Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

JUNE 10, Malabyte locking up, etc... [Solved]


  • This topic is locked This topic is locked

#16
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
:thumbsup: Sorry about the scan mistake, I have both saved on my desktop, next to each other, and I think origionally I started to do the OTL, got distracted, & questioned my decission, & sent the combo. I did the msconfig as u said, and it seems to have fixed the problem with SUPER slow typing thing.

This time I DID attach the OTL & Extra, and you can see how things are.

Are errors typical in extra report?

TY

Penny

OTL logfile created on: 6/15/2012 4:36:41 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\grizzard\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 3.04 Gb Available Physical Memory | 80.07% Memory free
7.60 Gb Paging File | 6.83 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.10 Gb Total Space | 196.91 Gb Free Space | 89.06% Space Free | Partition Type: NTFS

Computer Name: GRIZZARD-PC | User Name: grizzard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/13 12:49:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\grizzard\Desktop\OTL.exe
PRC - [2010/03/18 14:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/28 19:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/02/25 21:00:32 | 000,252,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 19:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/06 00:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 17:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/15 05:42:09 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/01 10:39:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/03/18 14:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/18 14:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/01/28 19:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/10/06 11:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/03/31 01:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/03/24 15:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/10 20:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/22 20:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/20 10:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/12 17:49:16 | 000,877,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (rtl8192Ce)
DRV:64bit: - [2010/02/10 17:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/08 23:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/15 15:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {798D0119-BD97-43A0-AC23-84AA69EDFF00}
IE:64bit: - HKLM\..\SearchScopes\{798D0119-BD97-43A0-AC23-84AA69EDFF00}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\..\SearchScopes,DefaultScope = {FF2D51C6-3FF9-45EE-AF18-DC6D0D57739C}
IE - HKLM\..\SearchScopes\{FF2D51C6-3FF9-45EE-AF18-DC6D0D57739C}: "URL" = http://www.google.co...ng}&rlz=1I7TSND

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A7349B1-7448-4BE9-B76E-D969FE8C0101}
IE - HKCU\..\SearchScopes\{6A7349B1-7448-4BE9-B76E-D969FE8C0101}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\grizzard\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\grizzard\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/15 01:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/15 01:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\grizzard\AppData\Roaming\Mozilla\Extensions
[2012/06/15 05:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\grizzard\AppData\Roaming\Mozilla\Firefox\Profiles\kqd3l37a.default\extensions
[2012/06/15 01:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/01 10:40:25 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/01 10:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/01 10:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\grizzard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\grizzard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Users\grizzard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2012/06/15 13:47:53 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.2.50 24.116.2.34 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F41B907-6556-4CE0-A562-FADCC48593BB}: DhcpNameServer = 24.116.2.50 24.116.2.34 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/15 13:50:41 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/06/15 13:48:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/15 10:36:41 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012/06/15 10:36:40 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012/06/15 09:43:27 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2012/06/15 09:43:27 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2012/06/15 09:43:27 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2012/06/15 09:43:26 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2012/06/15 09:43:26 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2012/06/15 09:43:26 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2012/06/15 09:43:26 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2012/06/15 09:43:26 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2012/06/15 09:42:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/06/15 09:42:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/06/15 09:42:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/06/15 09:42:16 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/06/15 09:42:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/06/15 09:42:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/15 09:42:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/06/15 09:42:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/06/15 09:42:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/06/15 09:42:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/06/15 09:42:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/06/15 09:42:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/06/15 09:42:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/06/15 09:42:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/06/15 09:42:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/06/15 09:42:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/06/15 09:42:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/06/15 09:42:15 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/06/15 09:42:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/06/15 09:42:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/06/15 09:42:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/06/15 09:42:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/06/15 09:42:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/06/15 09:42:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/06/15 09:42:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/06/15 09:42:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/06/15 09:42:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/06/15 09:42:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/06/15 09:42:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/06/15 09:42:14 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/06/15 09:42:14 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/06/15 09:42:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/06/15 09:42:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/06/15 09:42:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/06/15 09:42:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/06/15 09:42:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/06/15 09:42:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/06/15 09:42:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/06/15 09:42:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/06/15 09:42:13 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/06/15 09:42:13 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/06/15 09:42:13 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/06/15 09:42:13 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/06/15 09:42:13 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/06/15 09:42:13 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/06/15 09:42:13 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/06/15 09:42:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/06/15 09:42:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/06/15 09:42:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/06/15 09:42:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/06/15 09:42:13 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/06/15 09:42:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/06/15 09:42:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/06/15 09:42:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/06/15 09:42:13 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/06/15 09:42:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/06/15 09:42:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/06/15 09:42:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/06/15 09:42:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/06/15 09:42:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/06/15 09:42:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/06/15 09:42:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/06/15 09:42:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/06/15 09:42:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/06/15 09:42:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/06/15 09:42:12 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/06/15 09:42:12 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/06/15 09:42:12 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/06/15 09:42:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/06/15 09:42:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/06/15 09:42:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/06/15 09:42:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/06/15 09:34:22 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2012/06/15 09:34:22 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2012/06/15 09:34:22 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/06/15 09:34:22 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2012/06/15 09:34:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2012/06/15 09:34:21 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2012/06/15 09:34:21 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2012/06/15 09:34:21 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/06/15 09:34:21 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/06/15 09:34:21 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/06/15 09:34:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2012/06/15 09:34:21 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2012/06/15 09:34:20 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2012/06/15 09:34:20 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2012/06/15 09:34:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2012/06/15 09:34:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2012/06/15 09:34:20 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2012/06/15 09:24:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/06/15 09:24:44 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/06/15 09:24:43 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/06/15 09:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/06/15 05:33:08 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/06/15 05:33:08 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/15 05:32:59 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2012/06/15 05:23:53 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\vlc
[2012/06/15 05:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Media Player
[2012/06/15 03:27:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll
[2012/06/15 03:27:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll
[2012/06/15 03:27:57 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2012/06/15 03:27:57 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2012/06/15 03:27:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2012/06/15 03:27:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2012/06/15 03:27:56 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2012/06/15 03:27:56 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2012/06/15 03:27:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2012/06/15 03:27:55 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2012/06/15 03:27:55 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2012/06/15 03:27:54 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012/06/15 03:27:54 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2012/06/15 03:27:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2012/06/15 03:27:38 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2012/06/15 03:27:38 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2012/06/15 03:27:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2012/06/15 03:27:37 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll
[2012/06/15 03:27:37 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2012/06/15 03:27:37 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2012/06/15 03:27:36 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll
[2012/06/15 03:27:36 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2012/06/15 03:27:34 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2012/06/15 03:27:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2012/06/15 03:27:05 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/06/15 03:27:05 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/06/15 03:27:05 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/06/15 03:27:05 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/06/15 03:27:01 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2012/06/15 03:26:59 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2012/06/15 03:26:59 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2012/06/15 03:26:59 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2012/06/15 03:26:58 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2012/06/15 03:26:58 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2012/06/15 03:26:58 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2012/06/15 03:26:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2012/06/15 03:26:58 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2012/06/15 03:26:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2012/06/15 03:26:55 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012/06/15 03:26:55 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/06/15 03:26:55 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/06/15 03:26:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012/06/15 03:26:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012/06/15 03:26:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012/06/15 03:26:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012/06/15 03:26:40 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2012/06/15 03:26:39 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll
[2012/06/15 03:26:38 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll
[2012/06/15 03:26:38 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll
[2012/06/15 03:26:38 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll
[2012/06/15 03:26:38 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2012/06/15 03:25:48 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/06/15 03:25:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/06/15 03:25:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/06/15 03:25:42 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012/06/15 03:25:42 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012/06/15 03:25:42 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012/06/15 03:25:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012/06/15 03:25:41 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[2012/06/15 03:25:40 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2012/06/15 03:25:40 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll
[2012/06/15 03:25:40 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2012/06/15 03:25:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe
[2012/06/15 03:25:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe
[2012/06/15 03:25:38 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/06/15 03:25:37 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/06/15 03:25:37 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/06/15 03:25:30 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2012/06/15 03:25:30 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2012/06/15 03:25:30 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2012/06/15 03:25:30 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2012/06/15 03:25:29 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2012/06/15 03:25:29 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2012/06/15 03:25:29 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax
[2012/06/15 03:25:29 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax
[2012/06/15 03:25:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax
[2012/06/15 03:25:28 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax
[2012/06/15 03:25:12 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2012/06/15 03:25:12 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2012/06/15 03:25:11 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2012/06/15 03:25:11 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2012/06/15 03:25:11 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll
[2012/06/15 03:25:11 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll
[2012/06/15 03:25:11 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll
[2012/06/15 03:25:10 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2012/06/15 03:25:10 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2012/06/15 03:25:03 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/06/15 03:25:03 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/06/15 03:25:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/06/15 03:25:03 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/06/15 03:25:03 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/06/15 03:25:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/06/15 03:25:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2012/06/15 03:25:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2012/06/15 03:25:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2012/06/15 03:25:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/06/15 03:25:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2012/06/15 03:25:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2012/06/15 03:25:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/06/15 03:25:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/06/15 03:25:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/06/15 03:25:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/06/15 03:25:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/06/15 03:25:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/06/15 03:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/06/15 03:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/06/15 03:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/06/15 03:25:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/06/15 03:25:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/06/15 03:24:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/06/15 03:24:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/06/15 03:24:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/06/15 03:24:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/06/15 03:24:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/06/15 03:24:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/06/15 03:24:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/06/15 03:24:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2012/06/15 03:24:57 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2012/06/15 03:24:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2012/06/15 03:24:56 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2012/06/15 03:24:56 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2012/06/15 03:24:55 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2012/06/15 03:24:55 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2012/06/15 03:24:52 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2012/06/15 03:24:51 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2012/06/15 03:24:49 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2012/06/15 03:24:48 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2012/06/15 03:24:47 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe
[2012/06/15 03:24:44 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/06/15 03:24:43 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2012/06/15 03:24:42 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2012/06/15 03:24:42 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2012/06/15 03:24:40 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012/06/15 03:24:40 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012/06/15 03:24:18 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2012/06/15 03:24:18 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2012/06/15 03:24:10 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012/06/15 03:24:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/06/15 03:24:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012/06/15 03:24:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll
[2012/06/15 02:42:55 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\LogMeIn Rescue Applet
[2012/06/15 02:06:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/06/15 02:06:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/06/15 02:06:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/06/15 02:06:16 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012/06/15 02:06:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/15 01:27:16 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Mozilla
[2012/06/15 01:27:16 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Mozilla
[2012/06/15 01:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/15 01:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/15 01:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/15 01:23:03 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/15 01:22:02 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Deployment
[2012/06/15 01:22:02 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Apps
[2012/06/15 01:16:22 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Malwarebytes
[2012/06/15 01:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/15 01:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/15 01:16:13 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/06/15 01:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/15 01:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/06/15 01:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/15 01:07:54 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/06/15 00:18:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/06/14 23:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Blio
[2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Laptop Checkup
[2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64
[2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200030.0C6
[2012/06/14 23:46:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/06/14 23:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Online Backup
[2012/06/14 23:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toshiba Online Backup
[2012/06/14 23:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/06/14 23:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Corporation
[2012/06/14 23:42:27 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2012/06/14 23:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Games
[2012/06/14 23:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems
[2012/06/14 23:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
[2012/06/14 23:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2012/06/14 23:38:21 | 000,035,008 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\PGEffect.sys
[2012/06/14 23:34:45 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll
[2012/06/14 23:34:45 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll
[2012/06/14 23:33:26 | 000,877,088 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8192Ce.sys
[2012/06/14 23:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver
[2012/06/14 23:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/06/14 23:32:08 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e
[2012/06/14 23:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/06/14 23:31:35 | 008,038,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSUSTORicon.dll
[2012/06/14 23:31:28 | 008,038,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysWow64\RtsUStoricon.dll
[2012/06/14 23:31:28 | 000,422,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll
[2012/06/14 23:31:28 | 000,239,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys
[2012/06/14 23:31:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/06/14 23:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/06/14 23:27:07 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStor.sys
[2012/06/14 23:24:24 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2012/06/14 23:24:10 | 000,000,000 | ---D | C] -- C:\Intel
[2012/06/14 23:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/06/14 22:49:10 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Macromedia
[2012/06/14 22:48:45 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Adobe
[2012/06/14 22:47:54 | 004,557,191 | R--- | C] (Swearware) -- C:\Users\grizzard\Desktop\ComboFix.exe
[2012/06/14 22:44:13 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\grizzard\Desktop\OTL.exe
[2012/06/14 22:41:29 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\SUPERAntiSpyware.com
[2012/06/14 22:40:08 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\grizzard\Desktop\TFC.exe
[2012/06/14 22:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/06/14 22:38:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/06/14 22:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/06/14 22:17:20 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Google
[2012/06/14 22:13:12 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Toshiba
[2012/06/14 22:13:11 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\TOSHIBA_Corporation
[2012/06/14 22:12:38 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/06/14 22:12:38 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/06/14 22:12:01 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Toshiba
[2012/06/14 22:11:01 | 000,000,000 | R--D | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/14 22:11:01 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Searches
[2012/06/14 22:11:01 | 000,000,000 | R--D | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/14 22:11:01 | 000,000,000 | -H-D | C] -- C:\Users\grizzard\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/14 22:10:51 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Identities
[2012/06/14 22:10:48 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Contacts
[2012/06/14 22:10:46 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\VirtualStore
[2012/06/14 22:09:50 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\WinBatch
[2012/06/14 22:09:25 | 000,000,000 | --SD | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Videos
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Saved Games
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Pictures
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Music
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Links
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Favorites
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Downloads
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Documents
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\Desktop
[2012/06/14 22:09:25 | 000,000,000 | R--D | C] -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\AppData\Local\Temporary Internet Files
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Templates
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Start Menu
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\SendTo
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Recent
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\PrintHood
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\NetHood
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Documents\My Videos
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Documents\My Pictures
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Documents\My Music
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\My Documents
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Local Settings
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\AppData\Local\History
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Cookies
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\Application Data
[2012/06/14 22:09:25 | 000,000,000 | -HSD | C] -- C:\Users\grizzard\AppData\Local\Application Data
[2012/06/14 22:09:25 | 000,000,000 | -H-D | C] -- C:\Users\grizzard\AppData
[2012/06/14 22:09:25 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Temp
[2012/06/14 22:09:25 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Local\Microsoft
[2012/06/14 22:09:25 | 000,000,000 | ---D | C] -- C:\Users\grizzard\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2012/06/15 16:42:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/15 16:40:06 | 000,717,260 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/06/15 16:40:06 | 000,617,460 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/06/15 16:40:06 | 000,104,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/06/15 16:35:05 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/15 16:34:53 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/06/15 16:34:50 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 16:34:22 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 16:34:22 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 16:27:10 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2675067982-3295729358-1155118055-1000UA.job
[2012/06/15 16:18:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/15 13:47:53 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/06/15 10:40:41 | 000,001,412 | ---- | M] () -- C:\Users\grizzard\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/15 10:38:36 | 000,274,320 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/06/15 09:42:16 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/06/15 09:42:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012/06/15 09:42:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012/06/15 09:42:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012/06/15 09:42:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012/06/15 09:42:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012/06/15 09:42:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012/06/15 09:42:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012/06/15 09:42:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012/06/15 09:42:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/06/15 09:42:15 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012/06/15 09:42:15 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012/06/15 09:42:15 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/06/15 09:42:15 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/06/15 09:42:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012/06/15 09:42:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012/06/15 09:42:15 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/06/15 09:42:15 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012/06/15 09:42:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012/06/15 09:42:15 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012/06/15 09:42:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012/06/15 09:42:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012/06/15 09:42:15 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012/06/15 09:42:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/06/15 09:42:15 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2012/06/15 09:42:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012/06/15 09:42:15 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012/06/15 09:42:15 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012/06/15 09:42:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012/06/15 09:42:15 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012/06/15 09:42:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012/06/15 09:42:14 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012/06/15 09:42:14 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012/06/15 09:42:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012/06/15 09:42:14 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/06/15 09:42:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012/06/15 09:42:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012/06/15 09:42:14 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012/06/15 09:42:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012/06/15 09:42:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012/06/15 09:42:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012/06/15 09:42:13 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/06/15 09:42:13 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/06/15 09:42:13 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012/06/15 09:42:13 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012/06/15 09:42:13 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012/06/15 09:42:13 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012/06/15 09:42:13 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012/06/15 09:42:13 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/06/15 09:42:13 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/06/15 09:42:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012/06/15 09:42:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012/06/15 09:42:13 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012/06/15 09:42:13 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012/06/15 09:42:13 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012/06/15 09:42:13 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012/06/15 09:42:13 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012/06/15 09:42:13 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012/06/15 09:42:13 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012/06/15 09:42:13 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012/06/15 09:42:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012/06/15 09:42:13 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2012/06/15 09:42:13 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012/06/15 09:42:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012/06/15 09:42:13 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012/06/15 09:42:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012/06/15 09:42:12 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/06/15 09:42:12 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/06/15 09:42:12 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/06/15 09:42:12 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012/06/15 09:42:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012/06/15 09:42:12 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012/06/15 09:42:12 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/06/15 09:42:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012/06/15 09:34:22 | 001,888,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2012/06/15 09:34:22 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2012/06/15 09:34:22 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2012/06/15 09:34:22 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2012/06/15 09:34:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2012/06/15 09:34:21 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2012/06/15 09:34:21 | 001,863,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2012/06/15 09:34:21 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2012/06/15 09:34:21 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012/06/15 09:34:21 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012/06/15 09:34:21 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2012/06/15 09:34:21 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2012/06/15 09:34:21 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2012/06/15 09:34:20 | 004,068,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2012/06/15 09:34:20 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2012/06/15 09:34:20 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2012/06/15 09:34:20 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2012/06/15 05:42:06 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/06/15 05:42:06 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/15 01:27:00 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2675067982-3295729358-1155118055-1000Core.job
[2012/06/15 01:16:19 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebyte.lnk
[2012/06/15 01:08:15 | 000,002,154 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/06/15 01:08:07 | 000,731,106 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/06/15 00:07:39 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012/06/15 00:07:39 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2012/06/14 23:31:54 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/06/14 23:25:46 | 000,015,800 | ---- | M] () -- C:\windows\SysNative\results.xml
[2012/06/14 22:10:23 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[2012/06/13 12:49:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\grizzard\Desktop\OTL.exe
[2012/06/13 12:44:24 | 004,557,191 | R--- | M] (Swearware) -- C:\Users\grizzard\Desktop\ComboFix.exe

========== Files Created - No Company Name ==========

[2012/06/15 10:40:41 | 000,001,424 | ---- | C] () -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/06/15 09:42:15 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2012/06/15 09:42:13 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012/06/15 05:33:09 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/15 02:06:39 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/06/15 02:06:39 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/06/15 02:06:39 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/06/15 02:06:39 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/06/15 02:06:39 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/06/15 01:27:14 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/15 01:22:19 | 000,000,920 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2675067982-3295729358-1155118055-1000UA.job
[2012/06/15 01:22:19 | 000,000,868 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2675067982-3295729358-1155118055-1000Core.job
[2012/06/15 01:16:19 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebyte.lnk
[2012/06/15 01:08:15 | 000,002,154 | ---- | C] () -- C:\windows\epplauncher.mif
[2012/06/15 01:08:10 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/06/15 01:08:07 | 000,731,106 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/06/14 23:46:13 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200030.0C6\isolate.ini
[2012/06/14 23:31:54 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/06/14 23:25:46 | 000,015,800 | ---- | C] () -- C:\windows\SysNative\results.xml
[2012/06/14 23:18:36 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/14 22:17:54 | 000,001,412 | ---- | C] () -- C:\Users\grizzard\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/14 22:11:03 | 000,001,418 | ---- | C] () -- C:\Users\grizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/14 22:10:23 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2012/06/14 22:09:25 | 000,000,290 | ---- | C] () -- C:\Users\grizzard\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/14 22:09:25 | 000,000,272 | ---- | C] () -- C:\Users\grizzard\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

< End of report
---------------------------------->>>>>>>
EXTRA LOG


OTL Extras logfile created on: 6/15/2012 4:36:41 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\grizzard\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 3.04 Gb Available Physical Memory | 80.07% Memory free
7.60 Gb Paging File | 6.83 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.10 Gb Total Space | 196.91 Gb Free Space | 89.06% Space Free | Partition Type: NTFS

Computer Name: GRIZZARD-PC | User Name: grizzard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Easy Media Player\emp.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9B8AE087-A660-4310-813B-C410ECC496AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2D74D8B-C7B6-4DD8-A7AD-828E1D7E1A5C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EB7285-E235-44E8-A857-32263F92C16A}" = protocol=6 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zs6863.tmp\symnrt.exe |
"{24DAB1C3-F433-427B-9F7C-D7AD19A2066F}" = protocol=6 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zsa2a5.tmp\symnrt.exe |
"{8D99A979-8752-4753-9BBE-99A86A33D327}" = protocol=17 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zs421e.tmp\symnrt.exe |
"{8DD9E9FB-1382-4A61-8987-2525B3FEB9A1}" = protocol=6 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zs421e.tmp\symnrt.exe |
"{C70103E6-0437-4036-BF6A-71C4E96FD331}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{D21669B0-7E72-4ACC-A19F-0CF9B9E3230D}" = protocol=17 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zs6863.tmp\symnrt.exe |
"{E0C2C1C6-8446-4A60-90AC-4A3C5C5892A9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E5810F00-CBCA-4C3D-AFC9-FC0D4B29C731}" = protocol=17 | dir=in | app=c:\users\grizzard\appdata\local\temp\7zsa2a5.tmp\symnrt.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NortonPCCheckup" = Toshiba Laptop Checkup
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/15/2012 1:05:20 AM | Computer Name = WIN-N0QC1PE6L2R | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 6/15/2012 1:05:20 AM | Computer Name = WIN-N0QC1PE6L2R | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 6/15/2012 1:07:55 AM | Computer Name = grizzard-PC | Source = Google Update | ID = 20
Description =

Error - 6/14/2012 11:09:11 PM | Computer Name = grizzard-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1533
Description = Windows cannot delete the profile directory C:\Users\Administrator.
This error may be caused by files in this directory being used by another program.
DETAIL - The directory is not empty.

Error - 6/14/2012 11:20:40 PM | Computer Name = grizzard-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Toshiba App Place' could not be shut down.

[ System Events ]
Error - 6/15/2012 2:29:28 AM | Computer Name = grizzard-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 6/15/2012 2:47:38 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7031
Description = The Intel® Management and Security Application Local Management
Service service terminated unexpectedly. It has done this 1 time(s). The following
corrective action will be taken in 10000 milliseconds: Restart the service.

Error - 6/15/2012 2:47:38 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7031
Description = The Common Client Job Manager Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 6/15/2012 3:09:18 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 6/15/2012 3:10:21 AM | Computer Name = grizzard-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 6/15/2012 3:10:43 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 6/15/2012 3:11:20 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 6/15/2012 3:31:47 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7031
Description = The Common Client Job Manager Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 6/15/2012 3:32:05 AM | Computer Name = grizzard-PC | Source = DCOM | ID = 10010
Description =

Error - 6/15/2012 3:36:21 AM | Computer Name = grizzard-PC | Source = Service Control Manager | ID = 7031
Description = The Common Client Job Manager Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.


< End of report >
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets first remove Norton

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2010/01/28 19:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
    SRV - [2009/08/24 17:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
    [2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64
    [2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
    [2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
    [2012/06/14 23:46:13 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200030.0C6
    [2012/06/14 23:46:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


Once done we then need to determine which driver is causing the slow down

Restart MSConfig and select half of the disabled services and reboot

Is the problem still present ?

If Yes then deselect half of the services that you resumed and reboot

If no then select half of the remaining services and reboot

The intention here is to isolate the one service/driver that is causing the problem
  • 0

#18
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
I UNCHECKED the first 1/2 of the STOPPED boxes, things got REAL slow. Went back, REchecked the boxes, & UNCHECKED 2nd 1/2, then had issues connecting to the local WiFi, selected to let pc correct itself, but real sluggish. I went back & put checks back in boxes, & let system restart itself again.

I was thinking, MAYBE since there are so many programs that Toshiba, etc... adds, that MAYBE, it would help to figure out which programs I don't need, which is pretty simple, probably 1/2 of them, there's just some that are a BIG :confused:. I snipped & copied my programs list, & UNINSTALLING won't break my heart.

I just need my pc to be as bare as possible, pictures, etc... I keep on stick, & important favorites I email myself the links. I do Explorer, FireFox, this, facebook, fb games, YouTube, Ebay, later I'll add my camera & office software.

Not a BIG fan of mass produced pc's, but my pc lil pc builder grew up, & is busy now learning to fix planes :thumbsup: so mom's forced to use a Wally world pc :) I really miss my homemade pc & win98se, I had a basic list :)



TY Penny

Edited by penelopepony, 16 June 2012 - 01:58 PM.

  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We will look at the removals in a bit

I UNCHECKED the first 1/2 of the STOPPED boxes, things got REAL slow

what I need you to do now is uncheck the first quarter of the boxes and reboot is it still slow ?
If it is OK then check them again and on the second quarter of the boxes uncheck half reboot, if it is slow then check half of the unchecked boxes.

The idea here is to narrow it down to the one that is causing the problem by a process of elimination
  • 0

#20
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
:confused: Ok, I did as you ask, and I actually broke it down to just unchecking each box screen area, 13 differnet screens, had a couple that were slow, then had one screen area that the pc had trouble shooting issues going online, sluggish typing, etc... Then I went back to bad area, split in 1/2, and ea. 1/2 worked, then I added it to a sluggish area, NOW I'm thinking alot of the problem is my fickle WiFi connection :confused: Then I went back to ALL boxes checked, and as usual at night around here, the WiFi & pc are both working really pretty good, NOW tomorrow @ noon, might be a different story.

Motel WiFi stuff is pretty questionable to me. Actually if I wanted to be a jerk, the new people took over let the former owner do their pc stuff, it blows my mind that they have the printer on WiFi.

I'm open to any suggestions.
  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Then I went back to ALL boxes checked, and as usual at night around here, the WiFi & pc are both working really pretty good, NOW

OK that would then suggest that the wi-fi is dragging to a crawl during the day as more people are using it

There is a little programme, amusingly called PC-Decrapifier:lol:

Nothing will be removed before you approve.
You'll be shown a checklist of recommendations first.
You can even find out the top applications others remove.


I have used this a few times and to date has proved usefull

If you could use that then give me a fresh OTL scan I will then have a look see at the starting programmes and we will then stop the uneccesary ones from running
  • 0

#22
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
That was my ONLY computer I had to try to get a job on. I would like a second opinion, as after I bragged on things, I rebooted my pc, and all I got was a black screen.

I used the 4 disk that were suppose to help I thought, they did not help, so I'm guessing what ever Toshiba had me do, might have saved files, but it was not a BOOT DISK.

My pc is asking for a BOOT DISk, & I'm thinking next time before you tell someone "NOTHING JUMPS OUT A YOU," you look for NORTON & files that come w/new computers.

I now have 1 hr a day at a library 5 miles away from my house, & a computer I DESPERATLY needed to be able to use, NO CHANCE to make rent, etc....

I now with in 50 min need a boot disk for my pc.

Sorry, my happy has gone south.
  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
At what stage did you get a black screen ?
  • 0

#24
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
Essexboy
Please forgive the interruption but may I ask penelopepony - Is this topic you have just started in the Windows 7 and Vista forum
http://www.geekstogo...rom-another-pc/

concerning the same computer, as is being worked on here with my good colleague Essexboy.

If so and Essexboy agrees I will close the other topic in Windows 7 forum until this one is completed, and if assistance is then still required.
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem Mac, I need to determine at which stage this problem appeared
  • 1

Advertisements


#26
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
After I re-checked all the boxes, rebooted, and All the Nightmare opened up.

Intell..........
For Atheros PCIE Ethernet............
Check Cable Connection

I've been scrambling with my USB that has ALL my pictures, etc.... on it to try to get something off the internet. I used my 4 so called dvd's that Toshiba said to make, NOTHING... Library isn't no help, DVD part that had DVD r/rw isn't showing, can't get files over. I do have floppy's back @ the room & blanks, & some cd's. but some of the pc's here don't have cd' burners, & I'm just no good with them anyways I guess. I'm just in a mess. Worst came to worst & I couldn't have found a job I had this to pawn, now nothing.

TY

Penny
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I thought you had rebooted after rechecking all the boxes here Post 20 and rebooted with no problem ?

Is the exact wording check cable connection .. Followed by no boot disc
  • 0

#28
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts

I would like a second opinion


I'm thinking next time before you tell someone "NOTHING JUMPS OUT A YOU," you look for NORTON & files that come w/new computers.


penelopepony

I have closed your topic in Windows7 forum I now realise from reading your comments above that it is the same conmputer.

I have closed it for your safeguards, advice there may well not, sit easily with analysis being conducted here.



  • 0

#29
penelopepony

penelopepony

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 113 posts
Yes, this morning turned it on/reboot, what ever, :) I just can't believe the luck I'm having, My time has run out here @ the library, just the the min warning.

This is TOTALLY CRAZY.... I was joking when I said tomorrow @ noon might b another world, & man did I call it :(

I'll b back tomorrow, maybe, depending how pissed my ride is over this mess @ me. :(

Penny
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One thing we will need to check is that the BIOS is set to boot from the Hard drive and not a network... Did you try do a factory restore ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP