The Extras file didn't open, nor does it seem to be saved with the other file and program. So here is only the OTL logfile. If there is somewhere else I need to look for the Extras file in, please let me know.
OTL logfile created on: 8/6/2010 7:33:03 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\natalie\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 81.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688.92 Gb Total Space | 655.70 Gb Free Space | 95.18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 111.79 Gb Total Space | 59.02 Gb Free Space | 52.80% Space Free | Partition Type: NTFS
Computer Name: NATALIE-PC
Current User Name: natalie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/08/06 07:31:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\natalie\Downloads\OTL.exe
PRC - [2010/07/27 11:35:26 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/22 15:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\natalie\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/02 11:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/06/24 18:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/09 07:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) -- C:\32788R22FWJFW\NirCmd.cfxxe
PRC - [2009/01/14 15:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/09 16:40:16 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe
PRC - [2008/12/09 16:40:16 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2008/05/15 15:26:02 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
========== Modules (SafeList) ========== MOD - [2010/08/06 07:31:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\natalie\Downloads\OTL.exe
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/05/31 18:32:58 | 000,244,840 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:
64bit: - [2010/05/31 18:32:58 | 000,199,032 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:
64bit: - [2010/05/31 18:32:58 | 000,148,520 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV:
64bit: - [2010/04/15 07:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:
64bit: - [2010/03/10 08:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:
64bit: - [2009/12/10 15:15:04 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/06/09 07:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2010/07/02 03:52:59 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/02 03:42:13 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/10/02 11:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/06/26 09:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/05/21 06:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2009/01/14 15:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/09 16:40:16 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/12/09 16:40:16 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
========== Driver Services (SafeList) ========== DRV:
64bit: - File not found [File_System | System | Stopped] -- C:\Windows\SysNative\DRIVERS\RxFilter.sys -- (RxFilter)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:
64bit: - [2010/05/31 18:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:
64bit: - [2009/12/10 17:40:28 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:
64bit: - [2009/10/02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/09/30 23:34:00 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2009/09/26 08:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:
64bit: - [2009/09/17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:
64bit: - [2009/08/06 05:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink
DRV:
64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/06/05 16:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV - [2009/06/26 08:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/USCON/1IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/27 11:35:52 | 000,000,000 | ---D | M]
[2010/07/26 13:31:52 | 000,000,000 | ---D | M] -- C:\Users\natalie\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/26 13:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\natalie\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
O1 HOSTS File: ([2010/08/06 06:11:29 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:
64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100725225701.dll (McAfee, Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100725225701.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\system32\EptMon64.DLL File not found
O4:
64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\system32\THXCfg64.DLL File not found
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - Startup: C:\Users\natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.65.40 213.109.75.90 1.1.1.1
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootMin:
64bit: AppMgmt - Service
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:
64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PEVSystemStart - Service
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: procexp90.Sys - Driver
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: vmms - Service
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: AppMgmt - Service
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:
64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:
64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:
64bit: Messenger - Service
SafeBootNet:
64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet:
64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:
64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:
64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:
64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:
64bit: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PEVSystemStart - Service
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: procexp90.Sys - Driver
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: vmms - Service
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: WudfUsbccidDriver - Driver
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {96C11A15-E1CE-5B38-454B-9D1F3B87DA9B} - Browser Customizations
ActiveX: {A047D090-6F9F-E552-B1EB-0126F53F57AA} - Offline Browsing Pack
ActiveX: {A807C845-034B-025E-152A-4A76FA2C6258} - Themes Setup
ActiveX: {C7B8A612-84A3-8F76-ACC0-97DB3148F222} - Browser Customizations
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ========== [2010/08/06 07:23:26 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/06 06:14:59 | 000,000,000 | ---D | C] -- C:\Users\natalie\Desktop\GooredFix Backups
[2010/08/06 06:11:28 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/08/05 18:06:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/05 18:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/05 18:02:50 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/05 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/08/05 17:04:30 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Malwarebytes
[2010/08/05 17:04:24 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/05 17:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/04 15:07:42 | 001,196,368 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\natalie\Desktop\TDSSKiller.exe
[2010/08/04 09:37:20 | 000,000,000 | ---D | C] -- C:\Users\natalie\.gimp-2.2
[2010/08/04 09:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMPshop
[2010/07/29 10:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010/07/27 16:19:51 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\OLYMPUS
[2010/07/27 16:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/07/27 16:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/07/27 16:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OLYMPUS
[2010/07/27 11:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010/07/27 11:35:28 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/07/27 11:35:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2010/07/27 11:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2010/07/27 11:35:25 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Real
[2010/07/27 11:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/27 01:20:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/07/27 01:20:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/07/27 01:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/07/26 19:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/07/26 19:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/07/26 19:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/07/26 19:25:24 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Adobe
[2010/07/26 17:36:19 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Google
[2010/07/26 17:36:04 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Deployment
[2010/07/26 17:36:04 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Apps
[2010/07/26 13:40:35 | 000,000,000 | ---D | C] -- C:\Users\natalie\Documents\Azureus Downloads
[2010/07/26 13:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2010/07/26 13:33:47 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Azureus
[2010/07/26 13:31:52 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Mozilla
[2010/07/26 13:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskBarDis
[2010/07/26 13:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010/07/26 12:50:57 | 010,558,400 | ---- | C] (Vuze Inc.) -- C:\Users\natalie\Desktop\Vuze_4.2.0.2_windows.exe
[2010/07/26 05:53:38 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Macromedia
[2010/07/26 05:53:38 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Adobe
[2010/07/25 20:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/07/25 20:57:01 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2010/07/25 20:56:55 | 000,528,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2010/07/25 20:56:55 | 000,440,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2010/07/25 20:56:55 | 000,279,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2010/07/25 20:56:55 | 000,189,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2010/07/25 20:56:55 | 000,121,504 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2010/07/25 20:56:55 | 000,093,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2010/07/25 20:56:55 | 000,075,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2010/07/25 20:56:55 | 000,062,416 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2010/07/25 17:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010/07/25 17:27:09 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Diagnostics
[2010/07/25 17:21:56 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\CyberLink
[2010/07/25 17:05:58 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Dell
[2010/07/25 17:05:51 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Stardock_Corporation
[2010/07/25 17:05:44 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\ATI
[2010/07/25 17:05:44 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\ATI
[2010/07/25 17:05:40 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Intel Corporation
[2010/07/25 17:05:36 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\SupportSoft
[2010/07/25 17:05:23 | 000,000,000 | R--D | C] -- C:\Users\natalie\Searches
[2010/07/25 17:05:23 | 000,000,000 | -H-D | C] -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/07/25 17:05:14 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Identities
[2010/07/25 17:05:12 | 000,000,000 | R--D | C] -- C:\Users\natalie\Contacts
[2010/07/25 17:05:11 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\VirtualStore
[2010/07/25 17:02:35 | 000,000,000 | --SD | C] -- C:\Users\natalie\AppData\Roaming\Microsoft
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\Music
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\Links
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\Favorites
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\Downloads
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\My Documents
[2010/07/25 17:02:35 | 000,000,000 | R--D | C] -- C:\Users\natalie\Desktop
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\AppData\Local\Temporary Internet Files
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Templates
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Start Menu
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\SendTo
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Recent
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\PrintHood
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\NetHood
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Documents\My Videos
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Documents\My Pictures
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Documents\My Music
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\My Documents
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Local Settings
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\AppData\Local\History
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Cookies
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\Application Data
[2010/07/25 17:02:35 | 000,000,000 | -HSD | C] -- C:\Users\natalie\AppData\Local\Application Data
[2010/07/25 17:02:35 | 000,000,000 | -H-D | C] -- C:\Users\natalie\AppData
[2010/07/25 17:02:35 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Temp
[2010/07/25 17:02:35 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Local\Microsoft
[2010/07/25 17:02:35 | 000,000,000 | ---D | C] -- C:\Users\natalie\AppData\Roaming\Media Center Programs
[2010/07/25 17:02:34 | 000,000,000 | R--D | C] -- C:\Users\natalie\Videos
[2010/07/25 17:02:34 | 000,000,000 | R--D | C] -- C:\Users\natalie\Saved Games
[2010/07/25 17:02:34 | 000,000,000 | R--D | C] -- C:\Users\natalie\Pictures
[2010/07/25 15:57:29 | 000,000,000 | ---D | C] -- C:\Users\natalie\Documents\natalie documents
[2010/07/02 06:23:15 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010/07/02 06:23:15 | 000,121,872 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtiHdmi.sys
[2010/07/02 06:23:14 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010/07/02 06:23:14 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010/07/02 06:23:14 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010/07/02 06:23:12 | 000,448,000 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010/07/02 06:23:12 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010/07/02 06:23:12 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010/07/02 06:23:12 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010/07/02 06:23:11 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010/07/02 06:22:57 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010/07/02 06:22:57 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010/07/02 06:22:57 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010/07/02 06:22:57 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010/07/02 06:22:56 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010/07/02 06:22:56 | 000,320,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010/07/02 06:22:56 | 000,309,760 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010/07/02 06:22:56 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010/07/02 06:22:56 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010/07/02 06:22:56 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010/07/02 06:22:56 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010/07/02 06:22:56 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010/07/02 06:22:31 | 001,478,144 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2010/07/02 06:21:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2010/07/02 06:21:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/07/02 06:21:18 | 000,000,000 | ---D | C] -- C:\Drivers
[2010/07/02 06:14:43 | 000,000,000 | ---D | C] -- C:\dell
[2010/07/02 05:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/07/02 05:33:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010/07/02 05:32:35 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/07/02 05:32:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/07/02 04:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/07/02 03:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/07/02 03:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/07/02 03:58:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/07/02 03:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2010/07/02 03:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2010/07/02 03:57:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2010/07/02 03:53:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}
[2010/07/02 03:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/07/02 03:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2010/07/02 03:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2010/07/02 03:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010/07/02 03:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010/07/02 03:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2010/07/02 03:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/07/02 03:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010/07/02 03:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2010/07/02 03:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2010/07/02 03:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010/07/02 03:51:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/07/02 03:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010/07/02 03:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010/07/02 03:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2010/07/02 03:49:57 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/07/02 03:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/07/02 03:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/07/02 03:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/07/02 03:48:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010/07/02 03:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/07/02 03:46:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/07/02 03:46:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/02 03:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/07/02 03:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/07/02 03:45:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/07/02 03:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/07/02 03:43:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2010/07/02 03:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010/07/02 03:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2010/07/02 03:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2010/07/02 03:43:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportsoft
[2010/07/02 03:43:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Support Center
[2010/07/02 03:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2010/07/02 03:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010/07/02 03:42:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/02 03:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010/07/02 03:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010/07/02 03:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010/07/02 03:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multimedia Card Reader(9106)
[2010/07/02 03:39:47 | 000,000,000 | ---D | C] -- C:\Intel
[2010/07/02 03:39:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/07/02 03:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010/07/02 03:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/02 03:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/02 03:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/07/02 03:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/07/02 03:37:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010/07/02 03:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc
[2010/07/02 03:37:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
========== Files - Modified Within 90 Days ========== [2010/08/06 07:34:18 | 001,572,864 | -HS- | M] () -- C:\Users\natalie\NTUSER.DAT
[2010/08/06 06:41:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1050821485-3544646205-1795249244-1000UA.job
[2010/08/06 06:20:02 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/06 06:20:02 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/06 06:18:31 | 001,196,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\natalie\Desktop\TDSSKiller.exe
[2010/08/06 06:17:05 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/06 06:17:05 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/06 06:17:05 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/06 06:12:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/06 06:12:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/06 06:12:44 | 2115,301,375 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/06 06:12:02 | 001,067,971 | -H-- | M] () -- C:\Users\natalie\AppData\Local\IconCache.db
[2010/08/06 06:11:29 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/08/06 06:01:43 | 000,000,055 | ---- | M] () -- C:\Users\natalie\Desktop\3.jpg.url
[2010/08/05 19:41:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1050821485-3544646205-1795249244-1000Core.job
[2010/08/05 18:16:35 | 000,293,376 | ---- | M] () -- C:\Users\natalie\Desktop\gmer.exe
[2010/08/05 18:06:28 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/05 18:02:19 | 000,000,930 | ---- | M] () -- C:\Users\natalie\Desktop\NTREGOPT.lnk
[2010/08/05 18:02:19 | 000,000,911 | ---- | M] () -- C:\Users\natalie\Desktop\ERUNT.lnk
[2010/08/04 09:47:38 | 000,000,000 | ---- | M] () -- C:\Users\natalie\.gtk-bookmarks
[2010/08/04 09:38:10 | 000,641,060 | ---- | M] () -- C:\Users\natalie\.fonts.cache-1
[2010/08/03 10:40:25 | 000,017,392 | ---- | M] () -- C:\Users\natalie\Documents\Questionnaire_India.pdf
[2010/08/02 07:41:35 | 000,000,172 | ---- | M] () -- C:\Users\natalie\Desktop\Upload date.url
[2010/07/29 08:53:45 | 000,261,854 | ---- | M] () -- C:\Users\natalie\Desktop\ticket confirmation.xps
[2010/07/28 12:44:08 | 000,054,243 | ---- | M] () -- C:\Users\natalie\Desktop\Replacement Cost.pdf
[2010/07/27 16:19:03 | 000,002,447 | ---- | M] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/07/27 16:19:03 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/07/27 16:18:34 | 000,001,125 | ---- | M] () -- C:\Users\natalie\Desktop\OLYMPUS Master 2.lnk
[2010/07/27 11:35:52 | 000,001,270 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/27 11:35:28 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010/07/27 01:21:27 | 000,356,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/07/26 19:26:13 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/07/26 17:38:42 | 000,002,332 | ---- | M] () -- C:\Users\natalie\Desktop\Google Chrome.lnk
[2010/07/26 17:35:41 | 000,064,512 | ---- | M] () -- C:\Users\natalie\Desktop\check_request_for_Summer_7.11.10.doc
[2010/07/26 13:39:52 | 000,000,708 | ---- | M] () -- C:\Users\natalie\Desktop\Downloads - Shortcut.lnk
[2010/07/26 13:39:31 | 000,000,724 | ---- | M] () -- C:\Users\natalie\Desktop\Azureus Downloads - Shortcut.lnk
[2010/07/26 13:33:31 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/07/26 13:33:31 | 000,001,854 | ---- | M] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/07/26 13:30:17 | 000,001,093 | ---- | M] () -- C:\Users\natalie\Documents - Shortcut.lnk
[2010/07/26 12:50:57 | 010,558,400 | ---- | M] (Vuze Inc.) -- C:\Users\natalie\Desktop\Vuze_4.2.0.2_windows.exe
[2010/07/25 20:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 20:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 20:48:47 | 000,065,536 | -HS- | M] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/25 17:27:00 | 000,000,194 | ---- | M] () -- C:\Users\natalie\Desktop\New Rich Text Document.rtf
[2010/07/25 17:16:20 | 000,001,443 | ---- | M] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/25 17:05:52 | 000,001,984 | ---- | M] () -- C:\Users\natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2010/07/25 17:02:44 | 000,090,224 | ---- | M] () -- C:\Users\natalie\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/25 17:02:35 | 000,000,020 | -HS- | M] () -- C:\Users\natalie\ntuser.ini
[2010/07/25 17:02:04 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/07/25 17:02:04 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/07/02 06:28:38 | 000,005,350 | RH-- | M] () -- C:\dell.sdr
[2010/07/02 06:22:29 | 000,005,350 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_STU_8100.mrk
[2010/07/02 06:22:29 | 000,005,350 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_STU_8100.mrk
[2010/07/02 05:33:50 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010/07/02 05:33:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/07/02 04:02:28 | 000,793,688 | ---- | M] () -- C:\Windows\SysNative\chklogo6.wtl
[2010/07/02 03:53:34 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010/05/31 18:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2010/05/31 18:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2010/05/31 18:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2010/05/31 18:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2010/05/31 18:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2010/05/31 18:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2010/05/31 18:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2010/05/31 18:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2010/05/31 18:32:58 | 000,009,984 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
========== Files Created - No Company Name ========== [2010/08/06 06:01:43 | 000,000,055 | ---- | C] () -- C:\Users\natalie\Desktop\3.jpg.url
[2010/08/05 18:06:28 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/05 18:02:19 | 000,000,930 | ---- | C] () -- C:\Users\natalie\Desktop\NTREGOPT.lnk
[2010/08/05 18:02:19 | 000,000,911 | ---- | C] () -- C:\Users\natalie\Desktop\ERUNT.lnk
[2010/08/04 09:39:33 | 000,000,000 | ---- | C] () -- C:\Users\natalie\.gtk-bookmarks
[2010/08/04 09:38:10 | 000,641,060 | ---- | C] () -- C:\Users\natalie\.fonts.cache-1
[2010/08/03 10:40:25 | 000,017,392 | ---- | C] () -- C:\Users\natalie\Documents\Questionnaire_India.pdf
[2010/08/02 07:41:35 | 000,000,172 | ---- | C] () -- C:\Users\natalie\Desktop\Upload date.url
[2010/07/29 08:53:44 | 000,261,854 | ---- | C] () -- C:\Users\natalie\Desktop\ticket confirmation.xps
[2010/07/28 12:44:08 | 000,054,243 | ---- | C] () -- C:\Users\natalie\Desktop\Replacement Cost.pdf
[2010/07/27 16:19:03 | 000,002,447 | ---- | C] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/07/27 16:19:03 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/07/27 16:18:34 | 000,001,125 | ---- | C] () -- C:\Users\natalie\Desktop\OLYMPUS Master 2.lnk
[2010/07/27 11:35:52 | 000,001,270 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/26 19:26:13 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/07/26 17:38:42 | 000,002,332 | ---- | C] () -- C:\Users\natalie\Desktop\Google Chrome.lnk
[2010/07/26 17:36:20 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1050821485-3544646205-1795249244-1000UA.job
[2010/07/26 17:36:20 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1050821485-3544646205-1795249244-1000Core.job
[2010/07/26 17:35:41 | 000,064,512 | ---- | C] () -- C:\Users\natalie\Desktop\check_request_for_Summer_7.11.10.doc
[2010/07/26 13:39:52 | 000,000,708 | ---- | C] () -- C:\Users\natalie\Desktop\Downloads - Shortcut.lnk
[2010/07/26 13:39:31 | 000,000,724 | ---- | C] () -- C:\Users\natalie\Desktop\Azureus Downloads - Shortcut.lnk
[2010/07/26 13:31:40 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/07/26 13:31:40 | 000,001,854 | ---- | C] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/07/26 13:30:17 | 000,001,093 | ---- | C] () -- C:\Users\natalie\Documents - Shortcut.lnk
[2010/07/25 17:26:44 | 000,000,194 | ---- | C] () -- C:\Users\natalie\Desktop\New Rich Text Document.rtf
[2010/07/25 17:16:20 | 000,001,443 | ---- | C] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/25 17:05:52 | 000,001,984 | ---- | C] () -- C:\Users\natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2010/07/25 17:02:35 | 000,524,288 | -HS- | C] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 17:02:35 | 000,524,288 | -HS- | C] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 17:02:35 | 000,262,144 | -HS- | C] () -- C:\Users\natalie\ntuser.dat.LOG1
[2010/07/25 17:02:35 | 000,065,536 | -HS- | C] () -- C:\Users\natalie\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/25 17:02:35 | 000,000,290 | ---- | C] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/25 17:02:35 | 000,000,272 | ---- | C] () -- C:\Users\natalie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/25 17:02:35 | 000,000,020 | -HS- | C] () -- C:\Users\natalie\ntuser.ini
[2010/07/25 17:02:35 | 000,000,000 | -HS- | C] () -- C:\Users\natalie\ntuser.dat.LOG2
[2010/07/25 17:02:34 | 001,572,864 | -HS- | C] () -- C:\Users\natalie\NTUSER.DAT
[2010/07/02 06:28:38 | 000,005,350 | RH-- | C] () -- C:\dell.sdr
[2010/07/02 06:23:15 | 000,402,016 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010/07/02 06:23:14 | 000,402,016 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010/07/02 06:23:13 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2010/07/02 06:23:13 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2010/07/02 06:23:13 | 000,019,017 | ---- | C] () -- C:\Windows\atiogl.xml
[2010/07/02 06:23:12 | 000,196,565 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010/07/02 06:22:29 | 000,005,350 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_STU_8100.mrk
[2010/07/02 06:22:29 | 000,005,350 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_STU_8100.mrk
[2010/07/02 05:33:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/07/02 05:33:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/07/02 05:32:23 | 2115,301,375 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/02 04:02:27 | 000,793,688 | ---- | C] () -- C:\Windows\SysNative\chklogo6.wtl
[2010/07/02 03:53:34 | 000,230,912 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2010/07/02 03:53:34 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/07/02 03:53:34 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2010/07/02 03:53:34 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/07/02 03:53:34 | 000,006,507 | ---- | C] () -- C:\Windows\SysNative\THXCfg64.ini
[2010/07/02 03:53:34 | 000,005,262 | ---- | C] () -- C:\Windows\SysNative\MCEptMon.ini
[2010/07/02 03:53:34 | 000,005,262 | ---- | C] () -- C:\Windows\SysNative\MBEptMon.ini
[2010/07/02 03:53:34 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2010/07/02 03:53:34 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2010/07/02 03:53:34 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2010/07/02 03:53:34 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ========== [2010/08/06 06:11:05 | 000,000,000 | ---D | M] -- C:\Users\natalie\AppData\Roaming\Azureus
[2009/07/13 22:08:49 | 000,004,154 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/07/02 06:28:38 | 000,005,350 | RH-- | M] () -- C:\dell.sdr
[2010/08/06 06:12:44 | 2115,301,375 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/06 06:12:49 | 4252,057,599 | -HS- | M] () -- C:\pagefile.sys
[2010/08/06 06:23:00 | 000,059,686 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_06.08.2010_06.21.16_log.txt
[2010/08/06 06:46:09 | 000,059,686 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_06.08.2010_06.45.23_log.txt
< %systemroot%\system32\Spool\prtprocs\w32x86\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.com >[2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.exe > < %systemroot%\Fonts\*.ini >[2009/06/10 13:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr >[2009/07/10 10:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >[2009/07/13 21:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Update\*.* > < %PROGRAMFILES%\*. >[2010/07/26 19:26:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/07/26 13:31:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AskBarDis
[2010/07/02 03:41:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2010/07/02 03:42:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2010/07/27 11:35:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/07/02 03:53:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
[2010/07/02 03:43:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2010/07/02 03:43:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Support Center
[2010/08/05 18:02:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ERUNT
[2010/08/04 09:53:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMPshop
[2010/07/02 03:53:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/07/02 03:40:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2010/07/27 11:35:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/07/02 03:38:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/08/05 18:06:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/07/26 05:48:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2010/07/27 01:21:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee.com
[2010/07/02 03:46:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010/07/29 10:49:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/07/02 03:48:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/07/02 03:47:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/07/02 03:48:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010/07/02 03:41:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/07/29 10:49:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2010/07/27 01:02:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010/07/02 03:40:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Multimedia Card Reader(9106)
[2010/07/27 16:18:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OLYMPUS
[2010/07/27 16:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2010/07/27 11:35:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/07/02 03:52:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2010/07/02 03:50:00 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2009/07/13 21:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010/07/26 13:33:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/07/02 03:48:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/07/02 03:46:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/07/27 01:20:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/07/02 06:27:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/13 22:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < set /c >ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\natalie\AppData\Roaming
CLASSPATH=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=NATALIE-PC
ComSpec=C:\Windows\system32\cmd.exe
EMC_AUTOPLAY=c:\Program Files (x86)\Common Files\Roxio Shared\
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\natalie
LOCALAPPDATA=C:\Users\natalie\AppData\Local
LOGONSERVER=\\NATALIE-PC
NUMBER_OF_PROCESSORS=8
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=1e05
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
RoxioCentral=c:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\natalie\AppData\Local\Temp
TMP=C:\Users\natalie\AppData\Local\Temp
USERDOMAIN=natalie-PC
USERNAME=natalie
USERPROFILE=C:\Users\natalie
windir=C:\Windows
< End of report >