Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Out of memory at line 2. Mozilla crashing, IE popups.

Started by NicoleB89 , May 08 2011 05:43 PM

Please log in to reply

#1
NicoleB89

Posted 08 May 2011 - 05:43 PM

Member

Member
14 posts

My Mozilla Firefox started crashing everytime I went on a site with any kind of media (pictures, video, etc). I uninstalled it and reinstalled and that did not work. I then started getting an IE message which is super odd because the only time I have used IE is to download Mozilla both when I first got it and tonight to reinstall. I didn't even go to one other site. The message said "Out of memory at line 2" So I read a bunch of places that clearing your cookies/cache would fix it so I cleared cookies/cache on both browsers. That didn't work. And then I started getting popups from IE without it being open. I closed them without thinking to take note of what they are for.

Also, not sure if this is normal but I have never seen it. There is a bar across the top of my google page, a blue one that has suggestion in it... it doesn't seem legit to me.

My OTL log is:

OTL logfile created on: 08/05/2011 9:05:46 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 124.91 Gb Free Space | 53.64% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Downloads\OTL.exe
PRC - [2011/05/08 20:22:14 | 000,139,264 | ---- | M] () -- C:\Users\Nicole\Downloads\slant.exe
PRC - [2011/04/14 13:55:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/21 16:26:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/11/30 14:50:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/05 18:16:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:52:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:33:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 17:04:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/02/01 00:13:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 19:01:46 | 001,616,976 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/01/20 23:54:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/01/20 23:53:33 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
PRC - [2008/01/14 14:43:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Downloads\OTL.exe
MOD - [2010/08/31 13:09:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/04/28 14:45:53 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/05/08 19:21:53 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F38A4827-0EE5-4617-B338-8A8D118EF46E}\MpKsla3481180.sys -- (MpKsla3481180)
DRV - [2010/10/24 22:55:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:55:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/04/15 15:06:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:33:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/15 15:35:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 13:18:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2009/05/20 12:40:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/19 17:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2009/01/22 19:37:30 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/12/10 20:00:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/09/19 05:33:00 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/06/03 22:00:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 23:38:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/02/24 07:10:18 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2008/02/15 22:31:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/25 00:12:54 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Dell\MediaDirect\000.fcl -- ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7})
DRV - [2007/12/18 21:42:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/07/30 16:24:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 15:12:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2

Edited by NicoleB89, 08 May 2011 - 05:52 PM.

#2
RKinner

Posted 08 May 2011 - 10:20 PM

Malware Expert

Expert
24,624 posts

We didn't get the whole log.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them. To Copy the whole log, open it, click once in the log and then Ctrl + a to select the whole log then Ctrl + c to copy it. Move to a reply and Ctrl + v to paste it.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click

Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.

ComboFix

:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well.

See: http://www.bleepingc...opic114351.html

Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on george and select Run As Administrator to start the program.

* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then

Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to

stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this

occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing,

Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply
Posted Image

Ron

#3
NicoleB89

Posted 09 May 2011 - 10:39 AM

Member

Topic Starter
Member
14 posts

Thanks!

My extras from the OTL are:
OTL Extras logfile created on: 08/05/2011 9:05:46 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 124.91 Gb Free Space | 53.64% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28CD504A-8789-451D-8BE9-B754300D8F66}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9A73147D-1D25-418D-94CF-DCAA5C05A01C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C872A6-D0C8-4403-B023-5603FDB4BE3A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{07F924AB-9186-4E9E-85B7-D2EBD3629A90}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{24205509-82A3-4EF9-8410-9E09AF40217F}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{2766BE45-9574-43D2-9A2E-284674547CCB}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{28A98127-C669-47BF-899A-26A8B66C4DD0}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{36B33F14-FF9C-4689-A8DC-6BEBE2A6E7C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{37B3B006-7432-412D-B881-22A7AB803541}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{3DA60878-0141-46E0-B422-97FCFE766408}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4A65FCDD-752D-4E47-9317-1F6B3EDD16EA}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{4B9BA275-F605-4CA3-90FD-10525C519182}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{53B558B3-6A3A-4BC4-94B7-76C9029F2B50}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{5BA4C534-8ED5-4205-9ACB-A397234CD8F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{718979D4-DFD5-4B42-9B00-D7D4F8459177}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DBEF499-FA14-4501-9C2D-11DC680D990B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{86ED4BC0-6848-4F66-8A54-AC2E1DCB8CC6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{9C15826A-1EE2-40CC-ACF7-9EE924B698A0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A35F4416-041B-4A08-B134-12050CC92111}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{AD0C459F-568C-4AAF-B379-C6F6952596AA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{CB429194-56DF-4514-843B-A5CA68727C4B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D55687C7-D9BE-4C20-9276-A34CD3368839}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{D8C459AF-4588-48FA-8B08-3B944475C512}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{EC3CD4C8-E302-4BBF-A4FD-220B2EF3F372}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{EEA0DE9A-61CA-45E5-9E04-8E571CCD9157}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{140BF0D0-E848-405C-9A01-D3256B918B6D}" = AuthenTec Fingerprint System
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless 1515 Driver Installation
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C62299C-65FF-834B-AE08-00A463411321}" = Skins
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6F4148D5-BAE5-F6AA-E34A-32DD423B31C3}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{813FF60E-226E-092E-3243-91367F900BE2}" = ccc-utility
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{883141EF-9174-259C-ED5D-74D0FB2461C0}" = ccc-core-static
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B85F8BF3-2D1C-683A-9F47-F0339EBE3ADA}" = Catalyst Control Center Graphics Full New
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D31D8690-A6E5-37C3-8BBE-28E8EE48BEAB}" = Catalyst Control Center Graphics Previews Vista
"{D5A3FE4E-E160-8987-4AB9-0148BF2F65B0}" = Catalyst Control Center Graphics Light
"{D9481F93-5D55-C4E2-6D3F-ED2180590920}" = Catalyst Control Center Graphics Full Existing
"{DA054439-21A7-D2EF-DE23-38AA0560535F}" = ATI Catalyst Install Manager
"{E137477C-C14A-92E7-867A-08E256A5425E}" = CCC Help English
"{E19DF061-5BBA-72B7-17A0-B8DA1FEA621A}" = Catalyst Control Center Core Implementation
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E481DB0E-52F2-4EE0-9BDA-9EE173FA6EA2}" = Catalyst Control Center - Branding
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EAE03C8D-6A76-9A21-1111-B93B338ABDB1}" = Catalyst Control Center InstallProxy
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BB6248-C507-46FE-8A35-1B16F35E0441}" = ITECIR
"17D5EDB8CF9DBD67DDA7675D6772B06BA5809565" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/01/2008 8.0.26.3)
"991554" = Contextual Tool Yourprofitclub
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"fxjkrkqvrwwrl" = Advanced Performance Platform Revenuestreaming.
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"Steam App 22000" = World of Goo
"Steam App 26800" = Braid
"Steam App 29180" = Osmos
"Steam App 35700" = Trine
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/04/2011 7:34:08 PM | Computer Name = Nicole-PC | Source = EventSystem | ID = 4621
Description =

Error - 28/04/2011 12:46:27 PM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

Error - 28/04/2011 1:04:20 PM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

Error - 28/04/2011 1:25:45 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:26:31 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:26:46 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:26:47 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:05 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:55 PM | Computer Name = Nicole-PC | Source = Application Hang | ID = 1002
Description = The program iTunes.exe version 10.2.2.12 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1118 Start Time: 01cc05c9be0917d3 Termination Time: 7

Error - 28/04/2011 1:41:03 PM | Computer Name = Nicole-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 29/04/2011 3:27:23 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 29/04/2011 3:27:28 AM | Computer Name = Nicole-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 29/04/2011 7:46:51 AM | Computer Name = Nicole-PC | Source = HTTP | ID = 15016
Description =

Error - 29/04/2011 7:47:23 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Mbam log:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6538

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

09/05/2011 12:55:26 PM
mbam-log-2011-05-09 (12-55-26).txt

Scan type: Full scan (C:\|)
Objects scanned: 263571
Time elapsed: 1 hour(s), 22 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3a067c03-a6b8-5202-fe04-cc595a037ac4} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3a067c03-a6b8-5202-fe04-cc595a037ac4} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A067C03-A6B8-5202-FE04-CC595A037AC4} (Adware.AdRotator) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Nicole\AppData\Local\Temp\algs.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\6c52092e.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

Combofix:

ComboFix 11-05-08.04 - Nicole 09/05/2011 13:54:39.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.3068.1995 [GMT -2.5:30]
Running from: c:\users\Nicole\Desktop\George.exe.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Steam\Steam.exe
c:\windows\system32\991554.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-09 to 2011-05-09 )))))))))))))))))))))))))))))))
.
.
2011-05-09 16:30 . 2011-05-09 16:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-09 16:17 . 2011-05-09 16:17 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9320D50D-7931-4AF7-8AD2-65673542F51F}\MpKsld0cc76fe.sys
2011-05-09 13:39 . 2010-12-20 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-09 13:39 . 2011-05-09 13:39 -------- d-----w- c:\programdata\Malwarebytes
2011-05-09 13:39 . 2011-05-09 13:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-09 13:39 . 2010-12-20 20:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-09 13:27 . 2011-04-11 04:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9320D50D-7931-4AF7-8AD2-65673542F51F}\mpengine.dll
2011-05-09 05:04 . 2006-10-26 22:26 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-05-09 05:04 . 2006-10-26 22:26 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-09 05:03 . 2011-05-09 05:03 -------- d-----w- c:\program files\Microsoft Works
2011-05-09 04:56 . 2011-05-09 04:56 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-09 04:55 . 2011-05-09 05:04 -------- d-----w- c:\programdata\Microsoft Help
2011-05-09 04:51 . 2011-05-09 04:51 -------- d-----r- C:\MSOCache
2011-05-08 20:41 . 2011-05-08 21:43 50328 ----a-w- c:\windows\system32\fxjkrkqvrwwrl.exe
2011-05-02 01:48 . 2011-05-02 01:48 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-01 20:10 . 2011-05-01 20:10 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2011-05-01 05:30 . 2009-11-08 13:25 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-01 05:30 . 2009-11-08 13:25 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-01 05:30 . 2009-11-08 13:25 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-05-01 05:30 . 2009-11-08 13:25 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-01 05:30 . 2009-11-08 13:25 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-30 05:40 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-04-30 05:40 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-30 05:40 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-04-30 05:40 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-04-30 05:40 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2011-04-30 05:40 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-04-30 05:33 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-04-30 05:33 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2011-04-30 05:32 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-04-30 05:31 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-04-30 04:34 . 2011-04-30 04:35 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-04-30 04:33 . 2011-04-30 04:34 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-04-30 04:32 . 2011-04-30 04:36 -------- d-----w- c:\program files\DivX
2011-04-30 04:32 . 2011-04-30 04:36 -------- d-----w- c:\programdata\DivX
2011-04-30 03:42 . 2011-04-11 04:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-29 17:21 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-04-29 17:21 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-04-29 17:21 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-04-29 16:36 . 2011-04-29 16:36 -------- d-----w- c:\programdata\Skype Extras
2011-04-29 16:35 . 2011-04-29 16:35 -------- d-----w- c:\program files\Common Files\Skype
2011-04-29 16:35 . 2011-04-29 16:36 -------- d-----r- c:\program files\Skype
2011-04-29 16:35 . 2011-04-29 16:35 -------- d-----w- c:\programdata\Skype
2011-04-29 14:12 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-29 14:12 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-04-29 14:12 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-04-29 11:55 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-29 11:55 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-29 07:11 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-04-29 07:11 . 2008-04-23 04:41 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-04-29 07:11 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-29 07:11 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-29 07:08 . 2008-04-30 05:36 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2011-04-29 07:02 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-04-29 07:02 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-04-29 07:02 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-04-29 04:19 . 2011-04-29 04:19 -------- d-----w- c:\program files\Common Files\Java
2011-04-29 04:19 . 2011-04-29 04:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 04:18 . 2011-04-29 04:18 -------- d-----w- c:\program files\Java
2011-04-28 18:49 . 2011-04-28 18:49 -------- d-----w- c:\windows\system32\AGEIA
2011-04-28 18:49 . 2011-04-28 18:49 -------- d-----w- c:\program files\AGEIA Technologies
2011-04-28 18:47 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-04-28 18:16 . 2011-04-28 18:16 -------- d-----w- c:\windows\system32\Macromed
2011-04-28 18:02 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-28 18:02 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-28 18:02 . 2010-01-29 16:22 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-04-28 17:57 . 2011-04-28 17:57 -------- d-----w- c:\program files\Microsoft
2011-04-28 17:57 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-04-28 17:57 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-04-28 17:55 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-04-28 17:54 . 2011-02-22 12:52 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-28 17:54 . 2011-02-22 12:52 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-28 17:54 . 2011-02-22 12:51 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 17:54 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-28 17:54 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-04-28 17:54 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-04-28 17:54 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-04-28 17:54 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-04-28 17:54 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-04-28 17:54 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-28 17:54 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-04-28 17:54 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-28 17:54 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-04-28 17:53 . 2011-03-03 12:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-04-28 17:46 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-04-28 17:45 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-04-28 17:45 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-04-28 17:45 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll
2011-04-28 17:45 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-04-28 17:45 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-04-28 17:45 . 2011-04-28 17:45 -------- d-----w- c:\program files\DellTPad
2011-04-28 17:45 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2011-04-28 17:45 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2011-04-28 17:43 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-04-28 17:40 . 2010-02-26 06:03 527360 ------w- c:\windows\system32\stapi32.dll
2011-04-28 17:39 . 2009-10-10 04:45 380928 ----a-w- c:\windows\system32\aestecap.dll
2011-04-28 17:39 . 2009-03-03 05:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2011-04-28 17:39 . 2010-01-12 06:01 139776 ----a-w- c:\windows\system32\aestacap.dll
2011-04-28 17:39 . 2009-05-13 07:26 47104 ----a-w- c:\windows\system32\ctppld.dll
2011-04-28 17:39 . 2010-02-26 06:03 3350528 ----a-w- c:\windows\system32\stlang.dll
2011-04-28 17:39 . 2010-02-26 06:03 536576 ----a-w- c:\windows\system32\idtmini1.exe
2011-04-28 17:39 . 2010-02-26 06:03 12460124 ----a-w- c:\windows\system32\idtcpl.cpl
2011-04-28 17:39 . 2011-04-28 17:39 -------- d-----w- c:\windows\system32\SRSLabs
2011-04-28 17:38 . 2010-02-26 06:03 175616 ----a-w- c:\windows\system32\st326272.dll
2011-04-28 17:29 . 2011-04-28 17:31 -------- d-----w- c:\program files\Common Files\Adobe
2011-04-28 17:27 . 2011-04-28 17:27 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-28 17:27 . 2009-05-18 17:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-28 17:27 . 2008-04-17 16:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-28 17:23 . 2011-04-28 17:23 -------- d-----w- c:\program files\Apple Software Update
2011-04-28 17:20 . 2011-04-28 17:20 -------- d-----w- c:\program files\Bonjour
2011-04-28 17:19 . 2011-04-28 17:26 -------- d-----w- c:\program files\Common Files\Apple
2011-04-28 17:19 . 2011-04-28 17:19 -------- d-----w- c:\programdata\Apple
2011-04-28 17:14 . 2011-04-28 17:51 -------- d-----w- c:\program files\Common Files\Steam
2011-04-28 17:14 . 2011-05-09 16:29 -------- d-----w- c:\program files\Steam
2011-04-28 17:12 . 2011-04-28 17:12 -------- d-----w- c:\windows\PCHEALTH
2011-04-28 17:11 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll
2011-04-28 17:11 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-04-28 17:11 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-04-28 17:11 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-04-28 17:11 . 2010-01-21 15:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-04-28 17:09 . 2011-04-28 17:09 -------- d-----w- c:\program files\Common Files\Windows Live
2011-04-28 17:09 . 2011-04-28 17:09 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A1D67D3-5618-4658-8A81-8EFC61C55669}\gapaengine.dll
2011-04-28 17:09 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2011-04-28 17:06 . 2009-04-02 12:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-04-28 17:05 . 2009-09-10 15:21 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 14:56 . 2011-04-29 11:55 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 14:56 . 2011-04-29 11:55 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 14:56 . 2011-04-29 11:55 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 14:56 . 2011-04-29 11:55 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-04-14 16:26 . 2011-05-08 22:08 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 15146376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 150552]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-02-26 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 288040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2008-05-06 475136]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-19 54784]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-02-24 203264]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-25 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-06-04 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-09-19 277440]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-05-20 314368]
S1 MpKsld0cc76fe;MpKsld0cc76fe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9320D50D-7931-4AF7-8AD2-65673542F51F}\MpKsld0cc76fe.sys [2011-05-09 28752]
S2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};c:\program files\Dell\MediaDirect\000.fcl [2008-01-25 61424]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe [2009-03-03 81920]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2008-05-06 1168632]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 143968]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [2009-03-06 133632]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [2009-03-19 271552]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLD0CC76FE
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Steam - c:\program files\Steam\Steam.exe
AddRemove-991554 - c:\windows\system32\991554.exe
AddRemove-Steam App 22000 - c:\program files\Steam\steam.exe
AddRemove-Steam App 26800 - c:\program files\Steam\steam.exe
AddRemove-Steam App 29180 - c:\program files\Steam\steam.exe
AddRemove-Steam App 35700 - c:\program files\Steam\steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-09 14:00
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-05-09 14:01:32
ComboFix-quarantined-files.txt 2011-05-09 16:31
.
Pre-Run: 128,511,705,088 bytes free
Post-Run: 128,022,585,344 bytes free
.
- - End Of File - - B83DBFFEF79C94380A5026B3EEF13606

aswMBR log:

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-09 14:05:44
-----------------------------
14:05:44.062 OS Version: Windows 6.0.6001 Service Pack 1
14:05:44.062 Number of processors: 2 586 0x170A
14:05:44.062 ComputerName: NICOLE-PC UserName: Nicole
14:05:45.513 Initialize success
14:05:56.886 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:05:56.886 Disk 0 Vendor: TOSHIBA_MK2565GSX GJ002D Size: 238475MB BusType: 3
14:05:58.945 Disk 0 MBR read successfully
14:05:58.945 Disk 0 MBR scan
14:05:58.945 Disk 0 unknown MBR code
14:06:00.957 Disk 0 scanning sectors +488394752
14:06:01.020 Disk 0 scanning C:\Windows\system32\drivers
14:06:06.589 Service scanning
14:06:08.586 Disk 0 trace - called modules:
14:06:08.601 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
14:06:08.617 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8599c7c8]
14:06:08.617 3 CLASSPNP.SYS[8a3a7745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x852d98a8]
14:06:08.617 Scan finished successfully
14:06:21.456 Disk 0 MBR has been saved successfully to "C:\Users\Nicole\Desktop\MBR.dat"
14:06:21.471 The log file has been saved successfully to "C:\Users\Nicole\Desktop\aswMBRlog.txt"

And the fix button was there

#4
RKinner

Posted 09 May 2011 - 08:41 PM

Malware Expert

Expert
24,624 posts

IF the aswMBR FIX button (Not the FIXMBR button) was enabled then run aswMBR again and press the Fix button. Then post the new log.

I did not get an OTL log this time. Can you post it?

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

SecCenter::
AV: AVG Anti-Virus *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

DirLook::
C:\Program Files\Common
%user%\library

File::
c:\windows\system32\fxjkrkqvrwwrl.exe

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag it over to george and let it start as before.

Post the new log.

Ron

#5
NicoleB89

Posted 09 May 2011 - 10:07 PM

Member

Topic Starter
Member
14 posts

It was the FixMBR button.

I did what you said and after combofix restarted my computer nothing would work. Everything said that a registry file it need had been deleted. I restarted and everything worked fine again.

My mozilla is still crashing every few minutes (seconds sometimes) and I get ads on every page even ones I know I shouldn't get ads on.

ComboFix 11-05-08.04 - Nicole 10/05/2011 1:11.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.3068.1950 [GMT -2.5:30]
Running from: c:\users\Nicole\Desktop\George.exe.exe
Command switches used :: c:\users\Nicole\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\fxjkrkqvrwwrl.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\fxjkrkqvrwwrl.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-10 to 2011-05-10 )))))))))))))))))))))))))))))))
.
.
2011-05-10 03:46 . 2011-05-10 03:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-09 17:45 . 2000-12-06 03:30 109248 ----a-w- c:\windows\system32\mswinsck.ocx
2011-05-09 17:45 . 2011-05-09 17:45 -------- d-----w- c:\program files\IceChat7
2011-05-09 16:35 . 2011-05-09 16:35 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98C3617C-2E0F-4A32-BE21-549B6E9D0AE6}\MpKsl7fc3408f.sys
2011-05-09 16:35 . 2011-04-11 04:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98C3617C-2E0F-4A32-BE21-549B6E9D0AE6}\mpengine.dll
2011-05-09 16:22 . 2011-05-09 16:31 -------- d-----w- C:\George.exe
2011-05-09 13:39 . 2010-12-20 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-09 13:39 . 2011-05-09 13:39 -------- d-----w- c:\programdata\Malwarebytes
2011-05-09 13:39 . 2011-05-09 13:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-09 13:39 . 2010-12-20 20:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-09 05:04 . 2006-10-26 22:26 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-05-09 05:04 . 2006-10-26 22:26 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-09 05:03 . 2011-05-09 05:03 -------- d-----w- c:\program files\Microsoft Works
2011-05-09 04:56 . 2011-05-09 04:56 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-09 04:55 . 2011-05-09 05:04 -------- d-----w- c:\programdata\Microsoft Help
2011-05-09 04:51 . 2011-05-09 04:51 -------- d-----r- C:\MSOCache
2011-05-02 01:48 . 2011-05-02 01:48 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-05-01 20:10 . 2011-05-01 20:10 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2011-05-01 05:30 . 2009-11-08 13:25 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-01 05:30 . 2009-11-08 13:25 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-01 05:30 . 2009-11-08 13:25 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-05-01 05:30 . 2009-11-08 13:25 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-01 05:30 . 2009-11-08 13:25 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-04-30 05:40 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-04-30 05:40 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-30 05:40 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-04-30 05:40 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-04-30 05:40 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2011-04-30 05:40 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-04-30 05:33 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-04-30 05:33 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2011-04-30 05:32 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-04-30 05:31 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-04-30 04:34 . 2011-04-30 04:35 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-04-30 04:33 . 2011-04-30 04:34 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-04-30 04:32 . 2011-04-30 04:36 -------- d-----w- c:\program files\DivX
2011-04-30 04:32 . 2011-04-30 04:36 -------- d-----w- c:\programdata\DivX
2011-04-30 03:42 . 2011-04-11 04:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-29 17:21 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-04-29 17:21 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-04-29 17:21 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-04-29 16:36 . 2011-04-29 16:36 -------- d-----w- c:\programdata\Skype Extras
2011-04-29 16:35 . 2011-04-29 16:35 -------- d-----w- c:\program files\Common Files\Skype
2011-04-29 16:35 . 2011-04-29 16:36 -------- d-----r- c:\program files\Skype
2011-04-29 16:35 . 2011-04-29 16:35 -------- d-----w- c:\programdata\Skype
2011-04-29 14:12 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-29 14:12 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-04-29 14:12 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-04-29 11:55 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-29 11:55 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-29 07:11 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-04-29 07:11 . 2008-04-23 04:41 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-04-29 07:11 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-29 07:11 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-29 07:08 . 2008-04-30 05:36 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2011-04-29 07:02 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-04-29 07:02 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-04-29 07:02 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-04-29 04:19 . 2011-04-29 04:19 -------- d-----w- c:\program files\Common Files\Java
2011-04-29 04:19 . 2011-04-29 04:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 04:18 . 2011-04-29 04:18 -------- d-----w- c:\program files\Java
2011-04-28 18:49 . 2011-04-28 18:49 -------- d-----w- c:\windows\system32\AGEIA
2011-04-28 18:49 . 2011-04-28 18:49 -------- d-----w- c:\program files\AGEIA Technologies
2011-04-28 18:47 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-04-28 18:16 . 2011-04-28 18:16 -------- d-----w- c:\windows\system32\Macromed
2011-04-28 18:02 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-28 18:02 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-28 18:02 . 2010-01-29 16:22 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-04-28 17:57 . 2011-04-28 17:57 -------- d-----w- c:\program files\Microsoft
2011-04-28 17:57 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-04-28 17:57 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-04-28 17:55 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-04-28 17:54 . 2011-02-22 12:52 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-28 17:54 . 2011-02-22 12:52 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-28 17:54 . 2011-02-22 12:51 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 17:54 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-28 17:54 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-04-28 17:54 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-04-28 17:54 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-04-28 17:54 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-04-28 17:54 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-04-28 17:54 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-28 17:54 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-04-28 17:54 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-28 17:54 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-04-28 17:53 . 2011-03-03 12:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-04-28 17:46 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-04-28 17:45 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-04-28 17:45 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-04-28 17:45 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll
2011-04-28 17:45 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-04-28 17:45 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-04-28 17:45 . 2011-04-28 17:45 -------- d-----w- c:\program files\DellTPad
2011-04-28 17:45 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2011-04-28 17:45 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2011-04-28 17:43 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-04-28 17:40 . 2010-02-26 06:03 527360 ------w- c:\windows\system32\stapi32.dll
2011-04-28 17:39 . 2009-10-10 04:45 380928 ----a-w- c:\windows\system32\aestecap.dll
2011-04-28 17:39 . 2009-03-03 05:57 61440 ----a-w- c:\windows\system32\aestaren.dll
2011-04-28 17:39 . 2010-01-12 06:01 139776 ----a-w- c:\windows\system32\aestacap.dll
2011-04-28 17:39 . 2009-05-13 07:26 47104 ----a-w- c:\windows\system32\ctppld.dll
2011-04-28 17:39 . 2010-02-26 06:03 3350528 ----a-w- c:\windows\system32\stlang.dll
2011-04-28 17:39 . 2010-02-26 06:03 536576 ----a-w- c:\windows\system32\idtmini1.exe
2011-04-28 17:39 . 2010-02-26 06:03 12460124 ----a-w- c:\windows\system32\idtcpl.cpl
2011-04-28 17:39 . 2011-04-28 17:39 -------- d-----w- c:\windows\system32\SRSLabs
2011-04-28 17:38 . 2010-02-26 06:03 175616 ----a-w- c:\windows\system32\st326272.dll
2011-04-28 17:29 . 2011-04-28 17:31 -------- d-----w- c:\program files\Common Files\Adobe
2011-04-28 17:27 . 2011-04-28 17:27 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-28 17:27 . 2009-05-18 17:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-28 17:27 . 2008-04-17 16:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-28 17:23 . 2011-04-28 17:23 -------- d-----w- c:\program files\Apple Software Update
2011-04-28 17:20 . 2011-04-28 17:20 -------- d-----w- c:\program files\Bonjour
2011-04-28 17:19 . 2011-04-28 17:26 -------- d-----w- c:\program files\Common Files\Apple
2011-04-28 17:19 . 2011-04-28 17:19 -------- d-----w- c:\programdata\Apple
2011-04-28 17:14 . 2011-04-28 17:51 -------- d-----w- c:\program files\Common Files\Steam
2011-04-28 17:14 . 2011-05-09 16:29 -------- d-----w- c:\program files\Steam
2011-04-28 17:12 . 2011-04-28 17:12 -------- d-----w- c:\windows\PCHEALTH
2011-04-28 17:11 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll
2011-04-28 17:11 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-04-28 17:11 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-04-28 17:11 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-04-28 17:11 . 2010-01-21 15:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-04-28 17:09 . 2011-04-28 17:09 -------- d-----w- c:\program files\Common Files\Windows Live
2011-04-28 17:09 . 2011-04-28 17:09 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A1D67D3-5618-4658-8A81-8EFC61C55669}\gapaengine.dll
2011-04-28 17:09 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 14:56 . 2011-04-29 11:55 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 14:56 . 2011-04-29 11:55 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 14:56 . 2011-04-29 11:55 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 14:56 . 2011-04-29 11:55 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-04-14 16:26 . 2011-05-08 22:08 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 15146376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 150552]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-02-26 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 288040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2008-05-06 475136]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-19 54784]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-02-24 203264]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-25 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-06-04 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-09-19 277440]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-05-20 314368]
S1 MpKsl7fc3408f;MpKsl7fc3408f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98C3617C-2E0F-4A32-BE21-549B6E9D0AE6}\MpKsl7fc3408f.sys [2011-05-09 28752]
S2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};c:\program files\Dell\MediaDirect\000.fcl [2008-01-25 61424]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\aestsrv.exe [2009-03-03 81920]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2008-05-06 1168632]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 143968]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [2009-03-06 133632]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [2009-03-19 271552]
.
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\STacSV.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2011-05-10 01:21:58 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-10 03:51
ComboFix2.txt 2011-05-09 16:31
.
Pre-Run: 128,028,254,208 bytes free
Post-Run: 128,200,286,208 bytes free
.
- - End Of File - - BC83251868A68BBEB4ABD3DEFA4B45CE

and the new OTL... I didn't get an extras..

OTL logfile created on: 10/05/2011 1:27:25 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 119.35 Gb Free Space | 51.25% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
PRC - [2011/03/21 16:26:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/30 13:15:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2010/11/30 14:50:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/05 18:16:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:52:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:33:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 17:04:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/02/01 00:13:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 19:01:46 | 001,616,976 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/01/14 14:43:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
MOD - [2010/08/31 13:09:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/04/28 14:45:53 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/05/10 01:27:18 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{311BE5C1-A6A0-4365-9049-C080934C5A1F}\MpKsle2d24541.sys -- (MpKsle2d24541)
DRV - [2010/10/24 22:55:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:55:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/04/15 15:06:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:33:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/15 15:35:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 13:18:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2009/05/20 12:40:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/19 17:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2009/01/22 19:37:30 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/12/10 20:00:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/09/19 05:33:00 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/06/03 22:00:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 23:38:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/02/24 07:10:18 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2008/02/15 22:31:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/25 00:12:54 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Dell\MediaDirect\000.fcl -- ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7})
DRV - [2007/12/18 21:42:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/07/30 16:24:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 15:12:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/30 02:06:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/30 02:06:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/08 19:38:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/09 02:33:02 | 000,000,000 | ---D | M]

[2011/04/28 14:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Extensions
[2011/04/30 01:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\extensions
[2011/05/05 22:38:52 | 000,003,067 | ---- | M] () -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml
[2011/04/29 02:43:00 | 000,002,057 | ---- | M] () -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\youtube-video-search.xml
[2011/05/08 19:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/29 14:06:01 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/05/08 19:13:22 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{90dcf2cf-81cf-10fc-f5fd-782b75d9a1ef}
[2011/04/29 01:49:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1XC189JF.DEFAULT\EXTENSIONS\[email protected]
[2011/05/01 03:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 13:56:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 05:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/10 01:17:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.253
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 19:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\temp
[2011/05/10 01:18:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/10 01:08:13 | 000,000,000 | ---D | C] -- C:\George.exe18655G
[2011/05/10 01:07:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/09 15:15:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\IceChat
[2011/05/09 15:15:37 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswinsck.ocx
[2011/05/09 15:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IceChat7
[2011/05/09 15:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\IceChat7
[2011/05/09 13:52:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/09 13:52:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/09 13:52:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/09 13:52:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/09 13:52:53 | 000,000,000 | ---D | C] -- C:\George.exe
[2011/05/09 13:52:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/09 11:15:01 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Malwarebytes
[2011/05/09 11:09:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/09 11:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/09 11:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/09 11:09:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/09 11:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/09 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/05/09 02:34:04 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/05/09 02:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/05/09 02:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/05/09 02:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/05/09 02:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/05/09 02:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/05/09 02:25:36 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Help
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/05/09 02:21:10 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/05/08 21:05:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Adobe
[2011/05/03 02:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\BitTorrent
[2011/05/01 23:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/05/01 17:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/05/01 03:00:45 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/05/01 03:00:45 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/05/01 03:00:45 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/30 03:10:29 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/04/30 03:10:28 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/04/30 03:10:27 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/04/30 03:10:27 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/04/30 03:10:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/04/30 03:10:23 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/04/30 03:03:45 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/04/30 03:03:38 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/04/30 03:02:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/30 03:02:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/30 03:01:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/30 03:00:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/30 03:00:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/30 03:00:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/30 03:00:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/30 03:00:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/30 03:00:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/30 03:00:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/30 03:00:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/30 03:00:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/30 03:00:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/30 03:00:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/30 03:00:39 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/30 03:00:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/30 03:00:39 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/30 03:00:39 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/30 02:57:56 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Games
[2011/04/30 02:07:11 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\DDMSettings
[2011/04/30 02:05:48 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\DivX
[2011/04/30 02:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/04/30 02:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/04/30 02:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/04/30 02:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/30 02:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/04/30 01:50:32 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Desktop\World of Warcraft
[2011/04/29 14:51:28 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/04/29 14:51:25 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/04/29 14:51:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/04/29 14:06:33 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\skypePM
[2011/04/29 14:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/04/29 14:06:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/04/29 14:05:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/04/29 14:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/29 11:42:36 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/29 09:25:11 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/29 09:25:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/29 04:43:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/29 04:43:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/29 04:43:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/29 04:43:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/29 04:43:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/29 04:43:39 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/29 04:43:39 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/29 04:43:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/29 04:43:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/29 04:43:38 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/29 04:43:38 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/29 04:43:38 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/29 04:43:38 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/29 04:43:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/29 04:43:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/29 04:43:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/29 04:43:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/29 04:43:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/29 04:43:37 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/29 04:43:37 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/29 04:43:37 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/29 04:43:37 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/29 04:43:37 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/29 04:41:46 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/29 04:41:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/04/29 04:41:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/29 04:41:40 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/29 04:32:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/04/29 04:32:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011/04/29 02:18:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\My Received Files
[2011/04/29 01:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/04/29 01:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/29 01:49:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/29 01:49:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/28 16:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/04/28 16:19:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2011/04/28 16:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2011/04/28 16:19:10 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\vlc
[2011/04/28 16:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/28 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/04/28 16:18:36 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/04/28 16:18:36 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/04/28 16:18:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/04/28 16:18:34 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/04/28 16:18:34 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/04/28 16:18:34 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/04/28 16:18:33 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/04/28 16:18:33 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/04/28 16:18:32 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/04/28 16:18:30 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/04/28 16:18:30 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/04/28 16:18:29 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/04/28 16:18:29 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/04/28 16:18:28 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/04/28 16:18:28 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/04/28 16:18:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/04/28 16:18:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/04/28 16:18:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/04/28 16:18:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/04/28 16:18:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/04/28 16:18:24 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/04/28 16:18:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/04/28 16:18:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/04/28 16:18:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/04/28 16:18:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/04/28 16:18:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/04/28 16:18:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/04/28 16:18:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/04/28 16:18:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/04/28 16:18:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/04/28 16:18:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/04/28 16:18:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/04/28 16:18:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/04/28 16:18:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/04/28 16:18:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/04/28 16:18:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/04/28 16:18:14 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/04/28 16:18:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/04/28 16:18:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/04/28 16:18:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/04/28 16:18:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/04/28 16:18:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/04/28 16:18:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/04/28 16:18:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/04/28 16:18:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/04/28 16:18:10 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/04/28 16:18:09 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/04/28 16:18:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/04/28 16:18:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/04/28 16:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/28 16:18:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/04/28 16:18:07 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/04/28 16:18:06 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/04/28 16:18:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/04/28 16:18:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/04/28 16:18:05 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/04/28 16:18:05 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/04/28 16:18:05 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/04/28 16:18:04 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/04/28 16:18:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/04/28 16:18:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/04/28 16:18:03 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/04/28 16:18:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/04/28 16:17:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/04/28 16:17:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/04/28 16:17:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/04/28 16:17:54 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/04/28 16:17:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/04/28 16:17:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/04/28 16:17:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/04/28 16:17:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/04/28 16:17:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/04/28 16:16:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Macromedia
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Adobe
[2011/04/28 15:46:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/04/28 15:32:26 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/28 15:32:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/28 15:28:12 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Tracing
[2011/04/28 15:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/04/28 15:27:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/04/28 15:27:08 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/28 15:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/04/28 15:26:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/28 15:26:35 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/28 15:26:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/28 15:26:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/28 15:26:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/04/28 15:26:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/28 15:25:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/28 15:25:33 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/04/28 15:25:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/04/28 15:25:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/04/28 15:25:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/04/28 15:25:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/04/28 15:25:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/04/28 15:25:31 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/04/28 15:24:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/04/28 15:24:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/04/28 15:24:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/04/28 15:24:23 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/28 15:24:22 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/28 15:24:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/28 15:23:57 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/28 15:17:39 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/04/28 15:17:38 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/28 15:17:30 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/28 15:17:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/28 15:16:38 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/04/28 15:16:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/04/28 15:16:23 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/28 15:16:13 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/28 15:16:13 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/28 15:16:12 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/28 15:16:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/28 15:16:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/28 15:16:11 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/28 15:16:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/28 15:16:11 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/28 15:16:11 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/28 15:16:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/28 15:16:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/28 15:16:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/28 15:16:00 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011/04/28 15:15:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/28 15:15:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/04/28 15:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/04/28 15:14:58 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/04/28 15:14:51 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/04/28 15:14:42 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/28 15:14:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/28 15:14:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/28 15:14:28 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/04/28 15:14:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/28 15:14:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/28 15:14:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/28 15:14:20 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/28 15:14:17 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/04/28 15:14:16 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/04/28 15:14:16 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/04/28 15:14:16 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/04/28 15:14:15 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/04/28 15:14:14 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/04/28 15:14:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011/04/28 15:14:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011/04/28 15:14:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011/04/28 15:13:52 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/04/28 15:13:43 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/28 15:13:35 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/28 15:13:34 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/04/28 15:13:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/04/28 15:13:34 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/04/28 15:13:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/04/28 15:13:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/28 15:13:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/04/28 15:13:00 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2011/04/28 15:13:00 | 000,252,536 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2011/04/28 15:13:00 | 000,109,122 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2011/04/28 15:10:19 | 000,527,360 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/04/28 15:09:59 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2011/04/28 15:09:58 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2011/04/28 15:09:57 | 000,139,776 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2011/04/28 15:09:54 | 000,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctppld.dll
[2011/04/28 15:09:53 | 003,350,528 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2011/04/28 15:09:52 | 012,460,124 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2011/04/28 15:09:52 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2011/04/28 15:09:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2011/04/28 15:08:07 | 000,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st326272.dll
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Apple Computer
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple Computer
[2011/04/28 14:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/28 14:57:41 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011/04/28 14:57:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/04/28 14:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/28 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
[2011/04/28 14:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apps
[2011/04/28 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Deployment
[2011/04/28 14:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/04/28 14:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/04/28 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple
[2011/04/28 14:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/04/28 14:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/04/28 14:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/04/28 14:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 14:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/04/28 14:42:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/04/28 14:41:07 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/28 14:41:07 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/28 14:41:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/28 14:41:07 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/28 14:41:01 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/04/28 14:40:49 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/28 14:40:39 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/28 14:40:39 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/28 14:40:38 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/28 14:40:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/04/28 14:40:30 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/04/28 14:40:27 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/28 14:40:27 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/28 14:40:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/28 14:40:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/28 14:40:15 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/04/28 14:40:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/28 14:40:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/28 14:40:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/04/28 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/28 14:39:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/28 14:38:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/04/28 14:38:45 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/04/28 14:38:42 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/04/28 14:38:42 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/04/28 14:38:41 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/04/28 14:38:41 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/04/28 14:38:41 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/04/28 14:38:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/04/28 14:38:40 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/04/28 14:38:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/28 14:38:30 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/04/28 14:38:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/04/28 14:38:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/04/28 14:38:21 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/28 14:38:21 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/28 14:38:21 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/28 14:38:19 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/04/28 14:38:18 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/04/28 14:38:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/04/28 14:38:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011/04/28 14:38:07 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/04/28 14:38:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/04/28 14:38:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/04/28 14:36:00 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/04/28 14:35:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/04/28 14:35:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/04/28 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 14:29:00 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Mozilla
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Mozilla
[2011/04/28 14:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/04/28 14:20:30 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/04/28 14:20:29 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/04/28 14:20:19 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/04/28 14:20:19 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/04/28 14:20:19 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/04/28 14:20:12 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/04/28 14:20:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/04/26 21:02:24 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\Dell WebCam Central
[2011/04/26 21:02:22 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Creative
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/04/26 20:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/04/26 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/04/26 20:56:34 | 010,981,376 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/04/26 20:56:34 | 004,754,432 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll
[2011/04/26 20:56:34 | 004,172,288 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/04/26 20:56:34 | 004,033,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2011/04/26 20:56:34 | 002,340,352 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2011/04/26 20:56:34 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2011/04/26 20:56:34 | 000,331,776 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2011/04/26 20:56:34 | 000,274,432 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.dll
[2011/04/26 20:56:34 | 000,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/04/26 20:56:34 | 000,098,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2011/04/26 20:56:34 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/04/26 20:56:34 | 000,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/04/26 20:56:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2011/04/26 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\MediaDirect
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Searches
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/26 20:53:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Identities
[2011/04/26 20:53:07 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Contacts
[2011/04/26 20:53:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\VirtualStore
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Temporary Internet Files
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Templates
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Start Menu
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\SendTo
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Recent
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\PrintHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\NetHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Videos
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Pictures
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Music
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\My Documents
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Local Settings
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\History
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Cookies
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Application Data
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Application Data
[2011/04/26 20:52:59 | 000,000,000 | --SD | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Videos
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Saved Games
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Pictures
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Music
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Links
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Favorites
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Downloads
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Documents
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Desktop
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/26 20:52:59 | 000,000,000 | -H-D | C] -- C:\Users\Nicole\AppData
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2011/05/10 01:26:51 | 000,006,836 | ---- | M] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/05/10 01:26:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 01:26:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 01:26:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/10 01:25:59 | 3217,416,192 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/10 01:24:43 | 000,602,478 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/10 01:24:43 | 000,106,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/10 01:17:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/09 15:15:38 | 000,000,804 | ---- | M] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | M] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:46:46 | 000,374,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/09 11:18:28 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:15 | 004,343,965 | R--- | M] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 02:32:51 | 000,060,416 | ---- | M] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 21:18:44 | 000,000,000 | -H-- | M] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 19:38:17 | 000,000,870 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | M] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/29 14:06:39 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 01:48:56 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/28 16:18:50 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 15:17:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:44:47 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:20:29 | 000,000,943 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:48:39 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2011/05/09 15:15:38 | 000,000,804 | ---- | C] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | C] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:52:58 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/09 13:52:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/09 13:52:58 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/09 13:52:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/09 13:52:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/09 11:11:58 | 004,343,965 | R--- | C] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 21:18:44 | 000,000,000 | -H-- | C] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 19:38:17 | 000,000,870 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | C] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/30 03:00:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/29 14:06:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 04:43:41 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/29 04:43:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/29 04:43:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/28 16:18:50 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 16:15:51 | 000,060,416 | ---- | C] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 15:24:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/04/28 15:17:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:16:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 15:02:06 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:53:16 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/04/28 14:44:47 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:30:25 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/28 14:30:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/28 14:20:29 | 000,000,943 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:56:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/04/26 20:56:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/04/26 20:56:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/04/26 20:56:34 | 000,069,112 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011/04/26 20:56:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/04/26 20:56:34 | 000,015,079 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/04/26 20:53:20 | 000,000,949 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/26 20:53:18 | 000,000,944 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/26 20:53:07 | 000,000,915 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/26 20:53:02 | 000,006,836 | ---- | C] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/04/26 20:52:59 | 000,000,258 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/04/26 20:52:59 | 000,000,240 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/04/26 20:51:55 | 3217,416,192 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/25 17:57:58 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 17:57:58 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010/08/25 17:57:58 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 17:57:57 | 000,433,024 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/05/08 00:38:43 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/05/07 23:51:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/07 23:42:39 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009/05/07 23:42:38 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/07 10:43:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:43:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006/11/02 10:27:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 10:17:37 | 000,374,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 10:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:03:01 | 000,602,478 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 08:03:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 08:03:01 | 000,106,852 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 08:03:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 07:53:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 06:28:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 05:49:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 05:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 04:55:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

Also I don't know if this is part of it but I find my I can't get to my hotmail sometimes. It will go to a bing search instead (which is not my normal search engine) and then no matter what address I use to get to hotmail I get nowhere but bing and there is no way to check my mail.

Thanks.

BTW, if it will work I can reformat my computer... I mean there is no point if it won`t fix the problem but if it will I don`t mind doing it.

#6
RKinner

Posted 10 May 2011 - 12:01 AM

Malware Expert

Expert
24,624 posts

Copy the text between the lines of stars by highlighting and Ctrl + c

********************************************************************

:OTL
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/30 02:06:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/30 02:06:08 | 000,000,000 | ---D | M]
[2011/04/30 01:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml
[2011/04/29 02:43:00 | 000,002,057 | ---- | M] () -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\youtube-video-search.xml
[2011/05/08 19:13:22 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{90dcf2cf-81cf-10fc-f5fd-782b75d9a1ef}
File not found (No name found) --
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1XC189JF.DEFAULT\EXTENSIONS\[email protected]
[2010/01/01 05:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

:Commands
[purity]
[emptytemp]
[Reboot]

*******************************************************************

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Open OTL again and select either the All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

I think we are getting close.

Ron

#7
NicoleB89

Posted 10 May 2011 - 07:22 AM

Member

Topic Starter
Member
14 posts

Thanks again. This is the most frustrating computer issue I think i have ever had.

Logs:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}\ not found.
C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video\content folder moved successfully.
C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6904342A-8307-11DF-A508-4AE2DFD72085}\ not found.
C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images folder moved successfully.
C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa\chrome\content folder moved successfully.
C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa\chrome folder moved successfully.
C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa folder moved successfully.
Folder C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml\ not found.
C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\youtube-video-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{90dcf2cf-81cf-10fc-f5fd-782b75d9a1ef}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{90dcf2cf-81cf-10fc-f5fd-782b75d9a1ef}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{90dcf2cf-81cf-10fc-f5fd-782b75d9a1ef} folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nicole
->Temp folder emptied: 55052 bytes
->Temporary Internet Files folder emptied: 2426634 bytes
->Java cache emptied: 2795568 bytes
->FireFox cache emptied: 51389894 bytes
->Flash cache emptied: 9455 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2610 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 54.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 05102011_104318

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

OTL logfile created on: 10/05/2011 10:46:42 AM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 117.41 Gb Free Space | 50.42% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 02:00:43 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2011/05/10 02:00:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
PRC - [2011/04/14 13:55:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/21 16:26:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/11/30 14:50:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/05 18:16:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:52:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:33:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 17:04:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/06/24 18:51:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/02/01 00:13:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 19:01:46 | 001,616,976 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/01/14 14:43:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
MOD - [2010/08/31 13:09:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/10 02:00:43 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/05/10 10:44:33 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{311BE5C1-A6A0-4365-9049-C080934C5A1F}\MpKsl14f65365.sys -- (MpKsl14f65365)
DRV - [2010/10/24 22:55:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:55:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/04/15 15:06:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:33:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/15 15:35:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 13:18:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2009/05/20 12:40:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/19 17:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2009/01/22 19:37:30 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/12/10 20:00:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/09/19 05:33:00 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/06/03 22:00:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 23:38:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/02/24 07:10:18 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2008/02/15 22:31:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/25 00:12:54 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Dell\MediaDirect\000.fcl -- ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7})
DRV - [2007/12/18 21:42:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/07/30 16:24:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 15:12:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/08 19:38:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/09 02:33:02 | 000,000,000 | ---D | M]

[2011/04/28 14:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Extensions
[2011/04/30 01:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\extensions
[2011/05/05 22:38:52 | 000,003,067 | ---- | M] () -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml
[2011/05/10 10:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/29 14:06:01 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/04/29 01:49:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1XC189JF.DEFAULT\EXTENSIONS\[email protected]
[2011/05/01 03:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 13:56:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

O1 HOSTS File: ([2011/05/10 01:17:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.253
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 19:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 10:43:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\temp
[2011/05/10 01:18:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/10 01:08:13 | 000,000,000 | ---D | C] -- C:\George.exe18655G
[2011/05/10 01:07:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/09 15:15:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\IceChat
[2011/05/09 15:15:37 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswinsck.ocx
[2011/05/09 15:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IceChat7
[2011/05/09 15:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\IceChat7
[2011/05/09 13:52:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/09 13:52:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/09 13:52:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/09 13:52:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/09 13:52:53 | 000,000,000 | ---D | C] -- C:\George.exe
[2011/05/09 13:52:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/09 11:15:01 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Malwarebytes
[2011/05/09 11:09:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/09 11:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/09 11:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/09 11:09:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/09 11:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/09 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/05/09 02:34:04 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/05/09 02:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/05/09 02:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/05/09 02:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/05/09 02:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/05/09 02:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/05/09 02:25:36 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Help
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/05/09 02:21:10 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/05/08 21:05:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Adobe
[2011/05/03 02:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\BitTorrent
[2011/05/01 23:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/05/01 17:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/05/01 03:00:45 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/05/01 03:00:45 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/05/01 03:00:45 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/30 03:10:29 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/04/30 03:10:28 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/04/30 03:10:27 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/04/30 03:10:27 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/04/30 03:10:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/04/30 03:10:23 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/04/30 03:03:45 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/04/30 03:03:38 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/04/30 03:02:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/30 03:02:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/30 03:01:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/30 03:00:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/30 03:00:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/30 03:00:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/30 03:00:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/30 03:00:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/30 03:00:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/30 03:00:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/30 03:00:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/30 03:00:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/30 03:00:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/30 03:00:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/30 03:00:39 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/30 03:00:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/30 03:00:39 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/30 03:00:39 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/30 02:57:56 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Games
[2011/04/30 02:07:11 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\DDMSettings
[2011/04/30 02:05:48 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\DivX
[2011/04/30 02:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/04/30 02:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/04/30 02:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/04/30 02:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/30 02:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/04/30 01:50:32 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Desktop\World of Warcraft
[2011/04/29 14:51:28 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/04/29 14:51:25 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/04/29 14:51:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/04/29 14:06:33 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\skypePM
[2011/04/29 14:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/04/29 14:06:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/04/29 14:05:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/04/29 14:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/29 11:42:36 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/29 09:25:11 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/29 09:25:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/29 04:43:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/29 04:43:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/29 04:43:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/29 04:43:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/29 04:43:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/29 04:43:39 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/29 04:43:39 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/29 04:43:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/29 04:43:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/29 04:43:38 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/29 04:43:38 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/29 04:43:38 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/29 04:43:38 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/29 04:43:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/29 04:43:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/29 04:43:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/29 04:43:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/29 04:43:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/29 04:43:37 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/29 04:43:37 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/29 04:43:37 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/29 04:43:37 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/29 04:43:37 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/29 04:41:46 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/29 04:41:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/04/29 04:41:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/29 04:41:40 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/29 04:32:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/04/29 04:32:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011/04/29 02:18:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\My Received Files
[2011/04/29 01:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/04/29 01:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/29 01:49:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/29 01:49:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/28 16:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/04/28 16:19:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2011/04/28 16:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2011/04/28 16:19:10 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\vlc
[2011/04/28 16:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/28 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/04/28 16:18:36 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/04/28 16:18:36 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/04/28 16:18:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/04/28 16:18:34 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/04/28 16:18:34 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/04/28 16:18:34 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/04/28 16:18:33 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/04/28 16:18:33 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/04/28 16:18:32 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/04/28 16:18:30 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/04/28 16:18:30 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/04/28 16:18:29 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/04/28 16:18:29 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/04/28 16:18:28 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/04/28 16:18:28 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/04/28 16:18:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/04/28 16:18:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/04/28 16:18:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/04/28 16:18:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/04/28 16:18:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/04/28 16:18:24 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/04/28 16:18:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/04/28 16:18:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/04/28 16:18:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/04/28 16:18:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/04/28 16:18:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/04/28 16:18:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/04/28 16:18:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/04/28 16:18:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/04/28 16:18:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/04/28 16:18:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/04/28 16:18:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/04/28 16:18:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/04/28 16:18:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/04/28 16:18:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/04/28 16:18:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/04/28 16:18:14 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/04/28 16:18:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/04/28 16:18:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/04/28 16:18:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/04/28 16:18:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/04/28 16:18:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/04/28 16:18:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/04/28 16:18:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/04/28 16:18:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/04/28 16:18:10 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/04/28 16:18:09 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/04/28 16:18:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/04/28 16:18:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/04/28 16:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/28 16:18:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/04/28 16:18:07 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/04/28 16:18:06 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/04/28 16:18:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/04/28 16:18:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/04/28 16:18:05 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/04/28 16:18:05 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/04/28 16:18:05 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/04/28 16:18:04 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/04/28 16:18:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/04/28 16:18:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/04/28 16:18:03 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/04/28 16:18:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/04/28 16:17:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/04/28 16:17:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/04/28 16:17:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/04/28 16:17:54 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/04/28 16:17:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/04/28 16:17:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/04/28 16:17:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/04/28 16:17:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/04/28 16:17:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/04/28 16:16:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Macromedia
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Adobe
[2011/04/28 15:46:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/04/28 15:32:26 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/28 15:32:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/28 15:28:12 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Tracing
[2011/04/28 15:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/04/28 15:27:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/04/28 15:27:08 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/28 15:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/04/28 15:26:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/28 15:26:35 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/28 15:26:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/28 15:26:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/28 15:26:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/04/28 15:26:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/28 15:25:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/28 15:25:33 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/04/28 15:25:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/04/28 15:25:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/04/28 15:25:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/04/28 15:25:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/04/28 15:25:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/04/28 15:25:31 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/04/28 15:24:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/04/28 15:24:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/04/28 15:24:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/04/28 15:24:23 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/28 15:24:22 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/28 15:24:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/28 15:23:57 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/28 15:17:39 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/04/28 15:17:38 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/28 15:17:30 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/28 15:17:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/28 15:16:38 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/04/28 15:16:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/04/28 15:16:23 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/28 15:16:13 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/28 15:16:13 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/28 15:16:12 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/28 15:16:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/28 15:16:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/28 15:16:11 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/28 15:16:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/28 15:16:11 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/28 15:16:11 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/28 15:16:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/28 15:16:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/28 15:16:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/28 15:16:00 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011/04/28 15:15:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/28 15:15:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/04/28 15:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/04/28 15:14:58 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/04/28 15:14:51 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/04/28 15:14:42 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/28 15:14:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/28 15:14:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/28 15:14:28 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/04/28 15:14:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/28 15:14:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/28 15:14:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/28 15:14:20 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/28 15:14:17 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/04/28 15:14:16 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/04/28 15:14:16 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/04/28 15:14:16 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/04/28 15:14:15 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/04/28 15:14:14 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/04/28 15:14:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011/04/28 15:14:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011/04/28 15:14:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011/04/28 15:13:52 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/04/28 15:13:43 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/28 15:13:35 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/28 15:13:34 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/04/28 15:13:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/04/28 15:13:34 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/04/28 15:13:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/04/28 15:13:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/28 15:13:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/04/28 15:13:00 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2011/04/28 15:13:00 | 000,252,536 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2011/04/28 15:13:00 | 000,109,122 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2011/04/28 15:10:19 | 000,527,360 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/04/28 15:09:59 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2011/04/28 15:09:58 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2011/04/28 15:09:57 | 000,139,776 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2011/04/28 15:09:54 | 000,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctppld.dll
[2011/04/28 15:09:53 | 003,350,528 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2011/04/28 15:09:52 | 012,460,124 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2011/04/28 15:09:52 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2011/04/28 15:09:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2011/04/28 15:08:07 | 000,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st326272.dll
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Apple Computer
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple Computer
[2011/04/28 14:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/28 14:57:41 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011/04/28 14:57:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/04/28 14:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/28 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
[2011/04/28 14:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apps
[2011/04/28 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Deployment
[2011/04/28 14:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/04/28 14:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/04/28 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple
[2011/04/28 14:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/04/28 14:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/04/28 14:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/04/28 14:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 14:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/04/28 14:42:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/04/28 14:41:07 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/28 14:41:07 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/28 14:41:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/28 14:41:07 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/28 14:41:01 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/04/28 14:40:49 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/28 14:40:39 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/28 14:40:39 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/28 14:40:38 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/28 14:40:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/04/28 14:40:30 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/04/28 14:40:27 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/28 14:40:27 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/28 14:40:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/28 14:40:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/28 14:40:15 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/04/28 14:40:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/28 14:40:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/28 14:40:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/04/28 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/28 14:39:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/28 14:38:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/04/28 14:38:45 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/04/28 14:38:42 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/04/28 14:38:42 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/04/28 14:38:41 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/04/28 14:38:41 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/04/28 14:38:41 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/04/28 14:38:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/04/28 14:38:40 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/04/28 14:38:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/28 14:38:30 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/04/28 14:38:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/04/28 14:38:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/04/28 14:38:21 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/28 14:38:21 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/28 14:38:21 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/28 14:38:19 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/04/28 14:38:18 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/04/28 14:38:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/04/28 14:38:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011/04/28 14:38:07 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/04/28 14:38:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/04/28 14:38:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/04/28 14:36:00 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/04/28 14:35:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/04/28 14:35:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/04/28 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 14:29:00 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Mozilla
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Mozilla
[2011/04/28 14:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/04/28 14:20:30 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/04/28 14:20:29 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/04/28 14:20:19 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/04/28 14:20:19 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/04/28 14:20:19 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/04/28 14:20:12 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/04/28 14:20:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/04/26 21:02:24 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\Dell WebCam Central
[2011/04/26 21:02:22 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Creative
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/04/26 20:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/04/26 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/04/26 20:56:34 | 010,981,376 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/04/26 20:56:34 | 004,754,432 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll
[2011/04/26 20:56:34 | 004,172,288 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/04/26 20:56:34 | 004,033,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2011/04/26 20:56:34 | 002,340,352 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2011/04/26 20:56:34 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2011/04/26 20:56:34 | 000,331,776 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2011/04/26 20:56:34 | 000,274,432 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.dll
[2011/04/26 20:56:34 | 000,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/04/26 20:56:34 | 000,098,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2011/04/26 20:56:34 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/04/26 20:56:34 | 000,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/04/26 20:56:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2011/04/26 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\MediaDirect
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Searches
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/26 20:53:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Identities
[2011/04/26 20:53:07 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Contacts
[2011/04/26 20:53:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\VirtualStore
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Temporary Internet Files
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Templates
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Start Menu
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\SendTo
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Recent
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\PrintHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\NetHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Videos
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Pictures
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Music
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\My Documents
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Local Settings
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\History
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Cookies
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Application Data
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Application Data
[2011/04/26 20:52:59 | 000,000,000 | --SD | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Videos
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Saved Games
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Pictures
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Music
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Links
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Favorites
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Downloads
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Documents
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Desktop
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/26 20:52:59 | 000,000,000 | -H-D | C] -- C:\Users\Nicole\AppData
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2011/05/10 10:44:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 10:44:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 10:44:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/10 10:44:18 | 3217,416,192 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/10 01:33:40 | 000,602,478 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/10 01:33:40 | 000,106,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/10 01:26:51 | 000,006,836 | ---- | M] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/05/10 01:17:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/09 15:15:38 | 000,000,804 | ---- | M] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | M] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:46:46 | 000,374,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/09 11:18:28 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:15 | 004,343,965 | R--- | M] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 02:32:51 | 000,060,416 | ---- | M] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 21:18:44 | 000,000,000 | -H-- | M] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 19:38:17 | 000,000,870 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | M] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/29 14:06:39 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 01:48:56 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/28 16:18:50 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 15:17:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:20:29 | 000,000,943 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:48:39 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2011/05/09 15:15:38 | 000,000,804 | ---- | C] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | C] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:52:58 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/09 13:52:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/09 13:52:58 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/09 13:52:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/09 13:52:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/09 11:11:58 | 004,343,965 | R--- | C] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 21:18:44 | 000,000,000 | -H-- | C] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 19:38:17 | 000,000,870 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | C] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/30 03:00:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/29 14:06:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 04:43:41 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/29 04:43:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/29 04:43:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/28 16:18:50 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 16:15:51 | 000,060,416 | ---- | C] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 15:24:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/04/28 15:17:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:16:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 15:02:06 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:53:16 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:30:25 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/28 14:30:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/28 14:20:29 | 000,000,943 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:56:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/04/26 20:56:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/04/26 20:56:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/04/26 20:56:34 | 000,069,112 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011/04/26 20:56:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/04/26 20:56:34 | 000,015,079 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/04/26 20:53:20 | 000,000,949 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/26 20:53:18 | 000,000,944 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/26 20:53:07 | 000,000,915 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/26 20:53:02 | 000,006,836 | ---- | C] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/04/26 20:52:59 | 000,000,258 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/04/26 20:52:59 | 000,000,240 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/04/26 20:51:55 | 3217,416,192 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/25 17:57:58 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 17:57:58 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010/08/25 17:57:58 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 17:57:57 | 000,433,024 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/05/08 00:38:43 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/05/07 23:51:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/07 23:42:39 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009/05/07 23:42:38 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/07 10:43:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:43:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006/11/02 10:27:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 10:17:37 | 000,374,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 10:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:03:01 | 000,602,478 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 08:03:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 08:03:01 | 000,106,852 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 08:03:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 07:53:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 06:28:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 05:49:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 05:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 04:55:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

OTL Extras logfile created on: 10/05/2011 10:46:42 AM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 117.41 Gb Free Space | 50.42% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28CD504A-8789-451D-8BE9-B754300D8F66}" = lport=2869 | protocol=6 | dir=in | app=system |
"{32CAEA67-A0AB-40F4-AD91-C31909F5F44B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{9A73147D-1D25-418D-94CF-DCAA5C05A01C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C872A6-D0C8-4403-B023-5603FDB4BE3A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{07F924AB-9186-4E9E-85B7-D2EBD3629A90}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{192F0B8B-6CA8-4D17-A206-7975E74FD9F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24205509-82A3-4EF9-8410-9E09AF40217F}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{2766BE45-9574-43D2-9A2E-284674547CCB}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{28A98127-C669-47BF-899A-26A8B66C4DD0}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{36B33F14-FF9C-4689-A8DC-6BEBE2A6E7C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{37B3B006-7432-412D-B881-22A7AB803541}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{3CDF0460-D9B3-47F8-AA06-AECAA07378EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3DA60878-0141-46E0-B422-97FCFE766408}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4290827C-20BE-473F-99C1-06A5BA0450DD}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4A65FCDD-752D-4E47-9317-1F6B3EDD16EA}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{53B558B3-6A3A-4BC4-94B7-76C9029F2B50}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{57895A76-678C-4B6F-B4E7-6BE8FDED7946}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5BA4C534-8ED5-4205-9ACB-A397234CD8F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{718979D4-DFD5-4B42-9B00-D7D4F8459177}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DBEF499-FA14-4501-9C2D-11DC680D990B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{86ED4BC0-6848-4F66-8A54-AC2E1DCB8CC6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{9C15826A-1EE2-40CC-ACF7-9EE924B698A0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A35F4416-041B-4A08-B134-12050CC92111}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{AD0C459F-568C-4AAF-B379-C6F6952596AA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{CB429194-56DF-4514-843B-A5CA68727C4B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D55687C7-D9BE-4C20-9276-A34CD3368839}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{D8C459AF-4588-48FA-8B08-3B944475C512}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{D988F052-A25F-4566-BFBA-CB6D58A5B98E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EC3CD4C8-E302-4BBF-A4FD-220B2EF3F372}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{EEB6CCD7-0ECF-4613-9C74-4109275E0C87}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{6D496370-BE8C-4794-A318-5D6FB4019A01}C:\program files\icechat7\icechat7.exe" = protocol=6 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"UDP Query User{B768C802-A397-42F6-9445-0C401A44197D}C:\program files\icechat7\icechat7.exe" = protocol=17 | dir=in | app=c:\program files\icechat7\icechat7.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{140BF0D0-E848-405C-9A01-D3256B918B6D}" = AuthenTec Fingerprint System
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless 1515 Driver Installation
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C62299C-65FF-834B-AE08-00A463411321}" = Skins
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6F4148D5-BAE5-F6AA-E34A-32DD423B31C3}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{813FF60E-226E-092E-3243-91367F900BE2}" = ccc-utility
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{883141EF-9174-259C-ED5D-74D0FB2461C0}" = ccc-core-static
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B85F8BF3-2D1C-683A-9F47-F0339EBE3ADA}" = Catalyst Control Center Graphics Full New
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D31D8690-A6E5-37C3-8BBE-28E8EE48BEAB}" = Catalyst Control Center Graphics Previews Vista
"{D5A3FE4E-E160-8987-4AB9-0148BF2F65B0}" = Catalyst Control Center Graphics Light
"{D9481F93-5D55-C4E2-6D3F-ED2180590920}" = Catalyst Control Center Graphics Full Existing
"{DA054439-21A7-D2EF-DE23-38AA0560535F}" = ATI Catalyst Install Manager
"{E137477C-C14A-92E7-867A-08E256A5425E}" = CCC Help English
"{E19DF061-5BBA-72B7-17A0-B8DA1FEA621A}" = Catalyst Control Center Core Implementation
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E481DB0E-52F2-4EE0-9BDA-9EE173FA6EA2}" = Catalyst Control Center - Branding
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EAE03C8D-6A76-9A21-1111-B93B338ABDB1}" = Catalyst Control Center InstallProxy
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BB6248-C507-46FE-8A35-1B16F35E0441}" = ITECIR
"17D5EDB8CF9DBD67DDA7675D6772B06BA5809565" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/01/2008 8.0.26.3)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"IceChat_is1" = IceChat 7.70 (Build 20101031)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/04/2011 1:26:46 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:26:47 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:05 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:55 PM | Computer Name = Nicole-PC | Source = Application Hang | ID = 1002
Description = The program iTunes.exe version 10.2.2.12 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1118 Start Time: 01cc05c9be0917d3 Termination Time: 7

Error - 28/04/2011 1:41:03 PM | Computer Name = Nicole-PC | Source = VSS | ID = 8194
Description =

Error - 28/04/2011 1:50:44 PM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

Error - 28/04/2011 2:47:22 PM | Computer Name = Nicole-PC | Source = VSS | ID = 8194
Description =

Error - 28/04/2011 2:48:37 PM | Computer Name = Nicole-PC | Source = System Restore | ID = 8193
Description =

Error - 29/04/2011 7:44:06 AM | Computer Name = Nicole-PC | Source = EventSystem | ID = 4621
Description =

Error - 29/04/2011 7:47:21 AM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 01/05/2011 5:50:19 AM | Computer Name = Nicole-PC | Source = HTTP | ID = 15016
Description =

Error - 01/05/2011 5:50:31 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 07/05/2011 12:12:56 AM | Computer Name = Nicole-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00255631A7D8 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 08/05/2011 5:51:39 PM | Computer Name = Nicole-PC | Source = HTTP | ID = 15016
Description =

Error - 08/05/2011 5:52:07 PM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = DCOM | ID = 10005
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

#8
RKinner

Posted 10 May 2011 - 08:06 AM

Malware Expert

Expert
24,624 posts

Copy the text between the lines of stars by highlighting and Ctrl + c

********************************************************************

:OTL
[2011/05/05 22:38:52 | 000,003,067 | ---- | M] () -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml
[2011/04/29 01:49:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1XC189JF.DEFAULT\EXTENSIONS\[email protected]

:Commands
[purity]
[emptytemp]
[Reboot]

*******************************************************************

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Open OTL again and select the All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

Is FireFox still acting up? If so, Close FF, Start, Programs, Mozilla Firefox, Mozilla Firefox (Safe Mode), Continue in Safe Mode. Does it act up now.

Ron

#9
NicoleB89

Posted 10 May 2011 - 03:53 PM

Member

Topic Starter
Member
14 posts

All processes killed
========== OTL ==========
C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\searchplugins\ebayca.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nicole
->Temp folder emptied: 58834 bytes
->Temporary Internet Files folder emptied: 2012308 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48614267 bytes
->Flash cache emptied: 1659 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1610 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 48.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 05102011_115219

Files\Folders moved on Reboot...
File\Folder C:\Users\Nicole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFINP0K1\4703174590[1].htm not found!
File\Folder C:\Users\Nicole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFINP0K1\ADSAdClient31[1].htm not found!

Registry entries deleted on Reboot...

OTL logfile created on: 10/05/2011 11:55:48 AM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 117.55 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 02:00:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
PRC - [2011/03/21 16:26:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/11/30 14:50:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/05 18:16:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:52:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:33:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 17:04:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/06/24 18:51:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/02/01 00:13:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 19:01:46 | 001,616,976 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/01/14 14:43:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
MOD - [2010/08/31 13:09:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/10 02:00:43 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/11/11 13:56:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/02/26 03:33:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2009/03/03 04:13:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/05 22:16:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/05/10 11:53:31 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{311BE5C1-A6A0-4365-9049-C080934C5A1F}\MpKslde9102a0.sys -- (MpKslde9102a0)
DRV - [2010/10/24 22:55:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:55:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/04/15 15:06:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:33:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/15 15:35:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/05/28 13:18:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2009/05/20 12:40:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/19 17:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2009/01/22 19:37:30 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/12/10 20:00:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/09/19 05:33:00 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/06/03 22:00:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 23:38:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/02/24 07:10:18 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2008/02/15 22:31:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/25 00:12:54 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Dell\MediaDirect\000.fcl -- ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7})
DRV - [2007/12/18 21:42:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/07/30 16:24:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 15:12:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/08 19:38:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/09 02:33:02 | 000,000,000 | ---D | M]

[2011/04/28 14:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Extensions
[2011/04/30 01:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\1xc189jf.default\extensions
[2011/05/10 11:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/29 14:06:01 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1XC189JF.DEFAULT\EXTENSIONS\[email protected]
[2011/05/01 03:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 13:56:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

O1 HOSTS File: ([2011/05/10 01:17:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.253
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 19:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 10:43:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/10 01:22:00 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\temp
[2011/05/10 01:18:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/10 01:08:13 | 000,000,000 | ---D | C] -- C:\George.exe18655G
[2011/05/10 01:07:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/09 15:15:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\IceChat
[2011/05/09 15:15:37 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswinsck.ocx
[2011/05/09 15:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IceChat7
[2011/05/09 15:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\IceChat7
[2011/05/09 13:52:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/09 13:52:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/09 13:52:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/09 13:52:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/09 13:52:53 | 000,000,000 | ---D | C] -- C:\George.exe
[2011/05/09 13:52:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/09 11:15:01 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Malwarebytes
[2011/05/09 11:09:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/09 11:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/09 11:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/09 11:09:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/09 11:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/09 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/05/09 02:34:04 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/05/09 02:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/05/09 02:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/05/09 02:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/05/09 02:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/05/09 02:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/05/09 02:25:36 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Help
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/05/09 02:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/05/09 02:21:10 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/05/08 21:05:09 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Adobe
[2011/05/03 02:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\BitTorrent
[2011/05/01 23:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/05/01 17:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011/05/01 03:00:45 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/05/01 03:00:45 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/05/01 03:00:45 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/04/30 03:10:29 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/04/30 03:10:28 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/04/30 03:10:27 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/04/30 03:10:27 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/04/30 03:10:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/04/30 03:10:23 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/04/30 03:03:45 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/04/30 03:03:38 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/04/30 03:02:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/04/30 03:02:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/04/30 03:01:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/04/30 03:00:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/04/30 03:00:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/04/30 03:00:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/04/30 03:00:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/04/30 03:00:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/04/30 03:00:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/04/30 03:00:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/04/30 03:00:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/04/30 03:00:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/04/30 03:00:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/04/30 03:00:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/04/30 03:00:39 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/04/30 03:00:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/04/30 03:00:39 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/04/30 03:00:39 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/04/30 02:57:56 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft Games
[2011/04/30 02:07:11 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\DDMSettings
[2011/04/30 02:05:48 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\DivX
[2011/04/30 02:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/04/30 02:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/04/30 02:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/04/30 02:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/04/30 02:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/04/30 01:50:32 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Desktop\World of Warcraft
[2011/04/29 14:51:28 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/04/29 14:51:25 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/04/29 14:51:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/04/29 14:06:33 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\skypePM
[2011/04/29 14:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/04/29 14:06:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/04/29 14:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/04/29 14:05:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/04/29 14:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/29 11:42:36 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/04/29 09:25:11 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/29 09:25:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/29 04:43:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/04/29 04:43:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/04/29 04:43:40 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/04/29 04:43:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/04/29 04:43:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/04/29 04:43:39 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/04/29 04:43:39 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/04/29 04:43:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/04/29 04:43:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/04/29 04:43:38 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/04/29 04:43:38 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/04/29 04:43:38 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/04/29 04:43:38 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/04/29 04:43:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/04/29 04:43:38 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/04/29 04:43:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/04/29 04:43:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/04/29 04:43:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/04/29 04:43:37 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/04/29 04:43:37 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/04/29 04:43:37 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/04/29 04:43:37 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/04/29 04:43:37 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/04/29 04:41:46 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/04/29 04:41:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/04/29 04:41:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/04/29 04:41:40 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/04/29 04:32:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/04/29 04:32:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011/04/29 02:18:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\My Received Files
[2011/04/29 01:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/04/29 01:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/04/29 01:49:10 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/29 01:49:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:49:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/28 16:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/04/28 16:19:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2011/04/28 16:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2011/04/28 16:19:10 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\vlc
[2011/04/28 16:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/28 16:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/04/28 16:18:36 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/04/28 16:18:36 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/04/28 16:18:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/04/28 16:18:34 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/04/28 16:18:34 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/04/28 16:18:34 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/04/28 16:18:33 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/04/28 16:18:33 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/04/28 16:18:32 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/04/28 16:18:30 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/04/28 16:18:30 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/04/28 16:18:29 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/04/28 16:18:29 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/04/28 16:18:28 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/04/28 16:18:28 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/04/28 16:18:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/04/28 16:18:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/04/28 16:18:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/04/28 16:18:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/04/28 16:18:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/04/28 16:18:24 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/04/28 16:18:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/04/28 16:18:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/04/28 16:18:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/04/28 16:18:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/04/28 16:18:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/04/28 16:18:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/04/28 16:18:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/04/28 16:18:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/04/28 16:18:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/04/28 16:18:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/04/28 16:18:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/04/28 16:18:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/04/28 16:18:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/04/28 16:18:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/04/28 16:18:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/04/28 16:18:14 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/04/28 16:18:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/04/28 16:18:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/04/28 16:18:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/04/28 16:18:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/04/28 16:18:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/04/28 16:18:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/04/28 16:18:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/04/28 16:18:10 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/04/28 16:18:10 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/04/28 16:18:09 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/04/28 16:18:09 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/04/28 16:18:09 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/04/28 16:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/28 16:18:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/04/28 16:18:07 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/04/28 16:18:06 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/04/28 16:18:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/04/28 16:18:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/04/28 16:18:05 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/04/28 16:18:05 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/04/28 16:18:05 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/04/28 16:18:04 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/04/28 16:18:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/04/28 16:18:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/04/28 16:18:03 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/04/28 16:18:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/04/28 16:17:56 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/04/28 16:17:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/04/28 16:17:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/04/28 16:17:54 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/04/28 16:17:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/04/28 16:17:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/04/28 16:17:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/04/28 16:17:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/04/28 16:17:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/04/28 16:16:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Macromedia
[2011/04/28 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Adobe
[2011/04/28 15:46:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/04/28 15:32:26 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/28 15:32:26 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/28 15:28:12 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Tracing
[2011/04/28 15:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/04/28 15:27:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/04/28 15:27:08 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/04/28 15:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/04/28 15:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/04/28 15:26:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/04/28 15:26:35 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/28 15:26:34 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/04/28 15:26:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/28 15:26:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/04/28 15:26:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/28 15:25:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/04/28 15:25:33 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/04/28 15:25:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/04/28 15:25:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/04/28 15:25:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/04/28 15:25:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/04/28 15:25:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/04/28 15:25:31 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/04/28 15:24:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/04/28 15:24:32 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/04/28 15:24:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/04/28 15:24:23 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/04/28 15:24:22 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/04/28 15:24:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/04/28 15:23:57 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/28 15:17:39 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/04/28 15:17:38 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/28 15:17:30 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/28 15:17:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/04/28 15:16:38 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/04/28 15:16:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/04/28 15:16:23 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/28 15:16:13 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/28 15:16:13 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/28 15:16:12 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/28 15:16:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/28 15:16:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/28 15:16:11 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/28 15:16:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/28 15:16:11 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/28 15:16:11 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/28 15:16:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/28 15:16:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/28 15:16:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/04/28 15:16:00 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011/04/28 15:15:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/04/28 15:15:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/04/28 15:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2011/04/28 15:14:58 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/04/28 15:14:51 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/04/28 15:14:42 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/28 15:14:42 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/28 15:14:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/04/28 15:14:28 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/04/28 15:14:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/04/28 15:14:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/04/28 15:14:23 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/04/28 15:14:20 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/28 15:14:17 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/04/28 15:14:16 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/04/28 15:14:16 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/04/28 15:14:16 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/04/28 15:14:15 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/04/28 15:14:14 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/04/28 15:14:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011/04/28 15:14:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011/04/28 15:14:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011/04/28 15:13:52 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/04/28 15:13:43 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/04/28 15:13:35 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/28 15:13:34 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/04/28 15:13:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/04/28 15:13:34 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/04/28 15:13:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/04/28 15:13:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/28 15:13:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/04/28 15:13:00 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2011/04/28 15:13:00 | 000,252,536 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2011/04/28 15:13:00 | 000,109,122 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2011/04/28 15:10:19 | 000,527,360 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2011/04/28 15:09:59 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2011/04/28 15:09:58 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2011/04/28 15:09:57 | 000,139,776 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2011/04/28 15:09:54 | 000,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctppld.dll
[2011/04/28 15:09:53 | 003,350,528 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2011/04/28 15:09:52 | 012,460,124 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2011/04/28 15:09:52 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2011/04/28 15:09:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2011/04/28 15:08:07 | 000,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st326272.dll
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/28 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Apple Computer
[2011/04/28 14:58:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple Computer
[2011/04/28 14:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/28 14:57:41 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011/04/28 14:57:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/04/28 14:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/28 14:56:37 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/28 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
[2011/04/28 14:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/04/28 14:54:40 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apps
[2011/04/28 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Deployment
[2011/04/28 14:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/04/28 14:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/04/28 14:53:18 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Apple
[2011/04/28 14:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/04/28 14:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/04/28 14:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/04/28 14:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/04/28 14:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/04/28 14:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011/04/28 14:42:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/04/28 14:41:07 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/04/28 14:41:07 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/04/28 14:41:07 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/04/28 14:41:07 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/04/28 14:41:01 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/04/28 14:40:49 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/04/28 14:40:39 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/04/28 14:40:39 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/04/28 14:40:38 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/04/28 14:40:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/04/28 14:40:30 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/04/28 14:40:27 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/28 14:40:27 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/28 14:40:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/04/28 14:40:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/04/28 14:40:15 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/04/28 14:40:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/04/28 14:40:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/28 14:40:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/04/28 14:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/04/28 14:39:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/04/28 14:38:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/04/28 14:38:45 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/04/28 14:38:42 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/04/28 14:38:42 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/04/28 14:38:41 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/04/28 14:38:41 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/04/28 14:38:41 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/04/28 14:38:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/04/28 14:38:40 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/04/28 14:38:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/04/28 14:38:35 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011/04/28 14:38:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/04/28 14:38:30 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/04/28 14:38:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/04/28 14:38:28 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/04/28 14:38:21 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/04/28 14:38:21 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/04/28 14:38:21 | 000,098,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/04/28 14:38:19 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/04/28 14:38:18 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011/04/28 14:38:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/04/28 14:38:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011/04/28 14:38:07 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/04/28 14:38:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/04/28 14:38:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/04/28 14:36:00 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/04/28 14:35:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/04/28 14:35:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/04/28 14:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/04/28 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/04/28 14:29:00 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Mozilla
[2011/04/28 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Mozilla
[2011/04/28 14:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/04/28 14:20:30 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/04/28 14:20:29 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/04/28 14:20:19 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/04/28 14:20:19 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/04/28 14:20:19 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/04/28 14:20:12 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/04/28 14:20:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/04/26 21:02:24 | 000,000,000 | ---D | C] -- C:\Users\Nicole\Documents\Dell WebCam Central
[2011/04/26 21:02:22 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Creative
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\ATI
[2011/04/26 21:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/04/26 20:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/04/26 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/04/26 20:56:34 | 010,981,376 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/04/26 20:56:34 | 004,754,432 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll
[2011/04/26 20:56:34 | 004,172,288 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/04/26 20:56:34 | 004,033,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2011/04/26 20:56:34 | 002,340,352 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2011/04/26 20:56:34 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2011/04/26 20:56:34 | 000,331,776 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2011/04/26 20:56:34 | 000,274,432 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.dll
[2011/04/26 20:56:34 | 000,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/04/26 20:56:34 | 000,098,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2011/04/26 20:56:34 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/04/26 20:56:34 | 000,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/04/26 20:56:34 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2011/04/26 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\MediaDirect
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Searches
[2011/04/26 20:53:19 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/26 20:53:09 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Identities
[2011/04/26 20:53:07 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Contacts
[2011/04/26 20:53:06 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\VirtualStore
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Temporary Internet Files
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Templates
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Start Menu
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\SendTo
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Recent
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\PrintHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\NetHood
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Videos
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Pictures
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Documents\My Music
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\My Documents
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Local Settings
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\History
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Cookies
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\Application Data
[2011/04/26 20:53:00 | 000,000,000 | -HSD | C] -- C:\Users\Nicole\AppData\Local\Application Data
[2011/04/26 20:52:59 | 000,000,000 | --SD | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Videos
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Saved Games
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Pictures
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Music
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Links
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Favorites
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Downloads
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Documents
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\Desktop
[2011/04/26 20:52:59 | 000,000,000 | R--D | C] -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/26 20:52:59 | 000,000,000 | -H-D | C] -- C:\Users\Nicole\AppData
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Local\Microsoft
[2011/04/26 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Nicole\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2011/05/10 11:53:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 11:53:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 11:53:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/10 11:53:16 | 3215,351,808 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/10 10:52:01 | 000,602,478 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/10 10:52:01 | 000,106,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/10 01:26:51 | 000,006,836 | ---- | M] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/05/10 01:17:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/09 15:15:38 | 000,000,804 | ---- | M] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | M] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:46:46 | 000,374,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/09 11:18:28 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Nicole\Desktop\aswMBR.exe
[2011/05/09 11:12:15 | 004,343,965 | R--- | M] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 02:32:51 | 000,060,416 | ---- | M] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 21:18:44 | 000,000,000 | -H-- | M] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 21:05:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Nicole\Desktop\OTL.exe
[2011/05/08 19:38:17 | 000,000,870 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | M] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/29 14:06:39 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 01:48:56 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/29 01:48:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/29 01:48:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/28 16:18:50 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | M] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 15:17:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:20:29 | 000,000,943 | ---- | M] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:48:39 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2011/05/09 15:15:38 | 000,000,804 | ---- | C] () -- C:\Users\Nicole\Desktop\IceChat.lnk
[2011/05/09 14:06:21 | 000,000,512 | ---- | C] () -- C:\Users\Nicole\Desktop\MBR.dat
[2011/05/09 13:52:58 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/09 13:52:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/09 13:52:58 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/09 13:52:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/09 13:52:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/09 11:11:58 | 004,343,965 | R--- | C] () -- C:\Users\Nicole\Desktop\George.exe.exe
[2011/05/09 11:10:00 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 21:18:44 | 000,000,000 | -H-- | C] () -- C:\Users\Nicole\Documents\Default.rdp
[2011/05/08 19:38:17 | 000,000,870 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/08 19:38:17 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/08 19:30:25 | 000,038,740 | ---- | C] () -- C:\Users\Nicole\Desktop\bookmarks-2011-05-08.json
[2011/04/30 03:00:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/04/30 03:00:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/04/30 03:00:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/04/29 14:06:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/29 14:05:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/29 04:43:41 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/29 04:43:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/04/29 04:43:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/04/28 16:18:50 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\World of Goo.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Trine.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Osmos.url
[2011/04/28 16:16:59 | 000,000,215 | ---- | C] () -- C:\Users\Nicole\Desktop\Braid.url
[2011/04/28 16:15:51 | 000,060,416 | ---- | C] () -- C:\Users\Nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 15:24:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/04/28 15:17:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2011/04/28 15:17:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/04/28 15:16:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/04/28 15:02:06 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/28 15:02:06 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/28 14:58:24 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/28 14:54:40 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/04/28 14:53:16 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/04/28 14:32:45 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/04/28 14:30:25 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/04/28 14:30:06 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/04/28 14:20:29 | 000,000,943 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/26 20:56:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/04/26 20:56:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/04/26 20:56:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/04/26 20:56:34 | 000,069,112 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011/04/26 20:56:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2011/04/26 20:56:34 | 000,015,079 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/04/26 20:53:20 | 000,000,949 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/26 20:53:18 | 000,000,944 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/26 20:53:07 | 000,000,915 | ---- | C] () -- C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/26 20:53:02 | 000,006,836 | ---- | C] () -- C:\Users\Nicole\AppData\Local\d3d9caps.dat
[2011/04/26 20:52:59 | 000,000,258 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/04/26 20:52:59 | 000,000,240 | ---- | C] () -- C:\Users\Nicole\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/04/26 20:51:55 | 3215,351,808 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/25 17:57:58 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 17:57:58 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010/08/25 17:57:58 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 17:57:57 | 000,433,024 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/05/08 00:38:43 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/05/07 23:51:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/07 23:42:39 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009/05/07 23:42:38 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/07 10:43:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:43:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:43:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006/11/02 10:27:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 10:17:37 | 000,374,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 10:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:03:01 | 000,602,478 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 08:03:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 08:03:01 | 000,106,852 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 08:03:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 07:53:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 06:28:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 05:49:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 05:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 04:55:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

OTL Extras logfile created on: 10/05/2011 11:55:48 AM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Nicole\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 117.55 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NICOLE-PC | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28CD504A-8789-451D-8BE9-B754300D8F66}" = lport=2869 | protocol=6 | dir=in | app=system |
"{32CAEA67-A0AB-40F4-AD91-C31909F5F44B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{9A73147D-1D25-418D-94CF-DCAA5C05A01C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C872A6-D0C8-4403-B023-5603FDB4BE3A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{07F924AB-9186-4E9E-85B7-D2EBD3629A90}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{192F0B8B-6CA8-4D17-A206-7975E74FD9F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{24205509-82A3-4EF9-8410-9E09AF40217F}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{2766BE45-9574-43D2-9A2E-284674547CCB}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.patch.exe |
"{28A98127-C669-47BF-899A-26A8B66C4DD0}" = protocol=17 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{36B33F14-FF9C-4689-A8DC-6BEBE2A6E7C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{37B3B006-7432-412D-B881-22A7AB803541}" = protocol=6 | dir=in | app=c:\users\nicole\desktop\world of warcraft\launcher.exe |
"{3CDF0460-D9B3-47F8-AA06-AECAA07378EC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3DA60878-0141-46E0-B422-97FCFE766408}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4290827C-20BE-473F-99C1-06A5BA0450DD}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4A65FCDD-752D-4E47-9317-1F6B3EDD16EA}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{53B558B3-6A3A-4BC4-94B7-76C9029F2B50}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{57895A76-678C-4B6F-B4E7-6BE8FDED7946}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5BA4C534-8ED5-4205-9ACB-A397234CD8F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{718979D4-DFD5-4B42-9B00-D7D4F8459177}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DBEF499-FA14-4501-9C2D-11DC680D990B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{86ED4BC0-6848-4F66-8A54-AC2E1DCB8CC6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{9C15826A-1EE2-40CC-ACF7-9EE924B698A0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A35F4416-041B-4A08-B134-12050CC92111}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{AD0C459F-568C-4AAF-B379-C6F6952596AA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{CB429194-56DF-4514-843B-A5CA68727C4B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D55687C7-D9BE-4C20-9276-A34CD3368839}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\osmos\osmos.exe |
"{D8C459AF-4588-48FA-8B08-3B944475C512}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{D988F052-A25F-4566-BFBA-CB6D58A5B98E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EC3CD4C8-E302-4BBF-A4FD-220B2EF3F372}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{EEB6CCD7-0ECF-4613-9C74-4109275E0C87}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{6D496370-BE8C-4794-A318-5D6FB4019A01}C:\program files\icechat7\icechat7.exe" = protocol=6 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"UDP Query User{B768C802-A397-42F6-9445-0C401A44197D}C:\program files\icechat7\icechat7.exe" = protocol=17 | dir=in | app=c:\program files\icechat7\icechat7.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{140BF0D0-E848-405C-9A01-D3256B918B6D}" = AuthenTec Fingerprint System
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{451517F1-7E41-400B-AA36-FB7E2563526D}" = Dell Wireless 1515 Driver Installation
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C62299C-65FF-834B-AE08-00A463411321}" = Skins
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6F4148D5-BAE5-F6AA-E34A-32DD423B31C3}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{813FF60E-226E-092E-3243-91367F900BE2}" = ccc-utility
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{883141EF-9174-259C-ED5D-74D0FB2461C0}" = ccc-core-static
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B85F8BF3-2D1C-683A-9F47-F0339EBE3ADA}" = Catalyst Control Center Graphics Full New
"{BFC19AEE-8C4D-65BF-3BAE-729D1252E86C}" = Catalyst Control Center InstallProxy
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D31D8690-A6E5-37C3-8BBE-28E8EE48BEAB}" = Catalyst Control Center Graphics Previews Vista
"{D5A3FE4E-E160-8987-4AB9-0148BF2F65B0}" = Catalyst Control Center Graphics Light
"{D9481F93-5D55-C4E2-6D3F-ED2180590920}" = Catalyst Control Center Graphics Full Existing
"{DA054439-21A7-D2EF-DE23-38AA0560535F}" = ATI Catalyst Install Manager
"{E137477C-C14A-92E7-867A-08E256A5425E}" = CCC Help English
"{E19DF061-5BBA-72B7-17A0-B8DA1FEA621A}" = Catalyst Control Center Core Implementation
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E481DB0E-52F2-4EE0-9BDA-9EE173FA6EA2}" = Catalyst Control Center - Branding
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EAE03C8D-6A76-9A21-1111-B93B338ABDB1}" = Catalyst Control Center InstallProxy
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BB6248-C507-46FE-8A35-1B16F35E0441}" = ITECIR
"17D5EDB8CF9DBD67DDA7675D6772B06BA5809565" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/01/2008 8.0.26.3)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"IceChat_is1" = IceChat 7.70 (Build 20101031)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/04/2011 1:26:47 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:05 PM | Computer Name = Nicole-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 28/04/2011 1:29:55 PM | Computer Name = Nicole-PC | Source = Application Hang | ID = 1002
Description = The program iTunes.exe version 10.2.2.12 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1118 Start Time: 01cc05c9be0917d3 Termination Time: 7

Error - 28/04/2011 1:41:03 PM | Computer Name = Nicole-PC | Source = VSS | ID = 8194
Description =

Error - 28/04/2011 1:50:44 PM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

Error - 28/04/2011 2:47:22 PM | Computer Name = Nicole-PC | Source = VSS | ID = 8194
Description =

Error - 28/04/2011 2:48:37 PM | Computer Name = Nicole-PC | Source = System Restore | ID = 8193
Description =

Error - 29/04/2011 7:44:06 AM | Computer Name = Nicole-PC | Source = EventSystem | ID = 4621
Description =

Error - 29/04/2011 7:47:21 AM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

Error - 30/04/2011 6:07:45 AM | Computer Name = Nicole-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 01/05/2011 5:50:19 AM | Computer Name = Nicole-PC | Source = HTTP | ID = 15016
Description =

Error - 01/05/2011 5:50:31 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 07/05/2011 12:12:56 AM | Computer Name = Nicole-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 00255631A7D8 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 08/05/2011 5:51:39 PM | Computer Name = Nicole-PC | Source = HTTP | ID = 15016
Description =

Error - 08/05/2011 5:52:07 PM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = DCOM | ID = 10005
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 09/05/2011 1:04:30 AM | Computer Name = Nicole-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Firefox seems to be working now.. it hasn't crashed yet.

#10
RKinner

Posted 10 May 2011 - 08:42 PM

Malware Expert

Expert
24,624 posts

OTL is showing problems with Firefox's extensions. You should probably

Do what it says under
Re-initializing the plugins database

on

http://support.mozil...lugins-database

Ron