OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Lydia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.60 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 35.77% Memory free
5.20 Gb Paging File | 3.18 Gb Available in Paging File | 61.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 253.15 Gb Free Space | 88.73% Space Free | Partition Type: NTFS
Computer Name: LYDIA-PC | User Name: Lydia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2012/05/30 11:04:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Lydia\Downloads\OTL.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/25 08:31:42 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/13 17:40:14 | 004,361,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgui.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/23 05:57:00 | 002,321,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:56 | 000,493,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
========== Modules (No Company Name) ==========
MOD - [2012/05/23 20:47:27 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/25 08:31:42 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/12/26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2011/02/10 15:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/20 23:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2010/10/20 17:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/28 15:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/13 21:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/25 08:31:43 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/23 05:57:00 | 002,321,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/20 23:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/07/01 13:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/12/14 20:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2011/05/23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/10 16:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/02/10 15:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/27 18:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 19:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..\SearchScopes,DefaultScope = {7C372509-C885-440F-95CD-03407BFE810A}
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..\SearchScopes\{7C372509-C885-440F-95CD-03407BFE810A}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/29 14:09:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/03 21:02:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 08:31:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/25 20:20:40 | 000,000,000 | ---D | M]
[2012/04/03 19:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lydia\AppData\Roaming\Mozilla\Extensions
[2012/05/28 17:56:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lydia\AppData\Roaming\Mozilla\Firefox\Profiles\2cnwjxkv.default\extensions
[2012/05/17 23:26:48 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lydia\AppData\Roaming\Mozilla\Firefox\Profiles\2cnwjxkv.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/04/04 16:31:06 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Lydia\AppData\Roaming\Mozilla\Firefox\Profiles\2cnwjxkv.default\extensions\[email protected]
[2012/05/17 23:28:59 | 000,002,103 | ---- | M] () -- C:\Users\Lydia\AppData\Roaming\Mozilla\Firefox\Profiles\2cnwjxkv.default\searchplugins\wot-safe-search.xml
[2012/04/03 19:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/10 15:09:54 | 000,048,772 | ---- | M] () (No name found) -- C:\USERS\LYDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CNWJXKV.DEFAULT\EXTENSIONS\{3E9BB2A7-62CA-4EFA-A4E6-F6F6168A652D}.XPI
[2012/05/28 17:56:09 | 000,524,866 | ---- | M] () (No name found) -- C:\USERS\LYDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CNWJXKV.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/04/03 20:04:47 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\LYDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CNWJXKV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/04/03 20:04:47 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\LYDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CNWJXKV.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012/04/03 20:04:46 | 000,047,822 | ---- | M] () (No name found) -- C:\USERS\LYDIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CNWJXKV.DEFAULT\EXTENSIONS\[email protected]
[2012/04/25 08:31:43 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..Trusted Domains: onlinesearches.com ([publicrecords] https in Trusted sites)
O15 - HKU\S-1-5-21-1179141894-4062914704-3253566659-1000\..Trusted Domains: shenandoahgis.org ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.111.1.210 204.111.1.195
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13F41626-1150-44BD-BC2D-CC8EFBBA84EA}: DhcpNameServer = 204.111.1.210 204.111.1.195
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461FA28E-5FAC-48DC-827E-6C2C93A7BB3B}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a04f24f3-7ded-11e1-8a6d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a04f24f3-7ded-11e1-8a6d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AUTOPLAY.EXE id=10000017000011000015 ver=1.0.0.0
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2012/05/29 14:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/29 11:05:34 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\f-secure
[2012/05/29 11:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2012/05/29 10:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/29 10:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/05/29 10:24:18 | 000,772,552 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/05/29 10:24:18 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/05/29 10:23:59 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/05/29 10:23:59 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/05/28 18:00:48 | 000,289,792 | ---- | C] (Puran Software) -- C:\windows\SysNative\PuranDefragS.exe
[2012/05/28 18:00:48 | 000,284,672 | ---- | C] (Puran Software) -- C:\windows\SysNative\PuranDC.exe
[2012/05/28 18:00:48 | 000,253,952 | ---- | C] (Puran Software) -- C:\windows\SysNative\PuranDefrag.dll
[2012/05/28 18:00:48 | 000,130,048 | ---- | C] (Puran Software) -- C:\windows\SysNative\PuranDefragBT.exe
[2012/05/28 18:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
[2012/05/28 18:00:47 | 001,363,968 | ---- | C] (Puran Software) -- C:\windows\SysNative\PuranFD.exe
[2012/05/28 18:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Puran Defrag
[2012/05/03 21:04:32 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\AVG2012
[2012/05/03 21:03:48 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\AVG
[2012/05/03 21:02:48 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/03 21:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/05/03 21:02:48 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\AVG
[2012/05/03 21:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/05/03 20:43:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/03 20:43:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/05/02 17:59:19 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/02 17:59:19 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/02 17:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/05/02 17:41:21 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/04/25 08:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/25 08:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/19 04:50:26 | 000,028,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\windows\SysNative\drivers\avgidsha.sys
[2012/04/16 14:16:11 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Foxit Software
[2012/04/11 20:04:14 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\ElevatedDiagnostics
[2012/04/11 08:29:50 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/04/11 08:29:49 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/04/11 08:29:49 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/04/11 08:26:02 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/04/11 08:26:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/04/11 08:26:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/04/11 08:24:54 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/04/11 08:24:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/04/11 08:24:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/04/11 08:24:54 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/04/11 08:24:54 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/04/11 08:24:54 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/04/11 08:24:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/04/07 22:04:32 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Diagnostics
[2012/04/06 20:56:54 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\CrashDumps
[2012/04/05 21:45:16 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2012/04/05 21:45:15 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2012/04/05 21:44:55 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2012/04/05 21:44:55 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2012/04/05 21:44:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2012/04/05 21:44:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2012/04/05 21:44:53 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2012/04/05 21:44:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2012/04/05 21:44:52 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2012/04/05 01:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/04/04 17:35:33 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/04/04 17:35:33 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/04/04 17:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/04/04 17:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/04/04 17:03:11 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Malwarebytes
[2012/04/04 17:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/04 17:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/04 17:02:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/04/04 17:02:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/04 16:59:38 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Lydia\Desktop\mbam--setup-1.60.1.1000.exe
[2012/04/04 16:47:06 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\QFX Software
[2012/04/04 16:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2012/04/04 16:43:24 | 002,804,712 | ---- | C] (Symantec Corporation) -- C:\Users\Lydia\Desktop\NPE.exe
[2012/04/04 16:38:54 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\NPE
[2012/04/04 16:36:34 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Tific
[2012/04/04 16:36:33 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Symantec
[2012/04/04 10:11:19 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/04/04 10:09:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll
[2012/04/04 10:09:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2012/04/04 10:09:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll
[2012/04/04 10:09:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll
[2012/04/04 10:09:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2012/04/04 10:09:15 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2012/04/04 10:09:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2012/04/04 10:09:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2012/04/04 10:09:15 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2012/04/04 10:09:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2012/04/04 10:09:11 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2012/04/04 10:09:11 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2012/04/04 10:09:09 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2012/04/04 10:09:09 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2012/04/04 10:09:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/04/04 10:09:07 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/04/04 10:09:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/04/04 10:09:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/04/04 10:09:03 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/04/04 10:08:57 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2012/04/04 10:08:56 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2012/04/04 10:08:56 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2012/04/04 10:08:55 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2012/04/04 10:08:55 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2012/04/04 10:08:55 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2012/04/04 10:08:55 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2012/04/04 10:08:55 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2012/04/04 10:08:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2012/04/04 10:08:55 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2012/04/04 10:08:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2012/04/04 10:08:55 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2012/04/04 10:08:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2012/04/04 10:08:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/04/04 10:08:42 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/04/04 10:08:42 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/04/04 10:08:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/04/04 10:08:42 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/04/04 10:08:42 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/04/04 10:08:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012/04/04 10:08:34 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/04/04 10:08:34 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/04/04 10:08:33 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/04/04 10:08:33 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/04/04 10:08:32 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/04/04 10:08:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/04/04 10:08:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/04/04 10:08:22 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/04/04 10:08:22 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/04/04 10:08:20 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll
[2012/04/04 10:08:20 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll
[2012/04/04 10:08:19 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2012/04/04 10:08:19 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll
[2012/04/04 10:08:04 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012/04/04 10:08:04 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012/04/04 10:08:04 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012/04/04 10:08:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012/04/04 10:08:02 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2012/04/04 10:08:02 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2012/04/04 10:08:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe
[2012/04/04 10:08:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2012/04/04 10:07:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2012/04/04 10:07:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2012/04/04 10:07:58 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2012/04/04 10:07:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2012/04/04 10:07:56 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/04/04 10:07:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/04/04 10:06:44 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2012/04/04 10:06:44 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2012/04/04 10:06:44 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2012/04/04 10:06:44 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2012/04/04 10:06:44 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll
[2012/04/04 10:06:44 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll
[2012/04/04 10:06:44 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll
[2012/04/04 10:05:09 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/04/04 10:05:09 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/04/04 10:05:09 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/04/04 10:05:09 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/04/04 10:05:09 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/04/04 10:05:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/04/04 10:05:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2012/04/04 10:05:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2012/04/04 10:05:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2012/04/04 10:05:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/04/04 10:05:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2012/04/04 10:05:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/04/04 10:05:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/04/04 10:05:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/04/04 10:05:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2012/04/04 10:05:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/04 10:05:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/04 10:05:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/04/04 10:05:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/04/04 10:05:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/04/04 10:05:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/04/04 10:05:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/04/04 10:05:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/04/04 10:05:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/04/04 10:05:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2012/04/04 10:05:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2012/04/04 10:05:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2012/04/04 10:05:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2012/04/04 10:05:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2012/04/04 10:05:02 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2012/04/04 10:05:00 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2012/04/04 10:04:59 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2012/04/04 10:04:54 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/04/04 10:04:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/04/04 10:04:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/04/04 10:04:03 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/04/03 22:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2012/04/03 22:00:37 | 000,222,904 | ---- | C] (QFX Software Corporation) -- C:\windows\SysNative\drivers\keyscrambler.sys
[2012/04/03 22:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2012/04/03 21:25:40 | 000,027,784 | ---- | C] (TOSHIBA Corporation.) -- C:\windows\SysNative\drivers\tdcmdpst.sys
[2012/04/03 21:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Best Buy pc app
[2012/04/03 21:24:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
[2012/04/03 21:23:06 | 000,138,656 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\TODDSrv.exe
[2012/04/03 21:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/04/03 21:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/04/03 21:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/03 21:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/04/03 21:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/04/03 21:08:09 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e
[2012/04/03 21:03:06 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll
[2012/04/03 21:03:06 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll
[2012/04/03 20:59:37 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\PGEffect.sys
[2012/04/03 20:56:06 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomctl.ocx
[2012/04/03 20:56:05 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\COMCTL32.OCX
[2012/04/03 20:56:05 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Comdlg32.ocx
[2012/04/03 20:56:05 | 000,009,728 | ---- | C] (TOSHIBA Corp.) -- C:\windows\SysWow64\TCMSVR.dll
[2012/04/03 20:56:05 | 000,009,216 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\FwLnk.sys
[2012/04/03 20:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
[2012/04/03 20:55:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems
[2012/04/03 20:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2012/04/03 20:54:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2012/04/03 20:54:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2012/04/03 20:54:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2012/04/03 20:54:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2012/04/03 20:54:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2012/04/03 20:54:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2012/04/03 20:54:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2012/04/03 20:54:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2012/04/03 20:54:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2012/04/03 20:54:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2012/04/03 20:54:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2012/04/03 20:54:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2012/04/03 20:54:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2012/04/03 20:54:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2012/04/03 20:54:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2012/04/03 20:54:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2012/04/03 20:54:53 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2012/04/03 20:54:53 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2012/04/03 20:54:53 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2012/04/03 20:54:53 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2012/04/03 20:54:52 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2012/04/03 20:54:52 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2012/04/03 20:54:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2012/04/03 20:54:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2012/04/03 20:54:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2012/04/03 20:54:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2012/04/03 20:54:51 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2012/04/03 20:54:51 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2012/04/03 20:54:50 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2012/04/03 20:54:50 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2012/04/03 20:54:49 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2012/04/03 20:54:49 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2012/04/03 20:54:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2012/04/03 20:54:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2012/04/03 20:54:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2012/04/03 20:54:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2012/04/03 20:54:46 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2012/04/03 20:54:46 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2012/04/03 20:54:45 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2012/04/03 20:54:45 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2012/04/03 20:54:45 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2012/04/03 20:54:45 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2012/04/03 20:54:42 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2012/04/03 20:54:42 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2012/04/03 20:54:42 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2012/04/03 20:54:42 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2012/04/03 20:54:41 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2012/04/03 20:54:41 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2012/04/03 20:54:41 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2012/04/03 20:54:41 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2012/04/03 20:54:41 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2012/04/03 20:54:41 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2012/04/03 20:54:40 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2012/04/03 20:54:40 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2012/04/03 20:54:40 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2012/04/03 20:54:40 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2012/04/03 20:54:39 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2012/04/03 20:54:39 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2012/04/03 20:54:30 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2012/04/03 20:54:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2012/04/03 20:54:29 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2012/04/03 20:54:29 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2012/04/03 20:54:29 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2012/04/03 20:54:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2012/04/03 20:54:29 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2012/04/03 20:54:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2012/04/03 20:54:28 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2012/04/03 20:54:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2012/04/03 20:54:27 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2012/04/03 20:54:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2012/04/03 20:54:26 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2012/04/03 20:54:26 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2012/04/03 20:54:26 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2012/04/03 20:54:26 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2012/04/03 20:54:25 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2012/04/03 20:54:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2012/04/03 20:49:30 | 001,221,224 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8192se.sys
[2012/04/03 20:49:30 | 001,109,096 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8192ce.sys
[2012/04/03 20:49:30 | 000,626,792 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl819xp.sys
[2012/04/03 20:49:30 | 000,450,048 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8187B.sys
[2012/04/03 20:49:30 | 000,442,368 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8187Se.sys
[2012/04/03 20:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver
[2012/04/03 20:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/04/03 20:46:06 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\sda
[2012/04/03 20:45:49 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysWow64\RtsUStoricon.dll
[2012/04/03 20:45:49 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll
[2012/04/03 20:45:49 | 000,243,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys
[2012/04/03 20:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/04/03 20:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/04/03 20:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/04/03 20:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/04/03 20:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/04/03 20:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/04/03 20:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/04/03 20:35:38 | 005,305,856 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysNative\atiumd64.dll
[2012/04/03 20:35:38 | 004,162,048 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysWow64\atiumdag.dll
[2012/04/03 20:35:38 | 003,461,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiumdva.dll
[2012/04/03 20:35:38 | 003,218,944 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd6a.dll
[2012/04/03 20:35:38 | 001,208,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiumd6v.dll
[2012/04/03 20:35:38 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\Oemdspif.dll
[2012/04/03 20:35:38 | 000,058,880 | ---- | C] (AMD) -- C:\windows\SysNative\coinst.dll
[2012/04/03 20:35:38 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiuxp64.dll
[2012/04/03 20:35:38 | 000,030,720 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiuxpag.dll
[2012/04/03 20:35:38 | 000,028,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiu9pag.dll
[2012/04/03 20:35:37 | 022,100,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atio6axx.dll
[2012/04/03 20:35:37 | 017,044,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysWow64\atioglxx.dll
[2012/04/03 20:35:37 | 008,283,136 | ---- | C] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\atikmdag.sys
[2012/04/03 20:35:37 | 006,815,232 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticaldd64.dll
[2012/04/03 20:35:37 | 005,441,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticaldd.dll
[2012/04/03 20:35:37 | 004,844,544 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysNative\atidxx64.dll
[2012/04/03 20:35:37 | 004,101,632 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysWow64\atidxx32.dll
[2012/04/03 20:35:37 | 000,708,608 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysNative\aticfx64.dll
[2012/04/03 20:35:37 | 000,596,480 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\SysWow64\aticfx32.dll
[2012/04/03 20:35:37 | 000,480,256 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2012/04/03 20:35:37 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\ATIDEMGX.dll
[2012/04/03 20:35:37 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atipdl64.dll
[2012/04/03 20:35:37 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\atipdlxx.dll
[2012/04/03 20:35:37 | 000,353,792 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiadlxx.dll
[2012/04/03 20:35:37 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\ATIODE.exe
[2012/04/03 20:35:37 | 000,294,400 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\drivers\atikmpag.sys
[2012/04/03 20:35:37 | 000,249,856 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysWow64\atiadlxy.dll
[2012/04/03 20:35:37 | 000,203,776 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2012/04/03 20:35:37 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atiapfxx.exe
[2012/04/03 20:35:37 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2012/04/03 20:35:37 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\atibtmon.exe
[2012/04/03 20:35:37 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atiedu64.dll
[2012/04/03 20:35:37 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atimpc64.dll
[2012/04/03 20:35:37 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\amdpcom64.dll
[2012/04/03 20:35:37 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\windows\SysNative\drivers\ati2erec.dll
[2012/04/03 20:35:37 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atimpc32.dll
[2012/04/03 20:35:37 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\amdpcom32.dll
[2012/04/03 20:35:37 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\SysNative\ATIODCLI.exe
[2012/04/03 20:35:37 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalrt64.dll
[2012/04/03 20:35:37 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalrt.dll
[2012/04/03 20:35:37 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysNative\aticalcl64.dll
[2012/04/03 20:35:37 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\SysWow64\aticalcl.dll
[2012/04/03 20:35:37 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\ati2edxx.dll
[2012/04/03 20:35:37 | 000,038,400 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiu9p64.dll
[2012/04/03 20:35:37 | 000,032,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6txx.dll
[2012/04/03 20:35:37 | 000,027,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atigktxx.dll
[2012/04/03 20:35:37 | 000,016,384 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2012/04/03 20:35:37 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atig6pxx.dll
[2012/04/03 20:35:37 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysWow64\atiglpxx.dll
[2012/04/03 20:35:37 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\SysNative\atiglpxx.dll
[2012/04/03 20:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/04/03 20:31:02 | 000,075,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amd_sata.sys
[2012/04/03 20:31:02 | 000,038,016 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amd_xata.sys
[2012/04/03 20:30:51 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2012/04/03 20:21:39 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2012/04/03 20:15:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/04/03 20:11:21 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Best Buy pc app
[2012/04/03 20:05:47 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\TOSHIBA_Corporation
[2012/04/03 19:53:09 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Adobe
[2012/04/03 19:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012/04/03 19:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba Book Place
[2012/04/03 19:35:32 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\VS Revo Group
[2012/04/03 19:31:23 | 000,000,000 | ---D | C] -- C:\Users\Lydia\Documents\Book Place
[2012/04/03 19:31:09 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Book Place
[2012/04/03 19:24:31 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Mozilla
[2012/04/03 19:24:30 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Mozilla
[2012/04/03 19:24:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/04/03 19:16:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/04/03 19:16:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/04/03 19:16:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/04/03 19:16:13 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/04/03 19:16:13 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/04/03 19:12:57 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Adobe
[2012/04/03 18:58:50 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Google
[2012/04/03 18:58:49 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Google
[2012/04/03 18:51:34 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Toshiba
[2012/04/03 18:50:08 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy
[2012/04/03 18:49:47 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Apps
[2012/04/03 18:49:46 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\ATI
[2012/04/03 18:49:46 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\ATI
[2012/04/03 18:49:43 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Deployment
[2012/04/03 18:48:32 | 000,000,000 | R--D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/04/03 18:48:31 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Searches
[2012/04/03 18:48:31 | 000,000,000 | -H-D | C] -- C:\Users\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/04/03 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Identities
[2012/04/03 18:48:11 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Contacts
[2012/04/03 18:48:06 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\VirtualStore
[2012/04/03 18:46:28 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\WinBatch
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\AppData\Local\Temporary Internet Files
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Templates
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Start Menu
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\SendTo
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Recent
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\PrintHood
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\NetHood
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Documents\My Videos
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Documents\My Pictures
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Documents\My Music
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\My Documents
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Local Settings
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\AppData\Local\History
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Cookies
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\Application Data
[2012/04/03 18:44:44 | 000,000,000 | -HSD | C] -- C:\Users\Lydia\AppData\Local\Application Data
[2012/04/03 18:44:41 | 000,000,000 | --SD | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Videos
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Saved Games
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Pictures
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Music
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Links
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Favorites
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Downloads
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Documents
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\Desktop
[2012/04/03 18:44:41 | 000,000,000 | R--D | C] -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/04/03 18:44:41 | 000,000,000 | -H-D | C] -- C:\Users\Lydia\AppData
[2012/04/03 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Temp
[2012/04/03 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Local\Microsoft
[2012/04/03 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Media Center Programs
[2012/04/03 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Lydia\AppData\Roaming\Macromedia
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2012/05/30 10:39:48 | 000,034,814 | ---- | M] () -- C:\Users\Lydia\AppData\Local\dt.dat
[2012/05/30 10:34:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/30 09:12:36 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 09:12:36 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/30 09:07:27 | 099,492,269 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/05/30 09:03:53 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/30 09:03:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/05/30 09:03:01 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/29 22:01:34 | 001,241,168 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/05/29 22:01:34 | 000,320,340 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/05/29 22:01:34 | 000,005,152 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/05/29 19:49:43 | 000,258,473 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/05/29 18:46:02 | 000,274,320 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/05/29 14:09:29 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/29 10:23:41 | 000,772,552 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2012/05/29 10:23:41 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2012/05/29 10:23:41 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2012/05/28 17:57:10 | 000,625,911 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavifw.avm
[2012/05/23 20:47:27 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/05/23 20:47:27 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/20 20:49:06 | 000,006,120 | ---- | M] () -- C:\Users\Lydia\Desktop\cap1[1].odt
[2012/05/03 21:21:36 | 000,000,778 | ---- | M] () -- C:\Users\Lydia\Desktop\Backup_03-Apr-12 - Shortcut.lnk
[2012/05/03 21:03:48 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/03 21:03:48 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/03 21:03:48 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/03 20:53:02 | 000,006,263 | ---- | M] () -- C:\Users\Lydia\Desktop\cap1[1]dos.odt
[2012/05/02 17:41:22 | 000,001,279 | ---- | M] () -- C:\Users\Lydia\Desktop\Revo Uninstaller.lnk
[2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\windows\SysNative\drivers\avgidsha.sys
[2012/04/11 00:09:19 | 000,022,506 | ---- | M] () -- C:\Users\Lydia\Desktop\Amador causeway.jpg
[2012/04/07 08:46:09 | 000,002,474 | ---- | M] () -- C:\Users\Lydia\Desktop\3.29 thru 4.6.2012.odt
[2012/04/04 18:47:24 | 000,227,720 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2012/04/04 18:47:02 | 000,687,504 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2012/04/04 17:01:33 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lydia\Desktop\mbam--setup-1.60.1.1000.exe
[2012/04/04 16:43:55 | 002,804,712 | ---- | M] (Symantec Corporation) -- C:\Users\Lydia\Desktop\NPE.exe
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/04/03 21:42:29 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/04/03 21:42:29 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2012/04/03 20:39:34 | 000,000,000 | ---- | M] () -- C:\windows\ativpsrm.bin
[2012/04/03 19:24:22 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/03 18:58:39 | 000,001,452 | ---- | M] () -- C:\Users\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/03 18:53:31 | 000,001,575 | ---- | M] () -- C:\Users\Lydia\Desktop\OpenOffice.org 3.3 (en-US) Installation Files - Shortcut.lnk
[2012/04/03 18:50:08 | 000,000,398 | ---- | M] () -- C:\Users\Lydia\Desktop\pc app.appref-ms
[2012/04/03 18:47:23 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/30 10:39:48 | 000,034,814 | ---- | C] () -- C:\Users\Lydia\AppData\Local\dt.dat
[2012/05/30 09:07:27 | 099,492,269 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2012/05/29 19:49:43 | 000,258,473 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2012/05/29 18:45:21 | 000,274,320 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/05/28 17:57:10 | 000,625,911 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\iavifw.avm
[2012/05/03 21:21:36 | 000,000,778 | ---- | C] () -- C:\Users\Lydia\Desktop\Backup_03-Apr-12 - Shortcut.lnk
[2012/05/03 21:03:51 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/03 21:03:48 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2012/05/03 21:03:48 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/03 21:03:48 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/05/02 17:41:22 | 000,001,279 | ---- | C] () -- C:\Users\Lydia\Desktop\Revo Uninstaller.lnk
[2012/04/13 09:28:56 | 000,006,263 | ---- | C] () -- C:\Users\Lydia\Desktop\cap1[1]dos.odt
[2012/04/11 00:09:16 | 000,022,506 | ---- | C] () -- C:\Users\Lydia\Desktop\Amador causeway.jpg
[2012/04/06 21:30:22 | 000,002,474 | ---- | C] () -- C:\Users\Lydia\Desktop\3.29 thru 4.6.2012.odt
[2012/04/03 21:22:06 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/03 21:22:05 | 000,000,908 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/03 20:49:28 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/04/03 20:39:34 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/04/03 20:35:38 | 000,677,376 | ---- | C] () -- C:\windows\SysWow64\atiumdva.cap
[2012/04/03 20:35:38 | 000,677,376 | ---- | C] () -- C:\windows\SysNative\atiumd6a.cap
[2012/04/03 20:35:37 | 000,226,857 | ---- | C] () -- C:\windows\SysNative\atiicdxx.dat
[2012/04/03 20:35:37 | 000,138,392 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2012/04/03 20:35:37 | 000,022,280 | ---- | C] () -- C:\windows\atiogl.xml
[2012/04/03 20:35:37 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012/04/03 20:35:37 | 000,002,975 | ---- | C] () -- C:\windows\SysNative\atipblag.dat
[2012/04/03 20:18:10 | 2094,161,920 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/03 19:24:21 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/03 19:24:19 | 000,001,157 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/03 18:58:39 | 000,001,452 | ---- | C] () -- C:\Users\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/03 18:53:31 | 000,001,575 | ---- | C] () -- C:\Users\Lydia\Desktop\OpenOffice.org 3.3 (en-US) Installation Files - Shortcut.lnk
[2012/04/03 18:50:10 | 000,000,398 | ---- | C] () -- C:\Users\Lydia\Desktop\pc app.appref-ms
[2012/04/03 18:48:35 | 000,001,458 | ---- | C] () -- C:\Users\Lydia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/04/03 18:47:23 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2012/04/03 18:44:41 | 000,000,290 | ---- | C] () -- C:\Users\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/04/03 18:44:41 | 000,000,272 | ---- | C] () -- C:\Users\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
========== LOP Check ==========
[2012/05/03 21:04:32 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\AVG2012
[2012/04/03 19:31:09 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\Book Place
[2012/05/29 11:05:34 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\f-secure
[2012/04/16 14:16:11 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\Foxit Software
[2012/04/04 16:47:06 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\QFX Software
[2012/04/04 16:36:34 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\Tific
[2012/04/08 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\Toshiba
[2012/04/03 18:46:28 | 000,000,000 | ---D | M] -- C:\Users\Lydia\AppData\Roaming\WinBatch
[2009/07/14 01:08:49 | 000,021,846 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 5/30/2012 11:10:27 AM - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Lydia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.60 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 35.77% Memory free
5.20 Gb Paging File | 3.18 Gb Available in Paging File | 61.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 253.15 Gb Free Space | 88.73% Space Free | Partition Type: NTFS
Computer Name: LYDIA-PC | User Name: Lydia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1179141894-4062914704-3253566659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16EA5E6A-F41F-4E7D-BD0E-9F22F2880584}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E154CEA0-0DB7-4D59-96B4-A3CDAA2BBFA1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026FAF1C-8EBB-4E28-9C17-34C5BC0D76D8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{29B3D5A1-1AA7-4912-B358-E5E57B5FD2E1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{5E9F85C1-DC66-4A6F-816B-9E7D56B460A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{63368769-5596-481D-9600-74AD7F90BED6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{6CC37AE2-DA95-41EA-ADB5-7E21EB337D7E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{8A4D30CF-0767-45AF-8129-38BCCF7250FC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A128EA4F-3569-4222-BF41-E1BF5000F16D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B8C9B786-EC23-48F7-B08D-C818F91B5E43}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{ED3EE8B0-1895-4C7D-B3F8-815FAA366DE9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EEEF8D48-4191-4E87-8899-E7AD3B5E86D7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{FCB8509E-0F79-402D-837D-1FEA59469693}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D27E8CF-7546-F200-4CA3-CD2F39909F5A}" = ATI Catalyst Install Manager
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{2CDD9D22-AD67-4588-93AD-147C979F6E7C}" = AVG 2012
"{3EF6F8CE-BE77-0786-CA40-3CB5BF5EBCC8}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{522D5958-FFF0-2849-776B-442BE2A0004C}" = WMV9/VC-1 Video Playback
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{857B32C1-7C87-40B5-B2A5-D06F49B80002}" = AVG 2012
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-X64 8.0.8.0_R01
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04259F13-626E-814E-A80C-4601DFF3CE95}" = CCC Help Finnish
"{04D90620-2973-6F93-6E6C-C833F39C50C1}" = CCC Help Thai
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0FC61261-B251-C870-C650-8A854F1B4CF0}" = CCC Help Chinese Standard
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24C563C0-5569-A3BF-DF26-AAB3F25B5375}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 4
"{2823D463-54F8-F7B4-818F-B7436FF70658}" = CCC Help Portuguese
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{32F32D10-5190-7565-DD14-C235FAF81408}" = CCC Help Dutch
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34F971C8-B75F-6B8D-4AFC-5DAB84241AE6}" = CCC Help French
"{3798E892-DB93-6BE5-D4AD-8D1C4569F5EF}" = CCC Help Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52A2A26B-59BE-DE58-67EA-AE33077248A0}" = CCC Help Greek
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{589EB570-9B45-8EF9-7A0F-2A5B3A37BC49}" = CCC Help Swedish
"{59F65EE9-3DD6-6944-8222-342A9947D40B}" = Catalyst Control Center InstallProxy
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{60A1C223-4D86-AD1E-FB21-DE75010DABE3}" = CCC Help Hungarian
"{618AF7BF-10CD-0118-EE52-ED9BC440487B}" = CCC Help Russian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C313A41-2704-23C5-DA68-05BB34126233}" = CCC Help Italian
"{6C49A7D6-FD97-A573-29C7-87ED1756AC6D}" = CCC Help Chinese Traditional
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B4D913-147C-7084-961A-6728E8F2AC2E}" = CCC Help Korean
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}" = Toshiba Book Place
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{ACB77FD0-7796-82B5-51B1-3ABAD84932E7}" = Catalyst Control Center Graphics Previews Common
"{AE26F217-2100-A52C-2A00-3829358E4930}" = ccc-core-static
"{B35FB627-BB1F-E79D-9512-E7CF549B00AD}" = CCC Help Polish
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C4F1B841-0C75-368C-0A54-1BAF7C8B6A91}" = CCC Help English
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE15C07B-32E3-0586-305C-975F0FEE559A}" = CCC Help Turkish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC280F21-4FD6-9D47-6323-7CD5C8712DFB}" = CCC Help Spanish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED8AB7F6-E885-A8E9-1E97-2218D89FAE8F}" = CCC Help German
"{EEE6C8F8-4FDD-A08F-2292-31B34E327C0C}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4C03C2A-E14E-EB7C-AAD7-F4FB6396BEA1}" = Catalyst Control Center Localization All
"{F9E83908-4502-9B01-6B42-21E449DD2627}" = CCC Help Czech
"{FB90923E-F94F-4343-A084-F0AB39305C8B}" = Catalyst Control Center - Branding
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"KeyScrambler" = KeyScrambler
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.93
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1179141894-4062914704-3253566659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"48e4cff94f039634" = Best Buy pc app
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/22/2012 7:51:06 PM | Computer Name = Lydia-PC | Source = WinMgmt | ID = 10
Description =
Error - 5/22/2012 9:48:53 PM | Computer Name = Lydia-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .
Error - 5/22/2012 9:50:08 PM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.
Error - 5/22/2012 9:50:08 PM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.
Error - 5/23/2012 8:40:40 PM | Computer Name = Lydia-PC | Source = WinMgmt | ID = 10
Description =
Error - 5/24/2012 12:00:23 AM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.
Error - 5/24/2012 12:00:23 AM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.
Error - 5/24/2012 2:38:47 AM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.
Error - 5/24/2012 2:38:47 AM | Computer Name = Lydia-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.
Error - 5/24/2012 10:49:15 PM | Computer Name = Lydia-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 4/30/2012 6:25:32 PM | Computer Name = Lydia-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 5/2/2012 10:34:33 PM | Computer Name = Lydia-PC | Source = DCOM | ID = 10010
Description =
< End of report >
I have been having multiple problems for several months. My Toshiba Satellite C655 is not a year old. Approx 4 mo ago I did a cleaning with your technical assistance. My system appeared to be operating ok. Not very fast but it was a lot better. In the past 2 months it has slowed to a crawl. The system freezes, webpages close, my dsl stops responding; etc. AVG Internet Security reported that up to 300 critical and non-critical files were either locked or password protected and could not be scanned. I did not pass protect any files. I understand that system files are locked. Not doc, user, public, etc. In essence I cannot effectively scan my system with antivirus. I use Malwarebytes regularly. It always reports that nothing was found.
I am using Mozilla Firefox 12.0. Thank you for your assistance.
Sign In
Create Account
