\Gemsweeper
[2008/08/14 17:50:22 | 00,000,000 | ---D | M] -- C:\Program Files\Go Go Gourmet - Chef of the Year
[2008/01/31 09:01:38 | 00,000,000 | ---D | M] -- C:\Program Files\Go-Go Gourmet
[2007/10/07 19:26:05 | 00,000,000 | ---D | M] -- C:\Program Files\Gold Fever
[2008/01/23 08:17:22 | 00,000,000 | ---D | M] -- C:\Program Files\Golden Hearts Juice Bar
[2008/02/02 17:15:22 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2007/10/03 19:13:58 | 00,000,000 | ---D | M] -- C:\Program Files\Happy Hour
[2008/05/29 11:14:47 | 00,000,000 | ---D | M] -- C:\Program Files\Hell's Kitchen
[2009/05/24 12:10:59 | 00,000,000 | ---D | M] -- C:\Program Files\Hidden Mysteries - Civil War
[2008/10/25 16:34:48 | 00,000,000 | ---D | M] -- C:\Program Files\Holiday Bonus
[2008/11/25 08:01:21 | 00,000,000 | ---D | M] -- C:\Program Files\Hospital Hustle
[2009/03/26 12:39:22 | 00,000,000 | ---D | M] -- C:\Program Files\Ice Cream Craze - Tycoon Takeover
[2008/05/14 07:07:06 | 00,000,000 | ---D | M] -- C:\Program Files\Ice Cream Dee Lites
[2008/03/25 08:14:19 | 00,000,000 | ---D | M] -- C:\Program Files\Ice Cream Mania
[2008/09/08 15:09:35 | 00,000,000 | ---D | M] -- C:\Program Files\Ice Princess
[2008/11/29 16:05:29 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2006/11/27 01:26:06 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2006/11/27 01:26:20 | 00,000,000 | ---D | M] -- C:\Program Files\InterActual
[2009/04/17 00:48:02 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/09/08 09:25:00 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2008/09/08 09:25:11 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/01/13 09:17:18 | 00,000,000 | ---D | M] -- C:\Program Files\iWin
[2009/06/05 07:24:44 | 00,000,000 | ---D | M] -- C:\Program Files\iWin Games
[2009/06/06 12:41:11 | 00,000,000 | ---D | M] -- C:\Program Files\iWin.com
[2008/08/23 06:37:03 | 00,000,000 | ---D | M] -- C:\Program Files\Jane's Realty
[2008/12/09 09:43:32 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/06/03 06:41:10 | 00,000,000 | ---D | M] -- C:\Program Files\Jessica's Cupcake Cafe
[2007/10/25 11:17:19 | 00,000,000 | ---D | M] -- C:\Program Files\Jewel Miner
[2008/07/04 09:03:13 | 00,000,000 | ---D | M] -- C:\Program Files\Jewelleria
[2008/07/06 09:32:10 | 00,000,000 | ---D | M] -- C:\Program Files\Kodak
[2009/05/31 11:18:52 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2008/10/11 07:12:08 | 00,000,000 | ---D | M] -- C:\Program Files\LDA Games
[2009/05/20 13:14:05 | 00,000,000 | ---D | M] -- C:\Program Files\Legacy Interactive
[2008/02/02 14:25:01 | 00,000,000 | ---D | M] -- C:\Program Files\Logitech
[2009/04/18 13:13:30 | 00,000,000 | ---D | M] -- C:\Program Files\Lost in the City
[2009/03/12 16:23:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mae Q'West and the Sign of the Stars
[2008/03/08 09:51:09 | 00,000,000 | ---D | M] -- C:\Program Files\Magic Farm
[2008/02/14 09:59:00 | 00,000,000 | ---D | M] -- C:\Program Files\Magic Seeds
[2009/04/04 19:47:53 | 00,000,000 | ---D | M] -- C:\Program Files\Magical Forest
[2007/10/19 15:19:28 | 00,000,000 | ---D | M] -- C:\Program Files\MagicSeal
[2007/10/03 09:49:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mahjongg Investigation - Under Suspicion
[2008/12/09 10:54:55 | 00,000,000 | ---D | M] -- C:\Program Files\Megaplex Madness - Now Playing
[2008/03/16 08:23:01 | 00,000,000 | ---D | M] -- C:\Program Files\Megastore Madness
[2008/08/14 20:36:55 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2008/09/17 14:20:36 | 00,000,000 | ---D | M] -- C:\Program Files\MFInstall
[2007/11/13 23:11:15 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2007/05/09 16:17:39 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2007/10/04 09:38:04 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Digital Image 2006
[2005/08/16 05:43:46 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/02/02 15:03:28 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Location Finder
[2007/10/04 10:16:34 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft money 2006
[2008/02/19 12:53:07 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2006/11/27 01:28:32 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2006/11/27 01:28:33 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2006/11/27 01:35:37 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2008/09/10 17:02:43 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/10/04 09:30:24 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2006
[2008/02/19 12:52:56 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/09/19 08:31:48 | 00,000,000 | ---D | M] -- C:\Program Files\Miriel The Magical Merchant
[2006/11/27 01:26:18 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2009/03/29 18:35:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mortimer and the Enchanted Castle
[2008/05/09 09:58:49 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2005/08/16 05:37:22 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/08/16 05:37:30 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/11/29 18:42:43 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2006/12/25 17:35:43 | 00,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2006/11/27 01:28:01 | 00,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2008/11/18 00:14:02 | 00,000,000 | ---D | M] -- C:\Program Files\My Tribe DEMO
[2007/12/03 11:50:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mystery Case Files - Prime Suspects
[2009/06/06 15:38:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mystery in London
[2009/05/15 07:03:25 | 00,000,000 | ---D | M] -- C:\Program Files\Mystic Emporium
[2007/10/03 13:42:33 | 00,000,000 | ---D | M] -- C:\Program Files\Mystic Inn
[2009/04/04 19:50:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mystic Mine Demo
[2008/11/19 14:53:31 | 00,000,000 | ---D | M] -- C:\Program Files\Nancy Drew Dossier - Lights, Camera, Curses
[2007/10/03 11:41:51 | 00,000,000 | ---D | M] -- C:\Program Files\Nanny Mania
[2009/03/03 10:11:48 | 00,000,000 | ---D | M] -- C:\Program Files\Nanny Mania 2
[2008/05/09 09:52:44 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/09/06 22:45:11 | 00,000,000 | ---D | M] -- C:\Program Files\Netopia
[2006/11/27 01:26:29 | 00,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2009/04/07 10:02:51 | 00,000,000 | ---D | M] -- C:\Program Files\NOS
[2008/12/09 10:08:32 | 00,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2005/08/16 05:38:24 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2008/07/18 16:59:24 | 00,000,000 | ---D | M] -- C:\Program Files\OpenCASE
[2008/10/31 08:36:52 | 00,000,000 | ---D | M] -- C:\Program Files\Operation Mania
[2009/03/23 10:55:49 | 00,000,000 | ---D | M] -- C:\Program Files\Orchard
[2008/05/09 09:52:37 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2007/11/28 11:40:24 | 00,000,000 | ---D | M] -- C:\Program Files\Paradise Pet Salon
[2009/02/27 09:11:29 | 00,000,000 | ---D | M] -- C:\Program Files\Party Down
[2008/08/27 13:41:52 | 00,000,000 | ---D | M] -- C:\Program Files\PCStitch 7
[2008/11/20 09:32:59 | 00,000,000 | ---D | M] -- C:\Program Files\Pet Pals Animal Doctor
[2009/06/02 08:01:28 | 00,000,000 | ---D | M] -- C:\Program Files\Pet Playground
[2007/12/27 07:51:05 | 00,000,000 | ---D | M] -- C:\Program Files\Pizza Chef
[2007/12/22 12:24:11 | 00,000,000 | ---D | M] -- C:\Program Files\Pizza Panic
[2007/10/03 03:05:38 | 00,000,000 | ---D | M] -- C:\Program Files\Plant Tycoon
[2009/03/08 13:35:43 | 00,000,000 | ---D | M] -- C:\Program Files\PlayFirst
[2009/05/20 13:29:45 | 00,000,000 | ---D | M] -- C:\Program Files\Pretty In Pink
[2009/04/28 07:16:17 | 00,000,000 | ---D | M] -- C:\Program Files\Puppy Stylin'
[2008/01/18 08:57:09 | 00,000,000 | ---D | M] -- C:\Program Files\Purrfect Pet Shop
[2008/07/03 07:28:01 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/06/29 08:40:54 | 00,000,000 | ---D | M] -- C:\Program Files\Ranch Rush
[2008/09/27 06:46:45 | 00,000,000 | ---D | M] -- C:\Program Files\Raxco
[2007/10/03 17:21:10 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2009/05/26 09:12:43 | 00,000,000 | ---D | M] -- C:\Program Files\RealArcade
[2009/05/26 13:09:22 | 00,000,000 | ---D | M] -- C:\Program Files\Realore
[2007/10/19 14:26:39 | 00,000,000 | ---D | M] -- C:\Program Files\redclaw
[2007/10/03 18:51:07 | 00,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2005/08/16 21:58:50 | 00,000,000 | ---D | M] -- C:\Program Files\RGB
[2009/03/30 15:06:05 | 00,000,000 | ---D | M] -- C:\Program Files\Ricochet Lost Worlds
[2009/05/22 13:20:07 | 00,000,000 | ---D | M] -- C:\Program Files\Righteous Kill 2 - Revenge of the Poet Killer
[2007/10/20 11:20:14 | 00,000,000 | ---D | M] -- C:\Program Files\Robbox
[2008/03/29 15:15:38 | 00,000,000 | ---D | M] -- C:\Program Files\Roller Rush
[2006/11/27 01:33:10 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2007/10/03 03:01:20 | 00,000,000 | ---D | M] -- C:\Program Files\Safecracker
[2008/09/06 08:31:36 | 00,000,000 | ---D | M] -- C:\Program Files\School House Shuffle
[2009/03/11 14:10:39 | 00,000,000 | ---D | M] -- C:\Program Files\Sheep's Quest
[2009/03/31 09:54:02 | 00,000,000 | ---D | M] -- C:\Program Files\Shockwave.com
[2009/01/30 08:48:36 | 00,000,000 | ---D | M] -- C:\Program Files\Shop-n-Spree
[2007/10/03 12:54:18 | 00,000,000 | ---D | M] -- C:\Program Files\Shopping Marathon
[2008/12/19 18:26:15 | 00,000,000 | ---D | M] -- C:\Program Files\Shroomz
[2006/11/27 01:23:34 | 00,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2008/05/14 11:22:14 | 00,000,000 | ---D | M] -- C:\Program Files\SlySoft
[2006/11/27 01:33:13 | 00,000,000 | ---D | M] -- C:\Program Files\Sonic
[2008/07/11 10:04:02 | 00,000,000 | ---D | M] -- C:\Program Files\Spa Mania
[2008/11/10 12:09:30 | 00,000,000 | ---D | M] -- C:\Program Files\Spooky Spirits
[2009/04/02 09:06:12 | 00,000,000 | ---D | M] -- C:\Program Files\Success Story
[2009/05/31 11:45:06 | 00,000,000 | ---D | M] -- C:\Program Files\Supermarket Management
[2007/10/16 14:45:48 | 00,000,000 | ---D | M] -- C:\Program Files\Sushi Frenzy
[2007/10/18 20:01:29 | 00,000,000 | ---D | M] -- C:\Program Files\Teddy Tavern - A Culinary Adventure
[2008/11/29 16:05:34 | 00,000,000 | ---D | M] -- C:\Program Files\The Adventure Company
[2007/10/03 19:31:17 | 00,000,000 | ---D | M] -- C:\Program Files\The Apprentice - Los Angeles
[2009/04/21 13:10:11 | 00,000,000 | ---D | M] -- C:\Program Files\The Count of Monte Cristo
[2008/09/17 16:38:42 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/09/13 08:16:08 | 00,000,000 | ---D | M] -- C:\Program Files\Turbo Fiesta
[2007/10/03 03:33:50 | 00,000,000 | ---D | M] -- C:\Program Files\Turbo Pizza
[2008/01/17 16:55:38 | 00,000,000 | ---D | M] -- C:\Program Files\Turbo Subs
[2007/10/19 14:25:57 | 00,000,000 | ---D | M] -- C:\Program Files\Twilight
[2009/02/21 11:11:53 | 00,000,000 | ---D | M] -- C:\Program Files\Uniblue
[2005/08/16 05:50:18 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/01/26 09:16:47 | 00,000,000 | ---D | M] -- C:\Program Files\Vogue Tales
[2006/12/20 11:09:48 | 00,000,000 | ---D | M] -- C:\Program Files\VV2INTRO
[2009/02/13 10:16:10 | 00,000,000 | ---D | M] -- C:\Program Files\Wendy's Wellness
[2008/06/14 18:36:22 | 00,000,000 | ---D | M] -- C:\Program Files\Westward
[2009/01/04 00:59:00 | 00,000,000 | ---D | M] -- C:\Program Files\Westward II - Heroes of the Frontier
[2008/12/20 20:20:08 | 00,000,000 | ---D | M] -- C:\Program Files\Westward III Gold Rush
[2008/02/11 09:05:33 | 00,000,000 | ---D | M] -- C:\Program Files\WhiteSmoke
[2008/10/10 09:26:34 | 00,000,000 | ---D | M] -- C:\Program Files\WildGames
[2006/11/27 01:28:37 | 00,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2009/03/31 23:01:29 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
[2006/12/21 12:47:59 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2006/12/21 12:47:58 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/05/09 09:52:37 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/08/16 05:37:56 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2005/08/16 05:40:46 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/04/03 09:34:55 | 00,000,000 | ---D | M] -- C:\Program Files\Wonderburg
[2008/09/17 10:09:42 | 00,000,000 | ---D | M] -- C:\Program Files\Wonderland Adventures
[2005/08/16 05:43:46 | 00,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/05/17 07:03:36 | 00,000,000 | ---D | M] -- C:\Program Files\Yard Sale Hidden Treasures - Lucky Junction
[2009/05/27 10:09:17 | 00,000,000 | ---D | M] -- C:\Program Files\Ye Olde Sandwich Shoppe
[2009/06/02 08:08:56 | 00,000,000 | ---D | M] -- C:\Program Files\Zylom Games

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FA94A934
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90B52091
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6533A988
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E4FCDFD9
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D56F6BEE
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDC42529
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BA05E0C4
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B90C7652
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D2A2F0A
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507AEDA
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4363DE71
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3118E26B
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1316EAD4
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDF08FAF
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D95C77E
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB97DB91
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA9A5EA8
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93226FE3
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52641FBE
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE87230
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CAF6B12
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A6D6CB4
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6D027BB
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF61CE5A
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B35EA7C3
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:938EC881
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:88698068
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71DCAB18
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DA71AE7
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:39C7B7C6
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4661F
@Alternate Data Stream - 411 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6D5196DD
@Alternate Data Stream - 357 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D81A09B0
@Alternate Data Stream - 301 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07557E0B
@Alternate Data Stream - 287 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5260CA1B
@Alternate Data Stream - 243 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E224648
@Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2CEC0E8
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF5B3572
@Alternate Data Stream - 225 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1FBA7E1
@Alternate Data Stream - 225 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7CEDF9F3
@Alternate Data Stream - 225 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:663B62CA
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF0BC727
@Alternate Data Stream - 222 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D7072F8A
@Alternate Data Stream - 222 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3A6CA11
@Alternate Data Stream - 222 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E0A467D
@Alternate Data Stream - 222 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:31F2397C
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC7C9796
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BC73C48
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F93516B
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:126591AF
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02719624
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BACA4183
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:923F8E55
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CCDAB14
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9560C829
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:097FF903
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F44D3C53
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:417B6FAC
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC2D8A6F
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A688EF17
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BFBC1BB
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:953FDC1A
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43D34EF3
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E44D7155
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BBF60A29
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F85EE30
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F1019FF
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9E46E4C
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BD304B9
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:62672BC8
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48FEA089
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3766E957
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08D8BB20
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D8DB81DC
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:91486201
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85C3B823
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:450ABF8D
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13DF9DD1
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE6885F1
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F87C4A4
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BF63E4A
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11FC043F
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF794BCD
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7B98566
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E50C1C9
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:87E0E06D
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:598E0FFA
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43301D1D
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21C2E351
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D27B55A
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0DFB793
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDCD0530
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A60D4837
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F4DB476
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC60E0F8
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8247A199
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5FB7A2BD
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:038ACE45
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0DACB2B7
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:19C3BC3A
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09867A8B
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2C9E369
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AA60673F
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A561576B
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:269C0B5C
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F42B5B0E
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E7F155B
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A77A28B
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12C32D25
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E412AAF2
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DE47A3DA
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B845F669
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:163CAB5A
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05DD96FD
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7776B809
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6FDE1666
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6C13E971
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63CFD724
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F96D8E6
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:453190EC
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:13AA281B
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11E79CC9
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0860D6D6
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D818F7
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7972CF54
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BF0805F
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:270A3983
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C3B5FCD5
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6FD3C973
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52E1DB1D
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52206035
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDCD8531
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21935633
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F67AAFC5
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DDEB08FD
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A0C7D68A
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9AA05701
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:969C0C96
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AAE25C0
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:331B76C7
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B4E9D93
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:25513300
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BABA07C2
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6F55EB66
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4C49306C
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:483AC68A
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05C38D9A
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E84CA8F2
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD13A410
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94F67F32
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D962E75
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEF1584F
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1713795
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDE546C6
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7BD8D1FA
@Alternate Data Stream - 197 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CDB9CA3
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FDCAE7B5
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E32966C0
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0EB1DE
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E2BD6A9
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A848C3E
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3BAD65EA
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B82C0BB
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27176851
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10D98D98
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D6C864
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CC7738DB
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AA99C0C
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55F44B88
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:361800A8
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0310A379
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9A524EE6
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6677D85A
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:538B96B5
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4AA2F6A9
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AA004D25
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98DFF516
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98AE08EA
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38E2864F
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:052E15C3
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5A2FD7C
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CDB07D6D
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B812EE0
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:385E2CFD
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:221F35CC
@Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B9E79B3
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DACE1FBE
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D667795F
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2AF478DB
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:19F494DE
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:26FD8642
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D346FE4C
@Alternate Data Stream - 162 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:25D37F9D
@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:306E3C70
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:831F2C78
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EB551C8
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F6BE44B
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7D50F3CE
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27012B21
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44688298
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FF333535
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B54102AD
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9494338C
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:543CAD1B
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C9C5D1E
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11C15960
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1128200
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75C2528D
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:040E11E4
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D5DFA607
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:887C125E
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81F54BD5
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5FF74A17
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2550C4A
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:096F582D
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D941299B
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9F222B60
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:447AD91E
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4072646B
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F5E0AE16
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:698B483C
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33AFD01D
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F0F3115
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D8C88E3A
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D750829B
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5947273C
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D9ED8F7
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AE04588B
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:73C25840
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E9DC8DCB
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3EA10C5C
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CEFEABF
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B19CC382
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:262338FE
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1AD90C3
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AADF9751
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79BE9D5A
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:175A5CD9
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7B0EA92
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C4870D32
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A636021B
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:37A0A833
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F1D69E8
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7EC17216
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65241CBC
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22313216
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAF6860A
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F64FC07C
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E106B617
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D2E0A01
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:353FE71F
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C4D3509
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:65756BF8
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E66A88
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3F9A3DFF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B419A171
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E783B8E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4E6B8D68
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0EECBA6F
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EDC284A8
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D38415F0
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B403ABD
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75A89023
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43E0EC8A
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F9516E2
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BC498A4
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1E7308B6
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FBFC061F
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A5DC071A
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3251D01
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9D0CEAB7
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76C52240
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71441FEF
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:710F4DBF
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6C5EC3CD
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60AC3BC3
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5AF0DC60
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:569CEE83
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3539CD43
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05E95A33
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB601DB3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A463A25
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BF1E33F2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B51CAAE
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0DFE2AE1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9CAEE170
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79AC0D92
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75F5C19E
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6A4D7243
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F6462DF
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:294F888B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7120F9A
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D708EEF9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99C1A08E
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9857FAE3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:895C5142
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AF9CAEB
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79A70C33
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:63F8EC77
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CCCF70F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D00B445
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D01FEF7
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E717F65C
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D95261FF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A057B5F9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:760DD869
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:723E56EC
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C63E7DE2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CF19C1B
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:87B05421
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7EBCAF87
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF76F21
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3965C4E8
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A08645B5
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9583725B
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7CA7BED1
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AA6FC81
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E6CC985
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:314CFB12
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1037D53D
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D885A57E
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94A6C632
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FDE55F0
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B653AA4
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:726FDB23
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C6EBC69
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:39D0446E
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:354E094D
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:343BD036
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD24DCF8
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2D4B33E
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BF2E2F0E
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90C14690
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E3698DB
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:842B0AED
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C5ABDC7
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AA21473
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FD604D11
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC5EFA15
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2762B9
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60C897F3
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:49CABE45
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D48500F8
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A47E1363
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93877B62
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:64F3F315
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:395C0D36
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F67CD26
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05773093
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D4CA4749
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B4CF4C16
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9C012695
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60A4BB64
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E962FBDB
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D055FC10
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E89C78E
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0551F1FA
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C07A6A6B
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:92B0AEE6
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8EEDCEA2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A0EFE63
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50746937
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BBE2390
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:086DE893
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FD408334
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2611698
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3B7A337
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DC6E295
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:55E3C0E0
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F141B68
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:275AA066
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:25069912
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A051701
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D02FBAEC
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C2A42C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FF9C44FE
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:293ADB24
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:077F4C77
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E50C1642
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFE3C14F
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D33D2CB2
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2836460B
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07241935
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:062AF572
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F478C26F
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:961B4D58
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DF68137
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69FD6BF0
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC32D4A3
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0A9D0E7
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97C4F81F
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:614F17D3
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51F17BB8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:282EC894
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12EA4DC9
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA50D64F
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9DF07E8F
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F6B2F25
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF71CAB5
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C118E02A
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD76B91B
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8D616319
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:717085FD
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5CAEA052
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:31D2961C
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0DFF22
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2A2493EF
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18897B1D
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D0668210
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9FD258B
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A97118EB
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A7DA2BCD
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5CD3E8E7
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1E6212E6
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:01300E1B
< End of report >


OTL Extras logfile created on: 6/6/2009 6:01:20 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Lloyd blauen\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.84 Mb Total Physical Memory | 535.52 Mb Available Physical Memory | 52.82% Memory free
2.38 Gb Paging File | 1.81 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.14 Gb Total Space | 189.17 Gb Free Space | 82.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BONNIE
Current User Name: Lloyd blauen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell File not found
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger (Logitech Inc.)
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare (Eastman Kodak Company)
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger File not found
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\NBC Direct\StoreFrontPlayer.exe:*:Enabled:NBC Direct Beta File not found
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\LDA Games\Rival Ball\Rival Ball.exe:*:Enabled:Rival Ball (Longbow Digital Arts)
C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire (FrostWire Group)
C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. (iWin Inc.)
C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0345520E-2A04-4A36-BC31-353AE87A6092}" = RPS Diagnostic Utility
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0818687F-F41F-496D-9D6D-DB98F147FC62}" = RPS Firewall
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0996C331-6DCB-4E38-A3EC-0A77ABAE1361}" = Help_CTR
"{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}" = Intel® PRO Network Connections
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1771FDC8-D846-4B77-996A-C80DAD42C03F}" = OpenCASE Media Agent
"{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}" = Microsoft Works Suite Add-in for Microsoft Word
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E164156-3FA1-4389-9B0B-28E88B879639}" = RPS AsRealtime
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}" = PerfectDisk
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{295F5142-A223-4164-9A6D-6683C08409FC}" = RPS RpsCore
"{2A97D5B3-A989-47E1-B207-1CA9E3635655}" = aioprnt
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2F4BFC9D-17D7-447A-AEA2-467892D876B3}" = RPS App Detector
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{310F26F3-C769-48E5-BD0D-53D4366C34CD}" = RPS PopupBlocker
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}" = Dracula Origin
"{39B1BD87-561E-4762-AED9-7C5213B06C24}" = ebgcInfra
"{3BED0238-3A25-41AE-BC23-316914B5B048}" = aioocr
"{3DE0053C-FD9A-483E-B7C9-B06E4392206E}" = iTunes
"{3DE72179-FEF4-4846-BF82-62CBFC61F8D7}" = RPS Performance Tool
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{44C05309-60F4-410B-BC32-31733CFF1A46}" = Microsoft Digital Image Standard 2006 Editor
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{4AA73DA8-8D69-44ED-B5D7-CB815C81F83E}" = RPS Zip
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB252}" = Microsoft Digital Image Standard 2006 Library
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{537654FC-556A-4992-BF3D-ADC05E7009DC}" = RPS AntiFraud
"{53B2D537-21CF-44D5-A03A-0DAF993B5728}" = ebgcSDK
"{58A2663B-56DC-488F-8E29-D44C6DE053B5}" = RPS Security Cleanup
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73568F76-7A37-9DB4-73B1-11DCF1A2FC52}" = FOX News Live
"{738004B8-C43C-47B7-A08D-CD727E4595FF}" = Fashion Cents Deluxe Audio Expansion Pack
"{73F1681F-ADE1-461F-9F18-B7640507D395}" = ksdip
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{791E3D44-33D3-4446-82AD-5CD4B0169083}" = aiofw
"{79E41D91-BA1C-44B9-9358-48E598263ECF}" = center
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D11FED9-4214-40A6-A6CA-3CFBAC20DA36}" = RPS Burn
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{843081BD-351F-46FC-8A17-517A0D9117A3}" = helptut
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_POWERPOINTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_POWERPOINTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_POWERPOINTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_POWERPOINTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_POWERPOINTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_POWERPOINTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{904847DA-FBC0-4726-BE73-830FCB9D4E8A}" = RPS Backup
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
"{91120000-0018-0000-0000-0000000FF1CE}_POWERPOINTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99E6E9E1-BBCD-4294-93C6-08537A9E92CB}" = RPS AntiSpyware
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D18F7F8-B984-4249-8512-CC621BC59F12}" = Microsoft Location Finder
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC82BF06-223B-42AA-A89F-2D3BCD247366}" = RPS Privacy Manager
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B054DC20-7EC8-41DD-B213-BF71DBC39458}" = Fashion Cents Deluxe 1.01
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF99E78-879B-4811-BFEF-3CC7057BC00D}" = RPS Ad Blocker
"{C0251585-1BE8-4278-B3CB-964B6E01C59D}" = aioscnnr
"{C70EF769-8296-4ED0-966F-D624BC6D4927}" = Authentium AntiVirus SDK - 2
"{C869F4FF-E5FF-4FBB-9A31-33C23605E170}" = PPSDKRedistributables
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D7DF917E-C963-42B4-AD48-837ACA6D8859}" = AT&T Internet Security Suite
"{D7FB76C8-3A76-49A1-B1A4-C686E4B067B9}" = BellSouth Wireless LAN USB Adapter
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC32544C-86ED-4B8E-80BC-9DC99023A313}" = ebgcRes
"{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}" = helpug
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E5E7B0D0-20E1-4B1A-B8C9-B9E2B93DE1DE}" = RPS ParentalControl
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E85A45C2-290F-4C4A-9363-B6399EE648A9}" = RPS AntiVirus
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F24862FD-DDC7-490D-AC02-8797B575D6A9}" = SpaMsiWrapper
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2A69CA0-8BBF-4404-BA68-DB79A3548E34}" = PCStitch 7
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Airport Mania_is1" = Airport Mania
"Alex Gordon" = Alex Gordon
"Alice Greenfingers_is1" = Alice Greenfingers
"Amelie's Cafe" = Amelie's Cafe
"am-sunsetstudioloveonthehighseas" = Sunset Studio - Love on the High Seas
"AnyDVD" = AnyDVD
"Ashtons Family Resort_is1" = Ashtons Family Resort
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Baby Blimp" = Baby Blimp
"Beach Party Craze" = Beach Party Craze
"BFG-3 Days - Zoo Mystery" = 3 Days: Zoo Mystery
"BFG-Alice Greenfingers 2" = Alice Greenfingers 2
"BFG-Anna`s Ice Cream" = Anna`s Ice Cream
"BFG-Antique Shop" = Antique Shop
"BFG-Babysitting Mania" = Babysitting Mania (remove only)
"BFG-Beetle Bug 2" = Beetle Bug 2 (remove only)
"BFG-Believe in Santa - Sandy`s Story" = Believe in Santa - Sandy`s Story (remove only)
"BFG-Belle`s Beauty Boutique" = Belle`s Beauty Boutique (remove only)
"BFG-Big Kahuna Reef 2 - Chain Reaction" = Big Kahuna Reef 2 - Chain Reaction (remove only)
"BFG-Bubble Town" = Bubble Town
"BFG-Burger Island" = Burger Island (remove only)
"BFG-Burger Shop" = Burger Shop (remove only)
"BFGC" = Big Fish Games Client
"BFG-Cake Mania" = Cake Mania (remove only)
"BFG-Card Tricks" = Card Tricks (remove only)
"BFG-Carrie the Caregiver" = Carrie the Caregiver (remove only)
"BFG-Cathy's Caribbean Club" = Cathy's Caribbean Club (remove only)
"BFG-Champion Chef" = Champion Chef (remove only)
"BFG-Chocolate Shop Frenzy" = Chocolate Shop Frenzy
"BFG-Cubis Gold 2" = Cubis Gold 2
"BFG-Daycare Nightmare" = Daycare Nightmare (remove only)
"BFG-Daycare Nightmare - Mini-Monsters" = Daycare Nightmare: Mini-Monsters
"BFG-Delicious Deluxe" = Delicious Deluxe (remove only)
"BFG-Diner Dash" = Diner Dash (remove only)
"BFG-DQ Tycoon" = DQ Tycoon
"BFG-Dr Daisy Pet Vet" = Dr. Daisy Pet Vet (remove only)
"BFG-Dracula Twins" = Dracula Twins (remove only)
"BFG-Dress Up Rush" = Dress Up Rush
"BFG-Dyno Kid" = Dyno Kid (remove only)
"BFG-Emerald Tale" = Emerald Tale (remove only)
"BFG-Enchanted Katya and the Mystery of the Lost Wizard" = Enchanted Katya and the Mystery of the Lost Wizard
"BFG-Everything Nice" = Everything Nice
"BFG-Fairy Jewels" = Fairy Jewels
"BFG-Fairy Jewels 2" = Fairy Jewels 2
"BFG-Farm Frenzy" = Farm Frenzy
"BFG-Farmer Jane" = Farmer Jane
"BFG-Fashion Fits!" = Fashion Fits! (remove only)
"BFG-Fashion Rush" = Fashion Rush (remove only)
"BFG-Fever Frenzy" = Fever Frenzy (remove only)
"BFG-Fitness Frenzy" = Fitness Frenzy
"BFG-Floating Kingdoms" = Floating Kingdoms ™
"BFG-Flower Shop - Big City Break" = Flower Shop - Big City Break (remove only)
"BFG-Forgotten Lands - First Colony" = Forgotten Lands ™: First Colony
"BFG-Gemsweeper" = Gemsweeper (remove only)
"BFG-Go Go Gourmet - Chef of the Year" = Go-Go Gourmet: Chef of the Year
"BFG-Go-Go Gourmet" = Go-Go Gourmet (remove only)
"BFG-Gold Fever" = Gold Fever (remove only)
"BFG-Golden Hearts Juice Bar" = Golden Hearts Juice Bar (remove only)
"BFG-Hell's Kitchen" = Hell's Kitchen
"BFG-Hidden Mysteries - Civil War" = Hidden Mysteries: Civil War
"BFG-Hospital Hustle" = Hospital Hustle
"BFG-Ice Cream Dee Lites" = Ice Cream Dee Lites
"BFG-Ice Cream Mania" = Ice Cream Mania
"BFG-Ice Princess" = Ice Princess
"BFG-Jane's Realty" = Jane's Realty
"BFG-Jessica's Cupcake Cafe" = Jessica's Cupcake Cafe
"BFG-Jewel Miner" = Jewel Miner (remove only)
"BFG-Jewelleria" = Jewelleria
"BFG-Magic Farm" = Magic Farm
"BFG-Magic Seeds" = Magic Seeds (remove only)
"BFG-Mahjongg Investigation - Under Suspicion" = Mahjongg Investigation - Under Suspicion (remove only)
"BFG-Megaplex Madness - Now Playing" = Megaplex Madness: Now Playing
"BFG-Megastore Madness" = Megastore Madness
"BFG-Mortimer and the Enchanted Castle" = Mortimer and the Enchanted Castle (remove only)
"BFG-Mystery Case Files - Prime Suspects" = Mystery Case Files: Prime Suspects (remove only)
"BFG-Mystic Inn" = Mystic Inn (remove only)
"BFG-Nancy Drew Dossier - Lights, Camera Curses" = Nancy Drew Dossier: Lights, Camera, Curses
"BFG-Nanny Mania" = Nanny Mania (remove only)
"BFG-Operation Mania" = Operation Mania
"BFG-Orchard" = Orchard
"BFG-Paradise Pet Salon" = Paradise Pet Salon (remove only)
"BFG-Pet Pals Animal Doctor" = Pet Pals Animal Doctor (remove only)
"BFG-Pet Playground" = Pet Playground
"BFG-Pizza Chef" = Pizza Chef (remove only)
"BFG-Plant Tycoon" = Plant Tycoon (remove only)
"BFG-Puppy Stylin'" = Puppy Stylin`
"BFG-Purrfect Pet Shop" = Purrfect Pet Shop (remove only)
"BFG-Ranch Rush" = Ranch Rush
"BFG-Safecracker" = Safecracker (remove only)
"BFG-School House Shuffle" = School House Shuffle
"BFG-Sheep's Quest" = Sheep's Quest
"BFG-Shop-n-Spree" = Shop-n-Spree
"BFG-Shopping Marathon" = Shopping Marathon (remove only)
"BFG-Shroomz" = Shroomz (remove only)
"BFG-Spa Mania" = Spa Mania
"BFG-Success Story" = Success Story
"BFG-Supermarket Management" = Supermarket Management
"BFG-Teddy Tavern - A Culinary Adventure" = Teddy Tavern: A Culinary Adventure (remove only)
"BFG-The Apprentice - Los Angeles" = The Apprentice - Los Angeles (remove only)
"BFG-The Count of Monte Cristo" = The Count of Monte Cristo
"BFG-Turbo Fiesta" = Turbo Fiesta
"BFG-Turbo Pizza" = Turbo Pizza (remove only)
"BFG-Turbo Subs" = Turbo Subs (remove only)
"BFG-Vogue Tales" = Vogue Tales (remove only)
"BFG-Wendy's Wellness" = Wendy's Wellness
"BFG-Westward" = Westward
"BFG-Westward II - Heroes of the Frontier" = Westward II: Heroes of the Frontier
"BFG-Wonderburg" = Wonderburg
"BFG-Wonderland Adventures" = Wonderland Adventures (remove only)
"BFG-Yard Sale Hidden Treasures - Lucky Junction" = Yard Sale Hidden Treasures: Lucky Junction
"BFG-Ye Olde Sandwich Shoppe" = Ye Olde Sandwich Shoppe
"Birdies" = Birdies
"BLOX Deluxe" = BLOX Deluxe
"BLOX Forever Deluxe" = BLOX Forever Deluxe
"Book of Legends" = Book of Legends (remove only)
"BookDB2_is1" = BookDB2
"Boulder Dash Treasure Pleasure_is1" = Boulder Dash Treasure Pleasure
"Buccaneer Bistro (Diner Dash Hometown Hero - Gourmet)" = Buccaneer Bistro (Diner Dash Hometown Hero - Gourmet)
"Cake Mania 2" = Cake Mania 2 (remove only)
"Cake Mania 3" = Cake Mania 3 (remove only)
"Cake Mania Back to the Bakery" = Cake Mania Back to the Bakery (remove only)
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Camp Funshine: Carrie the Caregiver 3" = Camp Funshine: Carrie the Caregiver 3
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"Carrie the Caregiver 2: Preschool" = Carrie the Caregiver 2: Preschool
"CCI Huntsville" = CCI Huntsville (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Concentration" = Concentration (remove only)
"Continental Cafe Free Trial_is1" = Continental Cafe Free Trial
"Cooking Dash" = Cooking Dash
"Costume Chaos_is1" = Costume Chaos
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"CrystalVoiceClick-to-Talk" = CrystalVoice Click-to-Talk
"CSCLIB" = Canon Camera Support Core Library
"Dairy Dash" = Dairy Dash
"Delicious - Emilys Taste of Fame Deluxe" = Delicious - Emilys Taste of Fame Deluxe
"Delicious - Emily's Tea Garden" = Delicious - Emily's Tea Garden
"Delicious 2 Deluxe" = Delicious 2 Deluxe
"Delicious winter edition Deluxe" = Delicious winter edition Deluxe
"Dell Game Console" = Dell Game Console
"Diaper Dash" = Diaper Dash
"Diner Dash - Flo on the Go + Together" = Diner Dash - Flo on the Go + Together
"Diner Dash 2 + Together" = Diner Dash 2 + Together
"Diner Dash Hometown Hero - Gourmet" = Diner Dash Hometown Hero - Gourmet
"Doggie Dash" = Doggie Dash
"Domino Dash_is1" = Domino Dash v1.3
"DragonStone" = DragonStone (remove only)
"Dress Shop Hop" = Dress Shop Hop
"DX-Ball 2" = DX-Ball 2
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EOS Utility" = Canon Utilities EOS Utility
"Escape From Paradise" = Escape From Paradise (remove only)
"Farm Craft" = Farm Craft (remove only)
"Farm Frenzy - Pizza Party!" = Farm Frenzy - Pizza Party!
"Farm Frenzy 2" = Farm Frenzy 2
"Farm Mania_is1" = Farm Mania
"Fashion Apprentice" = Fashion Apprentice
"Fashion Boutique" = Fashion Boutique
"Fashion Craze" = Fashion Craze
"Fashion Dash" = Fashion Dash
"Fee Fi Flo Fun (Diner Dash Hometown Hero - Gourmet)" = Fee Fi Flo Fun (Diner Dash Hometown Hero - Gourmet)
"Fitness Dash" = Fitness Dash
"Flash Dating" = Flash Dating
"Forest Resort" = Forest Resort (remove only)
"G.H.O.S.T. Hunters" = G.H.O.S.T. Hunters
"GameHouse" = GameHouse
"Gamevance" = Gamevance
"GemSweeper" = GemSweeper
"GoToAssist" = GoToAssist 8.0.0.480
"Gourmania" = Gourmania
"Happy Hour_is1" = Happy Hour
"Hawaiian Explorer Lost Island" = Hawaiian Explorer Lost Island (remove only)
"HDMI" = Intel® Graphics Media Accelerator Driver
"Helen Gardener" = Helen Gardener (remove only)
"HijackThis" = HijackThis 2.0.2
"Holiday Bonus_is1" = Holiday Bonus
"Holly - A Christmas Tale" = Holly - A Christmas Tale
"Ice Cream Craze" = Ice Cream Craze
"Ice Cream Craze - Tycoon Takeover_is1" = Ice Cream Craze - Tycoon Takeover
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"iWin Toolbar" = iWin Toolbar
"iWinArcade" = iWin Games (remove only)
"Jane's Hotel. Family Hero_is1" = Jane's Hotel. Family Hero
"Jane's Hotel_is1" = Jane's Hotel
"Jenny's Fish Shop" = Jenny's Fish Shop
"KinderGarten" = KinderGarten
"Leeloo's Talent Agency" = Leeloo's Talent Agency
"Logitech Resource Center" = Logitech Resource Center
"Lovely Kitchen_is1" = Lovely Kitchen
"Majestic Forest" = Majestic Forest
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Miriel The Magical Merchant_is1" = Miriel The Magical Merchant
"Money2006b" = Microsoft Money 2006
"Mortimer Beckett Deluxe" = Mortimer Beckett Deluxe
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Munchkin Lunchkin (Diner Dash Hometown Hero - Gourmet)" = Munchkin Lunchkin (Diner Dash Hometown Hero - Gourmet)
"My Tribe DEMO" = My Tribe DEMO
"Mystic Emporium_is1" = Mystic Emporium
"Nicky Boom" = Nicky Boom
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"Pageant Princess" = Pageant Princess (remove only)
"Parking Dash" = Parking Dash
"Party Down_is1" = Party Down
"Pet Pals Animal Doctor" = Pet Pals Animal Doctor (remove only)
"Pet Shop Hop" = Pet Shop Hop
"Pet Show Craze" = Pet Show Craze
"Photo Mania" = Photo Mania (remove only)
"PhotoStitch" = Canon Utilities PhotoStitch
"PictureItPrem_v12" = Microsoft Digital Image Standard 2006 Update
"Posh Boutique" = Posh Boutique
"POWERPOINTR" = Microsoft Office PowerPoint 2007
"RadialpointClientGateway_is1" = AT&T Internet Security Wizard 1.5.11
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealArcade" = RealArcade
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Return To Wonderland_is1" = Return To Wonderland v3.01
"Ricochet Lost Worlds_is1" = Ricochet Lost Worlds
"Rival Ball" = Rival Ball
"Robbox_is1" = Robbox
"Roller Rush" = Roller Rush (remove only)
"Sallys Spa" = Sallys Spa
"Sandlot Connect_is1" = Sandlot Connect Version 1.2.4
"SearchAssist" = SearchAssist
"SpongeBob Diner Dash 2" = SpongeBob Diner Dash 2
"Sprill - The Mystery of The Bermuda Triangle" = Sprill - The Mystery of The Bermuda Triangle
"ST4UNST #1" = 4PLAY 4.95 for Windows 95
"ST4UNST #2" = 4PLAY 4.95 for Windows 95 (c:\Documents and Settings\Lloyd blauen\My Documents\Morpheus Playlists\)
"Stand O'Food" = Stand O'Food
"Stand O'Food 2" = Stand O'Food 2
"Sunshine Acres" = Sunshine Acres
"Super Collapse! from GameHouse" = Super Collapse! from GameHouse
"Sushi Frenzy_is1" = Sushi Frenzy
"The Apprentice - Los Angeles" = The Apprentice - Los Angeles (remove only)
"The Great Chocolate Chase" = The Great Chocolate Chase
"The Great Chocolate Chase: A Chocolatier Twist" = The Great Chocolate Chase: A Chocolatier Twist
"The Magic Seal" = The Magic Seal
"The Nightshift Code" = The Nightshift Code
"Travel Agency" = Travel Agency (remove only)
"Vortiball" = Vortiball
"Wandering Willows" = Wandering Willows
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wedding Dash" = Wedding Dash
"Wedding Dash - Ready Aim Love" = Wedding Dash - Ready Aim Love
"Wedding Dash 2" = Wedding Dash 2
"Westward III Gold Rush" = Westward III Gold Rush (remove only)
"WildTangent CDA" = WildTangent Web Driver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wonderland v1.17_is1" = Wonderland v1.17
"Works2006Setup" = Microsoft Works Suite 2006 Setup Launcher
"WT026186" = Garden Dreams
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YoudaFarmer" = YoudaFarmer (remove only)
"Yummy Drink Factory" = Yummy Drink Factory (remove only)
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/30/2009 3:39:49 PM | Computer Name = BONNIE | Source = Application Error | ID = 1000
Description = Faulting application wedding-dash-ready-aim-love.exe, version 1.0.0.95,
faulting module wedding-dash-ready-aim-love.exe, version 1.0.0.95, fault address
0x0018e7b4.

Error - 5/31/2009 9:48:36 AM | Computer Name = BONNIE | Source = Application Error | ID = 1000
Description = Faulting application wedding-dash-ready-aim-love.exe, version 1.0.0.95,
faulting module wedding-dash-ready-aim-love.exe, version 1.0.0.95, fault address
0x001144bc.

Error - 5/31/2009 11:19:23 AM | Computer Name = BONNIE | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 5/31/2009 11:28:23 AM | Computer Name = BONNIE | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x5a5e1039.

Error - 5/31/2009 11:37:09 AM | Computer Name = BONNIE | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x5a5e1039.

Error - 5/31/2009 9:32:42 PM | Computer Name = BONNIE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 5/31/2009 9:32:42 PM | Computer Name = BONNIE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 6/1/2009 2:57:54 PM | Computer Name = BONNIE | Source = Application Error | ID = 1000
Description = Faulting application wedding-dash-ready-aim-love.exe, version 1.0.0.95,
faulting module wedding-dash-ready-aim-love.exe, version 1.0.0.95, fault address
0x0018e7b4.

Error - 6/6/2009 12:28:35 PM | Computer Name = BONNIE | Source = Application Error | ID = 1000
Description = Faulting application 10daysunderthesea.ifn, version 2.0.0.2, faulting
module 10daysunderthesea.ifn, version 2.0.0.2, fault address 0x000a3d5f.

Error - 6/6/2009 12:29:05 PM | Computer Name = BONNIE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x02c78b20.

[ System Events ]
Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:00 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2

Error - 6/6/2009 3:17:09 PM | Computer Name = BONNIE | Source = Service Control Manager | ID = 7000
Description = The PCAMPR5 NDIS Protocol Driver service failed to start due to the
following error: %%2


< End of report >

hi

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  CODE
  :OTL
  PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
  PRC - C:\Program Files\Gamevance\gamevance32.exe ()
  PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
  O2 - BHO: (Gamevance) - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll ()
  O2 - BHO: (Gamevance Text) - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll (Gamevance LLC)
  O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
  O3 - HKLM\..\Toolbar: (no name) - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - Reg Error: Key error. File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Reg Error: Key error. File not found
  O4 - HKLM..\Run: [Gamevance] C:\Program Files\Gamevance\gamevance32.exe a ()
  O4 - HKLM..\RunOnceEx: [] File not found
  [2009/05/28 17:00:52 | 00,000,000 | ---D | C] -- C:\Program Files\Gamevance
  [2009/04/20 12:31:13 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Lloyd blauen\Application Data\.#
  [2008/06/23 15:19:23 | 00,000,000 | -HSD | M] -- C:\found.000
  
  :Services
  
  :Reg
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
  
  
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done

Please download ATF Cleaner by Atribune.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.




Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






Go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   Spyware, Adware, Dialers, and other potentially dangerous programs
   Archives
   Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Here are the scan results:

Malwarebytes' Anti-Malware 1.37
Database version: 2245
Windows 5.1.2600 Service Pack 3

6/7/2009 3:51:17 PM
mbam-log-2009-06-07 (15-51-17).txt

Scan type: Quick Scan
Objects scanned: 93565
Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\iWin Games\iWinGamesHookIE.dll (Trojan.BHO) -> Delete on reboot.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Sunday, June 7, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Sunday, June 07, 2009 23:02:47
Records in database: 2323747
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 216942
Threat name: 5
Infected objects: 6
Suspicious objects: 0
Duration of the scan: 02:56:26


File name / Threat name / Threats count
C:\Documents and Settings\Lloyd blauen\Desktop\GAME ICONS\Good Games\babysitting-mania-setup.exe Infected: not-a-virus:AdWare.Win32.AdMedia.g 1
C:\Documents and Settings\Lloyd blauen\Desktop\Program Install Files\iWinGamesSetup.exe Infected: not-a-virus:AdWare.Win32.AdMedia.g 1
C:\Program Files\Happy Hour\Happy Hour 1.0.1.exe Infected: Trojan-Downloader.Win32.Agent.bfce 1
C:\Program Files\iWin.com\Escape From Paradise\GLWorker.exe Infected: Trojan-Spy.Win32.SCKeyLog.dx 1
C:\Program Files\Shockwave.com\Camp Funshine - Carrie the Caregiver 3\product\Carrie the Caregiver 3.exe Infected: Backdoor.Win32.Rbot.znc 1
C:\Program Files\Vogue Tales\VogueTales.exe Infected: not-a-virus:FraudTool.Win32.SpyLocked.q 1

The selected area was scanned.

hi

Please download OTM

• Save it to your desktop.
• Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  CODE
  :Processes
  explorer.exe
  
  :Services
  
  :Reg
  
  :Files
  C:\Documents and Settings\Lloyd blauen\Desktop\GAME ICONS\Good Games\babysitting-mania-setup.exe
  C:\Documents and Settings\Lloyd blauen\Desktop\Program Install Files\iWinGamesSetup.exe
  C:\Program Files\Happy Hour\Happy Hour 1.0.1.exe
  C:\Program Files\iWin.com\Escape From Paradise\GLWorker.exe
  C:\Program Files\Shockwave.com\Camp Funshine - Carrie the Caregiver 3\product\Carrie the Caregiver 3.exe
  C:\Program Files\Vogue Tales\VogueTales.exe
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
  
  
• Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTM

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Documents and Settings\Lloyd blauen\Desktop\GAME ICONS\Good Games\babysitting-mania-setup.exe moved successfully.
C:\Documents and Settings\Lloyd blauen\Desktop\Program Install Files\iWinGamesSetup.exe moved successfully.
C:\Program Files\Happy Hour\Happy Hour 1.0.1.exe moved successfully.
C:\Program Files\iWin.com\Escape From Paradise\GLWorker.exe moved successfully.
C:\Program Files\Shockwave.com\Camp Funshine - Carrie the Caregiver 3\product\Carrie the Caregiver 3.exe moved successfully.
C:\Program Files\Vogue Tales\VogueTales.exe moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\.mail.yahoo[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\fc[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\iframe3[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\DUNQXNZC\OTM[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\DUNQXNZC\st[1] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\blank[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\iframe[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\launch[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1TN7KT0R\blank[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1TN7KT0R\index[4].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_294.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTM by OldTimer - Version 2.1.0.0 log created on 06082009_071743

Files moved on Reboot...
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\.mail.yahoo[2].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\fc[1].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\ISQX42EW\iframe3[1].htm not found!
C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\DUNQXNZC\OTM[1].exe moved successfully.
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\DUNQXNZC\st[1] not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\blank[2].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\iframe[1].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1ZP6B5YQ\launch[1].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1TN7KT0R\blank[1].htm not found!
File C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\Content.IE5\1TN7KT0R\index[4].htm not found!
C:\Documents and Settings\Lloyd blauen\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_294.dat not found!

Registry entries deleted on Reboot...

Your logs are clean


Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.

• Download OTC to your desktop and run it
• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Below I have included a number of recommendations for how to protect your computer against malware infections.

• Keep Windows updated by regularly checking their website at :
  http://windowsupdate.microsoft.com/
  This will ensure your computer has always the latest security updates available installed on your computer.
  
  
• SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  
  
• SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  
  
• Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
• ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
  
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.
  
  
• Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
  secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
  blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
  Here
  
  
  If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
  • NoScript - for blocking ads and other potential website attacks
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
  
  
• Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  
  
• ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  
  
• FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
  
  
• Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.
  
  
• Please read my guide on how to prevent malware and about safe computing here

Thank you for your patience, and performing all of the procedures requested.

Rorschach112 ...

Thanks ever so much for all of your time and assistance. I have learned much from you and grateful for having my computer functioning as it should thanks to your expertise.

Snoops_1

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.

Everyone else please begin a New Topic.

Thank you !