Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

MSASCUI.exe virus (Windows Defender) - already formatted and reinstall


  • Please log in to reply

#1
betagamma1051

betagamma1051

    New Member

  • Member
  • Pip
  • 7 posts
copied from Windows Vista and Windows 7 forum (http://www.geekstogo...sta-twice-help/)

I woke up a couple mornings ago and my AVG was turned off for no apparent reason. I would get an error message for every program I would try to run (AVG, Firefox, etc) so I rebooted and got the MSASCUI.exe - Bad Image (Windows Defender) pop up. Uninstalled and reinstalled Firefox and it started working. AVG wouldn't reinstall. Downloaded Microsoft Security Essentials. Windows Update stopped working. Ran every scan and repair in the book and nothing worked. (no Malware found) finally connected with Dell chat and they pretty much told me I have a bad virus and I would need to reinstall windows. Got my Vista disk 2 days later and reformatted and reinstalled. Everything was going fairly well until I downloaded service pack 2 and then got errors for Firefox and iTunes and pretty much everything wasn't working the way it should. Today formatted C: and D: again and reinstalled Vista (this time did not download any other programs - iTunes, Firefox, etc) and everything was going great until I installed service pack 2. Now windows update won't work and the laptop is at such a crawling slow speed that I can't even use it. I'm lost and I don't know what more I can do or why nothing is working even after formatting and reinstalling twice. How deep can the problem be? I'm willing to try anything and I don't care about losing anything because it's all already been lost. My hardware is still under warranty with Dell for another 6 months. Also The problem is with a Dell Inspiron 1525 running Vista Home Basic. Thank you and any answers would be greatly appreciated!!

--------------------------------------------------------------------------------
#2 rshaffer61


Group: Moderator Posts: 29,721 Joined: 28-February 09 Posted Today, 03:24 AM

I suspect that you have some malware on your computer causing issues that we are not able to solve through means we can use here in the Tech Forums. I suggest you read the 'Start Here' topic found HERE. With these self-help tools you have a high chance of fixing the problems on your own. If you are still having problems after following Step 3 of the guide, continue with Step 4 and 5 and post in the Malware Forum. If you are unable to run any programs, Please create a topic stating what you have tried so far and that you are unable to run any programs. Also, Please do NOT post the logs in this thread.

If you are still having issues after the malware expert gives you a clean bill of health, Please return to THIS thread and we will pursue other options to help you solve your current problem(s).
Add a link to this topic so that malware tech can see what steps have been taken here



OTL log:

OTL logfile created on: 7/29/2012 6:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Courtney\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 53.00% Memory free
4.21 Gb Paging File | 3.08 Gb Available in Paging File | 73.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.24 Gb Total Space | 80.20 Gb Free Space | 80.81% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.13% Space Free | Partition Type: NTFS

Computer Name: COURTNEY-PC | User Name: Courtney | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/29 06:40:45 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
PRC - [2012/07/28 09:31:57 | 000,830,048 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
PRC - [2012/07/28 09:31:56 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/07/28 09:18:07 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/28 09:31:58 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\SiteSafety.dll
MOD - [2012/07/28 09:31:56 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/07/28 09:31:55 | 002,086,496 | ---- | M] () -- C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - [2012/07/28 09:31:57 | 000,830,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe -- (vToolbarUpdater12.1.5)
SRV - [2012/07/28 09:18:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/07/28 09:32:00 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/05/23 01:03:28 | 000,047,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2009/07/10 06:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/11/05 23:20:24 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 15:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 15:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/01/20 21:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....pr&d=2012-07-28 09:32:01&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/28 09:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\12.1.0.21\ [2012/07/28 09:32:27 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O13 - gopher Prefix: missing
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD07B82-3BF9-4A2C-8901-C2657D355D09}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/29 07:15:13 | 000,000,000 | ---D | C] -- C:\45f0554b90515fa425f022826b2b
[2012/07/29 06:38:00 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
[2012/07/28 17:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/28 17:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/28 16:52:52 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\ElevatedDiagnostics
[2012/07/28 13:23:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/28 13:22:03 | 000,000,000 | ---D | C] -- C:\f2207438e767f2f480b712
[2012/07/28 13:09:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/07/28 13:09:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/07/28 13:09:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/07/28 12:56:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/07/28 12:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/07/28 12:37:57 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Macrovision
[2012/07/28 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Roxio
[2012/07/28 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/07/28 12:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/07/28 12:12:15 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2012/07/28 12:11:18 | 000,048,128 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2012/07/28 12:11:18 | 000,045,056 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2012/07/28 12:11:18 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2012/07/28 12:11:17 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/07/28 12:09:50 | 000,000,000 | ---D | C] -- C:\dell
[2012/07/28 12:06:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2012/07/28 12:06:36 | 000,000,000 | ---D | C] -- C:\Intel
[2012/07/28 12:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012/07/28 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2012/07/28 12:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2012/07/28 11:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012/07/28 11:56:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/07/28 11:56:06 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/07/28 11:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/07/28 11:55:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2012/07/28 11:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/07/28 11:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/07/28 11:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/07/28 11:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012/07/28 11:17:45 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Roxio Log Files
[2012/07/28 11:14:03 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\AVG
[2012/07/28 11:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/07/28 11:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/07/28 11:01:51 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/07/28 10:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/07/28 10:56:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/07/28 10:56:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/07/28 10:38:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/07/28 10:10:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2012/07/28 09:33:44 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\AVG2012
[2012/07/28 09:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/28 09:32:35 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\AVG Secure Search
[2012/07/28 09:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/07/28 09:32:00 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/07/28 09:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/07/28 09:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/07/28 09:28:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/07/28 09:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/07/28 09:28:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/07/28 09:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/07/28 09:21:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/07/28 09:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/07/28 09:18:09 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Macromedia
[2012/07/28 09:18:08 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Adobe
[2012/07/28 09:18:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/07/28 09:10:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2012/07/28 09:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/07/28 09:09:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Searches
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/07/28 09:04:05 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Identities
[2012/07/28 09:04:04 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Contacts
[2012/07/28 09:04:03 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\VirtualStore
[2012/07/28 09:03:58 | 000,000,000 | --SD | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Videos
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Saved Games
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Pictures
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Music
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Links
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Favorites
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Downloads
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Documents
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Desktop
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\Temporary Internet Files
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Templates
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Start Menu
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\SendTo
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Recent
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\PrintHood
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\NetHood
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Videos
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Pictures
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Music
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\My Documents
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Local Settings
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\History
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Cookies
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Application Data
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\Application Data
[2012/07/28 09:03:58 | 000,000,000 | -H-D | C] -- C:\Users\Courtney\AppData
[2012/07/28 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Temp
[2012/07/28 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Microsoft

========== Files - Modified Within 30 Days ==========

[2012/07/29 11:56:06 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/29 10:09:27 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/29 10:09:27 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/29 06:40:45 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
[2012/07/29 06:15:47 | 102,437,983 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/29 06:09:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/29 06:09:02 | 2134,958,080 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/28 20:35:34 | 000,000,680 | ---- | M] () -- C:\Users\Courtney\AppData\Local\d3d9caps.dat
[2012/07/28 20:28:54 | 000,001,606 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_202847.reg
[2012/07/28 18:33:24 | 000,000,470 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_183320.reg
[2012/07/28 18:11:35 | 000,007,328 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_181131.reg
[2012/07/28 17:33:07 | 000,007,468 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_173006.reg
[2012/07/28 17:02:49 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/28 13:49:54 | 000,599,826 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/28 13:49:54 | 000,103,294 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/28 13:15:44 | 000,000,943 | ---- | M] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/28 13:13:33 | 000,276,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/28 12:35:37 | 000,016,058 | ---- | M] () -- C:\Windows\System32\results.xml
[2012/07/28 12:01:44 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/07/28 11:56:08 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/07/28 11:13:36 | 000,000,935 | ---- | M] () -- C:\Users\Courtney\Desktop\AVG PC Tuneup 2011.lnk
[2012/07/28 11:00:22 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/07/28 09:32:49 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/28 09:32:00 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/29 06:15:47 | 102,437,983 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/28 20:37:37 | 2134,958,080 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/28 20:28:50 | 000,001,606 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_202847.reg
[2012/07/28 18:33:22 | 000,000,470 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_183320.reg
[2012/07/28 18:11:33 | 000,007,328 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_181131.reg
[2012/07/28 17:32:51 | 000,007,468 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_173006.reg
[2012/07/28 17:02:47 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/28 12:50:44 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/07/28 12:50:42 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/07/28 12:50:37 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/07/28 12:50:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/07/28 12:50:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/07/28 12:50:34 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/07/28 12:50:28 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/07/28 12:50:14 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/07/28 12:50:12 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/07/28 12:49:42 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/07/28 12:49:34 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/07/28 12:35:37 | 000,016,058 | ---- | C] () -- C:\Windows\System32\results.xml
[2012/07/28 12:35:13 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012/07/28 12:35:13 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2012/07/28 12:01:41 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/07/28 11:56:08 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012/07/28 11:56:07 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2012/07/28 11:55:49 | 000,000,022 | RH-- | C] () -- C:\Windows\dell_version
[2012/07/28 11:13:36 | 000,000,935 | ---- | C] () -- C:\Users\Courtney\Desktop\AVG PC Tuneup 2011.lnk
[2012/07/28 10:04:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/07/28 10:04:33 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/07/28 09:34:20 | 000,081,408 | ---- | C] () -- C:\Windows\System32\wevtfwd.dll
[2012/07/28 09:34:18 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/07/28 09:34:18 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/07/28 09:34:18 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/07/28 09:32:49 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/28 09:26:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/07/28 09:18:08 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/28 09:11:38 | 000,000,943 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/28 09:04:13 | 000,000,949 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/07/28 09:04:12 | 000,000,944 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/07/28 09:04:04 | 000,000,915 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/07/28 09:04:00 | 000,000,680 | ---- | C] () -- C:\Users\Courtney\AppData\Local\d3d9caps.dat
[2012/07/28 09:03:58 | 000,000,258 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/07/28 09:03:58 | 000,000,240 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== LOP Check ==========

[2012/07/28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\AVG
[2012/07/28 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\AVG2012
[2012/07/28 20:56:16 | 000,010,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

OTL Extras Log:

OTL Extras logfile created on: 7/29/2012 6:42:11 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Courtney\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 53.00% Memory free
4.21 Gb Paging File | 3.08 Gb Available in Paging File | 73.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.24 Gb Total Space | 80.20 Gb Free Space | 80.81% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.13% Space Free | Partition Type: NTFS

Computer Name: COURTNEY-PC | User Name: Courtney | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B6457B1-D163-42B2-BE5B-D08A5DDC3E60}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{335C9966-7AF6-4CC1-99DE-8AD5E21E43B5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{4166A997-687F-4DB4-910C-9FF26E295D67}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{792B4702-14C9-45F6-A029-01B08CA0EB8F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{7A739C17-EF0A-4896-913D-9C778C63FE10}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{8091F78F-3132-4FD9-86EE-02E162CA7B27}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{C57FF3B7-610F-4E74-BD36-53553EF9CBDC}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{F64D8E27-BE4A-405E-8FC7-25200C543087}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2012
"CCleaner" = CCleaner
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"TVWiz" = Intel® TV Wizard

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/29/2012 7:10:33 AM | Computer Name = Courtney-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/29/2012 7:31:41 AM | Computer Name = Courtney-PC | Source = Application Error | ID = 1000
Description = Faulting application RacAgent.exe, version 6.0.6001.18000, time stamp
0x47918c14, faulting module RacEngn.dll, version 6.0.6002.18005, time stamp 0x49e037d8,
exception code 0xc0000006, fault offset 0x000647aa, process id 0xf38, application
start time 0x01cd6d7cc119e130.

Error - 7/29/2012 7:31:45 AM | Computer Name = Courtney-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\RacEngn.dll for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Reliability analysis metrics
calculation executable because of this error. Program: Reliability analysis metrics
calculation executable File: C:\Windows\System32\RacEngn.dll The error value is listed
in the Additional Data section. User Action 1. Open the file again. This situation
might be a temporary problem that corrects itself when the program runs again. 2.
If the file still cannot be accessed and - It is on the network, your network administrator
should verify that there is not a problem with the network and that the server
can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM,
verify that the disk is fully inserted into the computer. 3. Check and repair the
file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD,
and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4.
If the problem persists, restore the file from a backup copy. 5. Determine whether
other files on the same disk can be opened. If not, the disk might be damaged.
If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance. Additional Data Error value: C0000185 Disk type: 3

Error - 7/29/2012 7:31:52 AM | Computer Name = Courtney-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/29/2012 7:31:52 AM | Computer Name = Courtney-PC | Source = Application Error | ID = 1000
Description = Faulting application mscorsvw.exe, version 4.0.30319.1, time stamp
0x4ba1da21, faulting module clr.dll, version 4.0.30319.1, time stamp 0x4ba1d9ef,
exception code 0x80131506, fault offset 0x001e1ab7, process id 0x0% 0% , application
start time 0x0% 0% .

Error - 7/29/2012 7:52:25 AM | Computer Name = Courtney-PC | Source = System Restore | ID = 8193
Description =

Error - 7/29/2012 8:03:15 AM | Computer Name = Courtney-PC | Source = VSS | ID = 12298
Description =

Error - 7/29/2012 8:04:47 AM | Computer Name = Courtney-PC | Source = System Restore | ID = 8193
Description =

Error - 7/29/2012 9:25:10 AM | Computer Name = Courtney-PC | Source = MsiInstaller | ID = 11921
Description =

Error - 7/29/2012 9:58:23 AM | Computer Name = Courtney-PC | Source = MsiInstaller | ID = 1023
Description =

[ System Events ]
Error - 7/29/2012 11:37:03 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 11:51:32 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 11:51:32 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 11:51:32 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 11:51:32 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 12:19:35 PM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 12:19:35 PM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 12:19:35 PM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 12:19:35 PM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 7/29/2012 12:19:38 PM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.


< End of report >


To give you an idea of how slow the computer is running, it took about 6 hours to open Internet Explorer, get to the forum, download OTL, and run the scan. Incredibly slow. Please help!
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
I'd say this is your culprit rather than malware:

Error - 7/29/2012 11:37:03 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.


Sometimes a disk check will help, but the hard drive may be failing or the Motherboard may have a problem or a cable may be bad:

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
betagamma1051

betagamma1051

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
SIGVERIF LOG (all of the things listed were from 2009, none newer or older...I didn't know which ones to post, so here's the whole list)

hccutils.dll
hkcmd.exe
ig4dev32.dll
ig4icd32.dll
igd10umd32.dll
igdumd32.dll
igdumdx32.dll
igfxcfg.exe
igfxcoin_v1930.dll
igfxcl.cpl
igfxdev.dll
igfxdo.dll
igfxexps.dell
igfxext.exe
igfxpers.exe
igfxpph.dll
igfxrara.lrc
igfxrchs.lrc
igfxrcht.lrc
igfxrcsy.lrc
igfxrdan.lrc
igfxrdeu.lrc
igfxrell.lrc
igfxrenu.lrc
igfxresp.lrc
igfxress.dll
igfxrfin.lrc
igfxfra.lrc
igfxpph.dll
igfxrara.lrc
igfxrchs.lrc
igfxrcht.lrc
igfxrcsy.lrc
igfxrdan.lrc
igfxrdeu.lrc
igfxrell.lrc
igfxrenu.lrc
igfxresp.lrc
igfxress.dll
igfxrfin.lrc
igfxrfra.lrc
igfxrheb.lrc
igfxrhun.lrc
igfxrita.lrc
igfxrjpn.lrc
igfxrkor.lrc
igfxnld.lrc
igfxrnor.lrc
igfxrplk.lrc
igfxrptb.lrc
igfxrptg.lrc
igfxrrus.lrc
igfxrsky.lrc
igfxrslv.lrc
igfxrsve.lrc
igfxrtha.lrc
igfxrtrk.lrc
igfxsrvc.dll
igfxsrvc.exe
igfxtmm.dll
igfxtray.exe
igkrng400.bin
iglhxa32.cpa
iglhxa32.vp
iglhxc32.vp
iglhxg32.vp
iglhxo32.vp
iglhxs32.vp
oemdspif.dll
tvwsetup.exe
igdkmd32.sys


OUTPUT LOG
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 31/07/2012 7:07:13 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/07/2012 11:34:50 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 31/07/2012 11:34:50 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Log: 'System' Date/Time: 31/07/2012 11:34:50 AM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 31/07/2012 11:33:58 AM
Type: Error Category: 0
Event: 4375 Source: Microsoft-Windows-Servicing
Windows Servicing failed to complete the process of setting package KB2644615 (Security Update) into Resolved(Resolved) state

Log: 'System' Date/Time: 31/07/2012 11:33:58 AM
Type: Error Category: 0
Event: 4375 Source: Microsoft-Windows-Servicing
Windows Servicing failed to complete the process of setting package KB2644615 (Security Update) into Resolved(Resolved) state

Log: 'System' Date/Time: 31/07/2012 11:33:58 AM
Type: Error Category: 0
Event: 4375 Source: Microsoft-Windows-Servicing
Windows Servicing failed to complete the process of setting package KB2644615 (Security Update) into Resolved(Resolved) state

Log: 'System' Date/Time: 31/07/2012 11:33:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:33:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:33:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:19:46 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:14:24 AM
Type: Error Category: 0
Event: 14 Source: volsnap
The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 11:13:53 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort1.

Log: 'System' Date/Time: 31/07/2012 6:12:14 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/07/2012 10:36:18 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Appears this is a hardware problem:

The driver detected a controller error on \Device\Ide\IdePort1.


The shadow copies of volume C: were aborted because of an IO failure on volume C:.


Could be failing hard drive, bad motherboard or bad cable.

Let's find out a bit more about your PC:

First what make and model is this. Also the Service tag if it has one.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

#5
betagamma1051

betagamma1051

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Make: Dell
Model: Inspiron 1525
Service Tag: 71T1JF1

Speccy Log:
Summary
Operating System
MS Windows Vista Home Basic 32-bit SP2
CPU
Intel Mobile Core 2 Duo T7250 @ 2.00GHz 47 C
Merom 65nm Technology
RAM
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Motherboard
Dell Inc. 58 C
Graphics
Generic PnP Monitor ([email protected])
Mobile Intel® 965 Express Chipset Family
Mobile Intel® 965 Express Chipset Family
Hard Drives
112GB TOSHIBA TOSHIBA MK1251GSY ATA Device (SATA) 26 C
Optical Drives
TSSTcorp DVD+-RW TS-L632H ATA Device
Audio
High Definition Audio Device
Operating System
MS Windows Vista Home Basic 32-bit SP2
Computer type: Portable
Installation Date: 28 July 2012, 11:00
Serial Number:
Windows Security Center
User Account Control (UAC) Enabled
Notify level 3 - Always Notify
Firewall Disabled
Antivirus Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Disabled
Environment Variables
USERPROFILE C:\Users\Courtney
SystemRoot C:\Windows
User Variables
TEMP C:\Users\Courtney\AppData\Local\Temp
TMP C:\Users\Courtney\AppData\Local\Temp
_settings_result 0
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\System32\Wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
C:\Program Files\Common Files\Roxio Shared\OEM\DLLShared\
C:\Program Files\Common Files\Roxio Shared\OEM\DLLShared\
C:\Program Files\Common Files\Roxio Shared\OEM\12.0\DLLShared\
C:\Program Files\Roxio\OEM\AudioCore\
C:\Program Files\Common Files\Roxio Shared\DLLShared\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_REVISION 0f0d
NUMBER_OF_PROCESSORS 2
TRACE_FORMAT_SEARCH_PATH \\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
DFSTRACINGON FALSE
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
EMC_AUTOPLAY C:\Program Files\Common Files\Roxio Shared\OEM\
RCAUTOPLAY C:\Program Files\Roxio\OEM\Roxio Central 5\
BURN_AUTOPLAY C:\Program Files\Roxio\OEM\Roxio Burn\
Battery
AC line Online
Battery full time Unknown
Battery Charge % 100 %
Battery State High
Amount of time remaining (sec) Unknown
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Power Shutdown Enabled
Power Suspend Enabled
Turn Off Monitor after: (On AC Power) 20 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) Never
Turn Off Hard Disk after: (On Battery Power) 10 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 5 min
Screen saver Disabled
Uptime
Current Session
Current Time 01/08/2012 7:02:43 AM
Current Uptime 1287 sec (0 d, 00 h, 21 m, 27 s)
Last Boot Time 01/08/2012 6:41:16 AM
Last ShutDown Time 31/07/2012 7:08:26 AM
Uptime Statistics
First Boot Time 31/07/2012 1:11:52 AM
First Shutdown Time 30/07/2012 5:36:17 PM
Total Uptime 22600 sec (0 d, 06 h, 16 m, 40 s)
Total Downtime 27392 sec (0 d, 07 h, 36 m, 32 s)
Longest Uptime 21394 sec (0 d, 05 h, 56 m, 34 s)
Longest Downtime 27335 sec (0 d, 07 h, 35 m, 35 s)
Total Reboots 2
System Availability 45.21%
TimeZone
TimeZone GMT -6 Hours
Language English
Country United States
Currency $
Date Format dd/MM/yyyy
Time Format h:mm:ss tt
Scheduler
01/08/2012 7:56 AM; Adobe Flash Player Updater
CCleanerSkipUAC
Process List
armsvc.exe
Process ID 2084
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 2.91 MB
Peak Memory Usage 3.37 MB
audiodg.exe
Process ID 1432
avgcsrvx.exe
Process ID 480
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgcsrvx.exe
Memory Usage 41 MB
Peak Memory Usage 50 MB
avgcsrvx.exe
Process ID 3716
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgcsrvx.exe
Memory Usage 7.25 MB
Peak Memory Usage 42 MB
avgemcx.exe
Process ID 2912
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgemcx.exe
Memory Usage 4.58 MB
Peak Memory Usage 6.98 MB
avgfws.exe
Process ID 2116
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgfws.exe
Memory Usage 29 MB
Peak Memory Usage 37 MB
avgidsagent.exe
Process ID 2724
avgmfapx.exe
Process ID 1120
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgmfapx.exe
Memory Usage 16 MB
Peak Memory Usage 21 MB
avgnsx.exe
Process ID 2904
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVG\AVG2012\avgnsx.exe
Memory Usage 4.11 MB
Peak Memory Usage 11 MB
avgrsx.exe
Process ID 444
User SYSTEM
Domain NT AUTHORITY
Path C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
Memory Usage 3.70 MB
Peak Memory Usage 13 MB
avgtray.exe
Process ID 692
avgwdsvc.exe
Process ID 2144
csrss.exe
Process ID 760
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 10 MB
Peak Memory Usage 15 MB
csrss.exe
Process ID 700
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.69 MB
Peak Memory Usage 11 MB
dwm.exe
Process ID 1796
User Courtney
Domain Courtney-PC
Path C:\Windows\system32\Dwm.exe
Memory Usage 36 MB
Peak Memory Usage 42 MB
explorer.exe
Process ID 1964
User Courtney
Domain Courtney-PC
Path C:\Windows\Explorer.EXE
Memory Usage 31 MB
Peak Memory Usage 50 MB
firefox.exe
Process ID 4952
User Courtney
Domain Courtney-PC
Path C:\Program Files\Mozilla Firefox\firefox.exe
Memory Usage 153 MB
Peak Memory Usage 190 MB
hkcmd.exe
Process ID 2040
User Courtney
Domain Courtney-PC
Path C:\Windows\System32\hkcmd.exe
Memory Usage 3.77 MB
Peak Memory Usage 4.64 MB
igfxpers.exe
Process ID 1632
User Courtney
Domain Courtney-PC
Path C:\Windows\System32\igfxpers.exe
Memory Usage 4.19 MB
Peak Memory Usage 4.36 MB
igfxsrvc.exe
Process ID 1852
User Courtney
Domain Courtney-PC
Path C:\Windows\system32\igfxsrvc.exe
Memory Usage 4.82 MB
Peak Memory Usage 4.94 MB
igfxtray.exe
Process ID 264
User Courtney
Domain Courtney-PC
Path C:\Windows\System32\igfxtray.exe
Memory Usage 4.02 MB
Peak Memory Usage 4.52 MB
lsass.exe
Process ID 804
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 2.24 MB
Peak Memory Usage 8.09 MB
lsm.exe
Process ID 816
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 3.23 MB
Peak Memory Usage 3.78 MB
roxioburnlauncher.exe
Process ID 440
User Courtney
Domain Courtney-PC
Path C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
Memory Usage 6.24 MB
Peak Memory Usage 11 MB
searchfilterhost.exe
Process ID 3344
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.15 MB
Peak Memory Usage 7.15 MB
searchindexer.exe
Process ID 2612
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 14 MB
Peak Memory Usage 15 MB
searchprotocolhost.exe
Process ID 3900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 9.02 MB
Peak Memory Usage 9.02 MB
services.exe
Process ID 792
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 6.07 MB
Peak Memory Usage 6.57 MB
slsvc.exe
Process ID 1476
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 3.34 MB
Peak Memory Usage 15 MB
smss.exe
Process ID 408
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 592 KB
Peak Memory Usage 760 KB
speccy.exe
Process ID 1644
User Courtney
Domain Courtney-PC
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
spoolsv.exe
Process ID 308
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 8.40 MB
Peak Memory Usage 8.52 MB
svchost.exe
Process ID 2580
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 1.80 MB
Peak Memory Usage 1.99 MB
svchost.exe
Process ID 1308
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 70 MB
Peak Memory Usage 98 MB
svchost.exe
Process ID 1352
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 45 MB
Peak Memory Usage 368 MB
svchost.exe
Process ID 1460
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.02 MB
Peak Memory Usage 4.64 MB
svchost.exe
Process ID 1556
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.99 MB
Peak Memory Usage 9.05 MB
svchost.exe
Process ID 1836
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 2308
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.33 MB
Peak Memory Usage 8.33 MB
svchost.exe
Process ID 328
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 36 MB
svchost.exe
Process ID 1264
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 1068
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.56 MB
Peak Memory Usage 5.93 MB
svchost.exe
Process ID 1128
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.53 MB
Peak Memory Usage 6.10 MB
svchost.exe
Process ID 2256
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.66 MB
Peak Memory Usage 4.44 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 3208
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 4.87 MB
Peak Memory Usage 5.25 MB
taskeng.exe
Process ID 4764
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 3.81 MB
Peak Memory Usage 3.87 MB
taskeng.exe
Process ID 424
User Courtney
Domain Courtney-PC
Path C:\Windows\system32\taskeng.exe
Memory Usage 8.44 MB
Peak Memory Usage 11 MB
toolbarupdater.exe
Process ID 2504
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
Memory Usage 6.53 MB
Peak Memory Usage 7.06 MB
vprot.exe
Process ID 1244
User Courtney
Domain Courtney-PC
Path C:\Program Files\AVG Secure Search\vprot.exe
Memory Usage 8.78 MB
Peak Memory Usage 17 MB
wininit.exe
Process ID 748
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 3.23 MB
Peak Memory Usage 3.96 MB
winlogon.exe
Process ID 960
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 4.65 MB
Peak Memory Usage 6.50 MB
wmiprvse.exe
Process ID 900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 5.30 MB
Peak Memory Usage 5.47 MB
wmiprvse.exe
Process ID 2776
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 7.52 MB
Peak Memory Usage 7.55 MB
wsqmcons.exe
Process ID 4544
User Courtney
Domain Courtney-PC
Path C:\Windows\System32\wsqmcons.exe
Memory Usage 4.18 MB
Peak Memory Usage 4.18 MB
Hotfixes
31/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
31/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows (KB2644615)
Fix for KB2644615
30/07/2012 Security Update for Windows (KB2644615)
Fix for KB2644615
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
30/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
29/07/2012 Security Update for Windows (KB2644615)
Fix for KB2644615
29/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
29/07/2012 Security Update for Windows (KB2644615)
Fix for KB2644615
29/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
29/07/2012 Security Update for Windows Vista (KB2644615)
A security issue has been identified that could allow an attacker
to break or bypass a security feature in the affected software.
You can help protect your system by installing this update from
Microsoft. After you install this update, you may have to restart
your system.
System Folders
Path for burning CD C:\Users\Courtney\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\Courtney\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Courtney\Desktop
Physical Desktop C:\Users\Courtney\Desktop
User Favorites C:\Users\Courtney\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\Courtney\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\Courtney\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\Courtney\AppData\Local
Windows directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Disabled
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on Not Defined
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 14 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of credentials or .NET Passports for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously netlogon,lsarpc,samr,browser
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Send NTLMv2 response only
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Not Defined
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Services
Running Adobe Acrobat Update Service
Running Application Experience
Running Application Information
Running AVG Firewall
Running AVG WatchDog
Running AVGIDSAgent
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Group Policy Client
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running User Profile Service
Running vToolbarUpdater12.1.5
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Stopped Adobe Flash Player Update Service
Stopped Application Layer Gateway Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped Function Discovery Provider Host
Stopped Function Discovery Resource Publication
Stopped Health Key and Certificate Management
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft Automated Troubleshooting Service
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Mozilla Maintenance Service
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Roxio Hard Drive Watcher 12
Stopped RoxMediaDB12OEM
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped stllssvr
Stopped Terminal Services Configuration
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Event Collector
Stopped Windows Image Acquisition (WIA)
Stopped Windows Installer
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
Intel® Core™2 Duo CPU T7250 @ 2.00GHz
Intel® Core™2 Duo CPU T7250 @ 2.00GHz
ACPI Thermal Zone
System board
ACPI Lid
ACPI Power Button
ACPI Sleep Button
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Direct Application Launch Button
Microsoft Windows Management Interface for ACPI
PCI bus
PCI standard host CPU bridge
Mobile Intel® 965 Express Chipset Family
Intel® ICH8 Family PCI Express Root Port 5 - 2847
Intel® ICH8 Family SMBus Controller - 283E
System board
System board
Mobile Intel® 965 Express Chipset Family
Generic PnP Monitor
Intel® ICH8 Family USB Universal Host Controller - 2834
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2835
USB Root Hub
Intel® ICH8 Family USB2 Enhanced Host Controller - 283A
USB Root Hub
High Definition Audio Controller
In-Build Conexant Type 2 modem
Intel® High Definition Audio HDMI
High Definition Audio Device
Intel® ICH8 Family PCI Express Root Port 1 - 283F
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Intel® ICH8 Family PCI Express Root Port 2 - 2841
Intel® PRO/Wireless 3945ABG Network Connection
Intel® ICH8 Family USB Universal Host Controller - 2830
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2831
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2832
USB Root Hub
Intel® ICH8 Family USB2 Enhanced Host Controller - 2836
USB Root Hub
Intel® 82801 PCI Bridge - 2448
RICOH OHCI Compliant IEEE 1394 Host Controller
SDA Standard Compliant SD Host Controller
Ricoh SD/MMC Host Controller
Ricoh Memory Stick Controller
Ricoh xD-Picture Card Controller
Intel® ICH8M-E LPC Interface Controller - 2815
Motherboard resources
PS/2 Compatible Mouse
Standard PS/2 Keyboard
System CMOS/real time clock
System timer
System speaker
System board
Programmable interrupt controller
Direct memory access controller
Numeric data processor
High precision event timer
Intel® ICH8M Ultra ATA Storage Controllers - 2850
IDE Channel
TSSTcorp DVD+-RW TS-L632H ATA Device
Standard AHCI 1.0 Serial ATA Controller
IDE Channel
IDE Channel
TOSHIBA MK1251GSY ATA Device
CPU
Intel Mobile Core 2 Duo T7250
Cores 2
Threads 2
Name Intel Mobile Core 2 Duo T7250
Code Name Merom
Package Socket P (478)
Technology 65nm
Specification Intel® Core™2 Duo CPU T7250 @ 2.00GHz
Family 6
Extended Family 6
Model F
Extended Model F
Stepping D
Revision M0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, Intel 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Stock Core Speed 2000 MHz
Stock Bus Speed 200 MHz
Average Temperature 47 C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2048 KBytes
Core 0
Core Speed 1995.1 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Temperature 47 C
Thread 1
APIC ID 0
Core 1
Core Speed 1596.1 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 798.0 MHz
Temperature 47 C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 332.5 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Physical Memory
Memory Usage 53 %
Total Physical 1.99 GB
Available Physical 957 MB
Total Virtual 4.21 GB
Available Virtual 3.01 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Nanya Technology
Max Bandwidth PC2-5300 (333 MHz)
Part Number NT1GT64U8HB0BN-3C
Serial Number E84E290C
Week/year 47 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Nanya Technology
Max Bandwidth PC2-5300 (333 MHz)
Part Number NT1GT64U8HB0BN-3C
Serial Number DB4E290C
Week/year 47 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Chipset Vendor Intel
Chipset Model GM965
Chipset Revision C0
Southbridge Vendor Intel
Southbridge Model 82801HBM (ICH8-ME)
Southbridge Revision B0
System Temperature 58 C
BIOS
Brand Dell Inc.
Version A17
Date 10/27/2009
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width 32 bit
Slot Designation PCMCIA 0
Slot Number 0
Graphics
Monitor
Name Generic PnP Monitor on Mobile Intel 965 Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x770 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Mobile Intel® 965 Express Chipset Family
Memory 448 MB
Memory type 2
Driver version 8.14.10.1930
Mobile Intel® 965 Express Chipset Family
Memory type 2
Driver version 8.14.10.1930
OpenGL
Version 2.0.0 - Build 8.14.10.1930
Vendor Intel
Renderer Intel 965/963 Graphics Media Accelerator
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 16
GL_MAX_TEXTURE_SIZE 2048
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_blend_color
GL_EXT_abgr
GL_EXT_texture3D
GL_EXT_clip_volume_hint
GL_EXT_compiled_vertex_array
GL_SGIS_texture_edge_clamp
GL_SGIS_generate_mipmap
GL_EXT_draw_range_elements
GL_SGIS_texture_lod
GL_EXT_rescale_normal
GL_EXT_packed_pixels
GL_EXT_separate_specular_color
GL_ARB_multitexture
GL_EXT_texture_env_combine
GL_EXT_bgra
GL_EXT_blend_func_separate
GL_EXT_secondary_color
GL_EXT_fog_coord
GL_EXT_texture_env_add
GL_ARB_texture_cube_map
GL_ARB_transpose_matrix
GL_ARB_texture_env_add
GL_IBM_texture_mirrored_repeat
GL_EXT_multi_draw_arrays
GL_NV_blend_square
GL_ARB_texture_compression
GL_3DFX_texture_compression_FXT1
GL_EXT_texture_filter_anisotropic
GL_ARB_texture_border_clamp
GL_ARB_point_parameters
GL_ARB_texture_env_combine
GL_ARB_texture_env_dot3
GL_ARB_texture_env_crossbar
GL_EXT_texture_compression_s3tc
GL_ARB_shadow
GL_ARB_window_pos
GL_EXT_shadow_funcs
GL_EXT_stencil_wrap
GL_ARB_vertex_program
GL_EXT_texture_rectangle
GL_ARB_fragment_program
GL_EXT_stencil_two_side
GL_ATI_separate_stencil
GL_ARB_vertex_buffer_object
GL_EXT_texture_lod_bias
GL_ARB_occlusion_query
GL_ARB_fragment_shader
GL_ARB_shader_objects
GL_ARB_shading_language_100
GL_ARB_texture_non_power_of_two
GL_ARB_vertex_shader
GL_NV_texgen_reflection
GL_ARB_point_sprite
GL_EXT_blend_equation_separate
GL_ARB_depth_texture
GL_ARB_texture_rectangle
GL_ARB_draw_buffers
GL_ARB_pixel_buffer_object
GL_WIN_swap_hint
GL_EXT_framebuffer_object
GL_EXT_bgra
Hard Drives
TOSHIBA MK1251GSY ATA Device
Manufacturer TOSHIBA
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number 982HT43UT
LBA Size 48-bit LBA
Power On Count 3235 times
Power On Time 30918.0 days
Features S.M.A.R.T., APM, AAM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 112GB
Real size 120,034,123,776 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 100 (098 worst) Data 0000000000
03 Spin-Up Time 100 (100) Data 000000085D
05 Reallocated Sectors Count 050 (050) Data 000000079B
09 Power-On Hours (POH) 070 (070) Data 00000B5291
0C Device Power Cycle Count 100 (100) Data 0000000CA3
BF G-sense error rate 100 (100) Data 00000000BC
C0 Power-off Retract Count 099 (099) Data 00000003A3
C1 Load/Unload Cycle Count 092 (092) Data 0000013EDB
C2 Temperature 100 (100) Data 0000070019
C7 UltraDMA CRC Error Count 100 (100) Data 0003DECC02
C8 Write Error Rate / Multi-Zone Error Rate 100 (100) Data 000E3978CE
F0 Head Flying Hours 088 (088) Data 00000469AB
F1 Total LBAs Written 100 (100) Data 002417A3EF
F2 Total LBAs Read 100 (100) Data 002BB0E411
FE Free Fall Protection 100 (100) Data 000000034D
Temperature 26 C
Temperature Range ok (less than 50 C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 47.0 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter D:
File System NTFS
Volume Serial Number 368F0838
Size 10.00GB
Used Space 89MB (1%)
Free Space 9.91GB (99%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter C:
File System NTFS
Volume Serial Number E859A192
Size 99GB
Used Space 19.7GB (20%)
Free Space 79GB (80%)
Partition 3
Partition ID Disk #0, Partition #3
Size 2.50 GB
Optical Drives
TSSTcorp DVD+-RW TS-L632H ATA Device
Media Type DVD Writer
Name TSSTcorp DVD+-RW TS-L632H ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 0
Status OK
Audio
Sound Cards
Intel® High Definition Audio HDMI
High Definition Audio Device
Playback Devices
Digital Output Device (SPDIF) (High Definition Audio Device)
Speakers (High Definition Audio Device) (default)
Recording Device
Microphone (High Definition Audio Device)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
PS/2 Compatible Mouse
Device Kind Mouse
Device Name PS/2 Compatible Mouse
Location plugged into PS/2 mouse port
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Printers
Microsoft XPS Document Writer (Default Printer)
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.1.102
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 68.105.28.12
Alternate DNS server 68.105.29.12
Alternate DNS server 68.105.28.11
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 98.184.186.230
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name COURTNEY-PC
DNS Name Courtney-PC
Domain Name Courtney-PC
Remote Desktop
Console
State Active
Domain Courtney-PC
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (linksys)
SSID linksys
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
Simple File Sharing Disabled
Administrative Shares Disabled
Adapters List
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Intel® PRO/Wireless 3945ABG Network Connection
IP Address 192.168.1.102
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
No network shares
Current TCP Connections
C:\Program Files\AVG Secure Search\vprot.exe (1244)
Local 192.168.1.102:49731 ESTABLISHED Remote 184.24.199.117:80 (Querying... ) (HTTP)
C:\Program Files\Mozilla Firefox\firefox.exe (4952)
Local 192.168.1.102:50048 ESTABLISHED Remote 174.76.226.65:80 (Querying... ) (HTTP)
Local 192.168.1.102:50062 ESTABLISHED Remote 174.76.226.48:80 (Querying... ) (HTTP)
Local 192.168.1.102:50063 ESTABLISHED Remote 174.76.226.56:80 (Querying... ) (HTTP)
Local 192.168.1.102:50065 ESTABLISHED Remote 98.174.28.128:80 (Querying... ) (HTTP)
Local 192.168.1.102:50066 ESTABLISHED Remote 98.174.28.128:80 (Querying... ) (HTTP)
Local 192.168.1.102:50073 ESTABLISHED Remote 173.194.79.95:80 (Querying... ) (HTTP)
Local 192.168.1.102:50074 ESTABLISHED Remote 173.194.79.95:80 (Querying... ) (HTTP)
Local 192.168.1.102:50075 ESTABLISHED Remote 174.76.226.9:80 (Querying... ) (HTTP)
Local 192.168.1.102:50077 ESTABLISHED Remote 173.194.79.95:80 (Querying... ) (HTTP)
Local 192.168.1.102:50078 ESTABLISHED Remote 74.125.224.164:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50079 ESTABLISHED Remote 74.125.224.167:80 (Querying... ) (HTTP)
Local 192.168.1.102:50080 ESTABLISHED Remote 74.125.224.166:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50082 ESTABLISHED Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.102:50083 ESTABLISHED Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.102:50085 ESTABLISHED Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.102:50086 ESTABLISHED Remote 74.54.247.132:80 (Querying... ) (HTTP)
Local 192.168.1.102:50087 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50088 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50089 ESTABLISHED Remote 74.125.239.25:80 (Querying... ) (HTTP)
Local 192.168.1.102:50090 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50091 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50092 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50093 ESTABLISHED Remote 216.137.43.208:80 (Querying... ) (HTTP)
Local 192.168.1.102:50094 ESTABLISHED Remote 184.24.204.20:80 (Querying... ) (HTTP)
Local 192.168.1.102:50095 ESTABLISHED Remote 184.24.207.144:80 (Querying... ) (HTTP)
Local 192.168.1.102:50096 ESTABLISHED Remote 184.24.207.139:80 (Querying... ) (HTTP)
Local 192.168.1.102:50098 ESTABLISHED Remote 184.24.207.144:80 (Querying... ) (HTTP)
Local 192.168.1.102:50099 ESTABLISHED Remote 74.125.224.237:80 (Querying... ) (HTTP)
Local 192.168.1.102:50100 ESTABLISHED Remote 184.24.207.144:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50101 ESTABLISHED Remote 174.76.226.9:80 (Querying... ) (HTTP)
Local 192.168.1.102:50102 ESTABLISHED Remote 184.24.207.144:80 (Querying... ) (HTTP)
Local 127.0.0.1:50019 ESTABLISHED Remote 127.0.0.1:50020 (Querying... )
Local 192.168.1.102:50106 ESTABLISHED Remote 184.24.207.144:80 (Querying... ) (HTTP)
Local 192.168.1.102:50107 ESTABLISHED Remote 74.125.224.237:80 (Querying... ) (HTTP)
Local 192.168.1.102:50108 ESTABLISHED Remote 74.125.227.147:80 (Querying... ) (HTTP)
Local 127.0.0.1:50020 ESTABLISHED Remote 127.0.0.1:50019 (Querying... )
Local 192.168.1.102:50111 ESTABLISHED Remote 74.125.224.237:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50043 ESTABLISHED Remote 74.125.224.187:80 (Querying... ) (HTTP)
Local 192.168.1.102:50113 ESTABLISHED Remote 216.191.247.139:80 (Querying... ) (HTTP)
Local 192.168.1.102:50114 ESTABLISHED Remote 69.171.234.37:80 (Querying... ) (HTTP)
Local 192.168.1.102:50115 ESTABLISHED Remote 184.24.204.20:80 (Querying... ) (HTTP)
Local 192.168.1.102:50116 ESTABLISHED Remote 184.24.204.20:80 (Querying... ) (HTTP)
Local 192.168.1.102:50119 ESTABLISHED Remote 174.76.226.9:80 (Querying... ) (HTTP)
Local 192.168.1.102:50125 ESTABLISHED Remote 174.76.226.9:80 (Querying... ) (HTTP)
Local 192.168.1.102:50126 ESTABLISHED Remote 184.24.204.20:80 (Querying... ) (HTTP)
Local 192.168.1.102:50127 ESTABLISHED Remote 74.125.127.147:80 (Querying... ) (HTTP)
Local 192.168.1.102:50112 ESTABLISHED Remote 74.125.224.175:80 (Querying... ) (HTTP)
Local 192.168.1.102:50129 ESTABLISHED Remote 74.125.239.15:80 (Querying... ) (HTTP)
Local 192.168.1.102:50130 ESTABLISHED Remote 67.228.177.87:80 (Querying... ) (HTTP)
Local 192.168.1.102:50131 ESTABLISHED Remote 173.194.79.103:80 (Querying... ) (HTTP)
Local 192.168.1.102:50132 ESTABLISHED Remote 173.194.79.106:80 (Querying... ) (HTTP)
Local 192.168.1.102:50133 ESTABLISHED Remote 173.194.79.147:80 (Querying... ) (HTTP)
Local 192.168.1.102:50134 ESTABLISHED Remote 63.245.217.112:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50047 ESTABLISHED Remote 74.125.239.27:80 (Querying... ) (HTTP)
Local 192.168.1.102:50137 ESTABLISHED Remote 199.7.51.72:80 (Querying... ) (HTTP)
Local 192.168.1.102:50128 ESTABLISHED Remote 74.125.127.103:80 (Querying... ) (HTTP)
System Process
Local 192.168.1.102:50076 TIME-WAIT Remote 74.125.224.174:443 (Querying... ) (HTTPS)
Local 192.168.1.102:50104 TIME-WAIT Remote 178.255.83.1:80 (Querying... ) (HTTP)
Local 192.168.1.102:50109 TIME-WAIT Remote 74.125.239.25:80 (Querying... ) (HTTP)
Local 192.168.1.102:50135 TIME-WAIT Remote 68.105.28.12:53 (Querying... )
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.102:139 (NetBIOS session service) LISTEN
ToolbarUpdater.exe (2504)
Local 192.168.1.102:49842 ESTABLISHED Remote 184.24.199.117:80 (Querying... ) (HTTP)
avgmfapx.exe (1120)
Local 192.168.1.102:50142 ESTABLISHED Remote 212.96.161.246:80 (Querying... ) (HTTP)
lsass.exe (804)
Local 0.0.0.0:49155 LISTEN
services.exe (792)
Local 0.0.0.0:49157 LISTEN
svchost.exe (1128)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (1264)
Local 0.0.0.0:49153 LISTEN
svchost.exe (1352)
Local 0.0.0.0:49154 LISTEN
svchost.exe (2256)
Local 0.0.0.0:49156 LISTEN
wininit.exe (748)
Local 0.0.0.0:49152 LISTEN

OTL Log:

OTL logfile created on: 01/08/2012 7:07:00 AM - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Courtney\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.32% Memory free
4.21 Gb Paging File | 3.02 Gb Available in Paging File | 71.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.24 Gb Total Space | 79.55 Gb Free Space | 80.16% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.13% Space Free | Partition Type: NTFS

Computer Name: COURTNEY-PC | User Name: Courtney | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/29 06:40:45 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
PRC - [2012/07/28 09:31:57 | 000,830,048 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
PRC - [2012/07/28 09:31:56 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/06/13 03:48:04 | 000,990,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgscanx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 21:33:00 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/28 09:31:58 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\SiteSafety.dll
MOD - [2012/07/28 09:31:56 | 001,147,488 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/07/13 19:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe


========== Win32 Services (SafeList) ==========

SRV - [2012/07/28 09:31:57 | 000,830,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe -- (vToolbarUpdater12.1.5)
SRV - [2012/07/28 09:18:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/07/28 09:32:00 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/05/23 01:03:28 | 000,047,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2009/07/10 06:44:52 | 000,122,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/11/05 23:20:24 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 15:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 15:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/01/20 21:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....pr&d=2012-07-28 09:32:01&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/28 09:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\12.1.0.21\ [2012/07/28 09:32:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/31 07:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/07/31 07:18:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Courtney\AppData\Roaming\Mozilla\Extensions
[2012/07/31 07:18:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/13 19:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/13 19:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O13 - gopher Prefix: missing
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFD07B82-3BF9-4A2C-8901-C2657D355D09}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "bootini" - 0
MsConfig - State: "startup" - 0
MsConfig - State: "services" - 0

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/01 07:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012/08/01 07:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/07/31 07:18:12 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Mozilla
[2012/07/31 07:18:12 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Mozilla
[2012/07/31 07:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/31 07:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/07/31 07:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/07/31 06:38:21 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Adobe
[2012/07/31 06:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/07/31 06:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/07/31 06:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/07/29 17:22:11 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Sonic_Solutions
[2012/07/29 16:20:33 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/07/29 15:16:38 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\FixItCenter
[2012/07/29 15:11:14 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2012/07/29 15:11:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012/07/29 13:37:17 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/07/29 13:17:21 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/07/29 13:17:21 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/07/29 13:17:20 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/07/29 13:17:20 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/07/29 13:17:20 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/07/29 13:17:20 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/07/29 13:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/07/29 12:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/07/29 12:50:38 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/29 12:50:06 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/07/29 12:50:06 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/07/29 12:50:06 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/07/29 12:48:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/07/29 12:48:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/07/29 12:48:58 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/07/29 12:48:57 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/07/29 12:48:57 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/07/29 12:48:57 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/07/29 12:48:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/07/29 12:48:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/07/29 12:48:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/07/29 12:41:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/07/29 12:41:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/07/29 12:41:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/29 12:41:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/29 12:41:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/07/29 12:41:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/07/29 12:41:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/07/29 12:41:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/07/29 12:41:41 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/07/29 12:41:41 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/07/29 12:41:41 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/07/29 12:41:41 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/07/29 12:41:41 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/07/29 12:41:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/07/29 12:41:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/29 12:41:40 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/07/29 12:41:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/29 12:41:40 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/07/29 12:41:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/07/29 12:41:39 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/07/29 12:41:39 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/07/29 12:41:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/07/29 12:41:38 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/07/29 12:41:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/07/29 12:41:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/29 12:41:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/29 12:41:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/07/29 12:41:36 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/29 12:41:36 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/07/29 12:41:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/07/29 12:41:36 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/07/29 12:41:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/07/29 12:41:35 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/07/29 12:41:35 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/07/29 12:41:35 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/07/29 12:41:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/07/29 12:41:34 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/07/29 12:40:54 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/07/29 12:40:54 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/07/29 12:40:54 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/07/29 12:40:53 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/07/29 12:40:53 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/07/29 12:40:53 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/07/29 12:40:52 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/07/29 12:40:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/07/29 12:40:48 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/07/29 12:40:46 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/07/29 12:40:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/07/29 12:40:45 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/07/29 12:40:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/07/29 12:40:44 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/07/29 12:40:44 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/07/29 12:40:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/07/29 12:40:43 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/07/29 12:40:16 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/07/29 12:40:16 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/07/29 12:40:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/07/29 12:40:14 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/07/29 12:40:12 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/07/29 12:40:12 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/07/29 12:34:50 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/07/29 12:34:30 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/07/29 12:34:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/07/29 12:34:23 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/07/29 12:34:11 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/07/29 12:34:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/07/29 12:34:06 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/07/29 12:34:05 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/07/29 12:34:05 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/07/29 12:34:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/07/29 12:34:01 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/07/29 12:34:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/07/29 12:34:00 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/07/29 12:34:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/07/29 12:34:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/07/29 12:33:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/07/29 12:30:43 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/07/29 12:30:43 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/07/29 12:28:17 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/29 12:26:07 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/07/29 06:38:00 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
[2012/07/28 17:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/28 17:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/28 16:52:52 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\ElevatedDiagnostics
[2012/07/28 14:04:29 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/07/28 14:04:29 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/07/28 14:04:12 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/07/28 14:04:12 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/07/28 14:04:12 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/07/28 14:04:00 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/07/28 14:04:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/07/28 13:22:03 | 000,000,000 | ---D | C] -- C:\f2207438e767f2f480b712
[2012/07/28 13:09:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/07/28 13:09:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/07/28 13:09:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/07/28 12:56:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/07/28 12:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012/07/28 12:51:10 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/07/28 12:51:07 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012/07/28 12:51:06 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012/07/28 12:51:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012/07/28 12:51:03 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/07/28 12:51:02 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/07/28 12:51:00 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/07/28 12:51:00 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012/07/28 12:50:59 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/07/28 12:50:58 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012/07/28 12:50:57 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/07/28 12:50:56 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012/07/28 12:50:56 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/07/28 12:50:56 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012/07/28 12:50:54 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012/07/28 12:50:54 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/07/28 12:50:54 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/07/28 12:50:53 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/07/28 12:50:53 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/07/28 12:50:52 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/07/28 12:50:52 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/07/28 12:50:52 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/07/28 12:50:52 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/07/28 12:50:51 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012/07/28 12:50:51 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012/07/28 12:50:51 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/07/28 12:50:50 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012/07/28 12:50:50 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012/07/28 12:50:49 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012/07/28 12:50:48 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012/07/28 12:50:46 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/07/28 12:50:46 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/07/28 12:50:46 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012/07/28 12:50:46 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012/07/28 12:50:46 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/07/28 12:50:45 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012/07/28 12:50:45 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/07/28 12:50:45 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/07/28 12:50:45 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012/07/28 12:50:44 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/07/28 12:50:44 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012/07/28 12:50:44 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012/07/28 12:50:43 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012/07/28 12:50:43 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/07/28 12:50:43 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/07/28 12:50:42 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/07/28 12:50:42 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012/07/28 12:50:42 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/07/28 12:50:42 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012/07/28 12:50:42 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/07/28 12:50:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012/07/28 12:50:40 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012/07/28 12:50:40 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012/07/28 12:50:40 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012/07/28 12:50:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/07/28 12:50:39 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/07/28 12:50:39 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012/07/28 12:50:38 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012/07/28 12:50:38 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/07/28 12:50:38 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012/07/28 12:50:38 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/07/28 12:50:38 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/07/28 12:50:38 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/07/28 12:50:37 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/07/28 12:50:37 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/07/28 12:50:37 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012/07/28 12:50:36 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/07/28 12:50:36 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012/07/28 12:50:36 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012/07/28 12:50:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012/07/28 12:50:35 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012/07/28 12:50:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012/07/28 12:50:34 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/07/28 12:50:34 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/07/28 12:50:33 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012/07/28 12:50:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012/07/28 12:50:31 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012/07/28 12:50:30 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012/07/28 12:50:30 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/07/28 12:50:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012/07/28 12:50:28 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/07/28 12:50:28 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/07/28 12:50:28 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012/07/28 12:50:28 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/07/28 12:50:27 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/07/28 12:50:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012/07/28 12:50:26 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/07/28 12:50:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012/07/28 12:50:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012/07/28 12:50:24 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/07/28 12:50:23 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012/07/28 12:50:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/07/28 12:50:23 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012/07/28 12:50:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012/07/28 12:50:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012/07/28 12:50:22 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012/07/28 12:50:22 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/07/28 12:50:22 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/07/28 12:50:21 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012/07/28 12:50:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012/07/28 12:50:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012/07/28 12:50:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012/07/28 12:50:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012/07/28 12:50:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012/07/28 12:50:20 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012/07/28 12:50:20 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/07/28 12:50:19 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012/07/28 12:50:19 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/07/28 12:50:19 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/07/28 12:50:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012/07/28 12:50:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012/07/28 12:50:18 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/07/28 12:50:18 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012/07/28 12:50:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/07/28 12:50:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012/07/28 12:50:18 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/07/28 12:50:17 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/07/28 12:50:17 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/07/28 12:50:17 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012/07/28 12:50:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/07/28 12:50:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012/07/28 12:50:16 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012/07/28 12:50:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/07/28 12:50:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/07/28 12:50:16 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/07/28 12:50:16 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012/07/28 12:50:16 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012/07/28 12:50:14 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012/07/28 12:50:14 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/07/28 12:50:14 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012/07/28 12:50:14 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012/07/28 12:50:13 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/07/28 12:50:13 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012/07/28 12:50:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/07/28 12:50:13 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/07/28 12:50:12 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/07/28 12:50:12 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/07/28 12:50:12 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012/07/28 12:50:12 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012/07/28 12:50:12 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/07/28 12:50:12 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012/07/28 12:50:12 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012/07/28 12:50:11 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/07/28 12:50:11 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012/07/28 12:50:11 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/07/28 12:50:10 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/07/28 12:50:10 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/07/28 12:50:10 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012/07/28 12:50:10 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012/07/28 12:50:10 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012/07/28 12:50:10 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/07/28 12:50:09 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/07/28 12:50:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/07/28 12:50:09 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/07/28 12:50:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012/07/28 12:50:09 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/07/28 12:50:09 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/07/28 12:50:08 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012/07/28 12:50:08 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012/07/28 12:50:08 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012/07/28 12:50:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012/07/28 12:50:08 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/07/28 12:50:08 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/07/28 12:50:08 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012/07/28 12:50:08 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012/07/28 12:50:08 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012/07/28 12:50:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012/07/28 12:50:07 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/07/28 12:50:07 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/07/28 12:50:07 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012/07/28 12:50:06 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012/07/28 12:50:06 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012/07/28 12:50:06 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/07/28 12:50:06 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/07/28 12:50:06 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012/07/28 12:50:06 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/07/28 12:50:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/07/28 12:50:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/07/28 12:50:06 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/07/28 12:50:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012/07/28 12:50:06 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/07/28 12:50:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012/07/28 12:50:05 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012/07/28 12:50:05 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012/07/28 12:50:05 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012/07/28 12:50:05 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/07/28 12:50:05 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012/07/28 12:50:05 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012/07/28 12:50:05 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012/07/28 12:50:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012/07/28 12:50:04 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/07/28 12:50:04 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012/07/28 12:50:04 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012/07/28 12:50:04 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/07/28 12:50:04 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/07/28 12:50:04 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/07/28 12:50:04 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/07/28 12:50:04 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/07/28 12:50:04 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012/07/28 12:50:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012/07/28 12:50:04 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/07/28 12:50:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/07/28 12:50:03 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/07/28 12:50:03 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/07/28 12:50:03 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/07/28 12:50:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012/07/28 12:50:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/07/28 12:50:02 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/07/28 12:50:02 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012/07/28 12:50:02 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/07/28 12:50:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/07/28 12:50:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/07/28 12:50:02 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/07/28 12:50:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012/07/28 12:50:01 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/07/28 12:50:01 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/07/28 12:50:01 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012/07/28 12:50:00 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/07/28 12:50:00 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/07/28 12:50:00 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/07/28 12:50:00 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012/07/28 12:49:59 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/07/28 12:49:59 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/07/28 12:49:59 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/07/28 12:49:59 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012/07/28 12:49:59 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/07/28 12:49:59 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/07/28 12:49:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/07/28 12:49:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012/07/28 12:49:59 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012/07/28 12:49:58 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/07/28 12:49:58 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012/07/28 12:49:58 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/07/28 12:49:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/07/28 12:49:58 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012/07/28 12:49:58 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/07/28 12:49:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012/07/28 12:49:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012/07/28 12:49:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012/07/28 12:49:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012/07/28 12:49:57 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012/07/28 12:49:57 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012/07/28 12:49:57 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012/07/28 12:49:57 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/07/28 12:49:57 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/07/28 12:49:57 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012/07/28 12:49:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012/07/28 12:49:57 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012/07/28 12:49:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012/07/28 12:49:56 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/07/28 12:49:56 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012/07/28 12:49:56 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/07/28 12:49:56 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012/07/28 12:49:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012/07/28 12:49:54 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012/07/28 12:49:54 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/07/28 12:49:54 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/07/28 12:49:54 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012/07/28 12:49:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012/07/28 12:49:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012/07/28 12:49:54 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/07/28 12:49:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012/07/28 12:49:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012/07/28 12:49:54 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/07/28 12:49:54 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/07/28 12:49:53 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012/07/28 12:49:53 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012/07/28 12:49:53 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012/07/28 12:49:53 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/07/28 12:49:53 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/07/28 12:49:53 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012/07/28 12:49:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012/07/28 12:49:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012/07/28 12:49:52 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012/07/28 12:49:52 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/07/28 12:49:52 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/07/28 12:49:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012/07/28 12:49:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012/07/28 12:49:52 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012/07/28 12:49:52 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/07/28 12:49:52 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/07/28 12:49:52 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012/07/28 12:49:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012/07/28 12:49:51 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/07/28 12:49:51 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/07/28 12:49:51 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012/07/28 12:49:51 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012/07/28 12:49:51 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/07/28 12:49:51 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/07/28 12:49:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012/07/28 12:49:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012/07/28 12:49:50 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/07/28 12:49:50 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012/07/28 12:49:50 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012/07/28 12:49:50 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012/07/28 12:49:50 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012/07/28 12:49:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/07/28 12:49:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012/07/28 12:49:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012/07/28 12:49:49 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/07/28 12:49:49 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/07/28 12:49:49 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012/07/28 12:49:49 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012/07/28 12:49:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/07/28 12:49:48 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/07/28 12:49:48 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012/07/28 12:49:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/07/28 12:49:48 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012/07/28 12:49:48 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012/07/28 12:49:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012/07/28 12:49:47 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/07/28 12:49:47 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012/07/28 12:49:47 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012/07/28 12:49:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012/07/28 12:49:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012/07/28 12:49:47 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/07/28 12:49:47 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/07/28 12:49:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012/07/28 12:49:47 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012/07/28 12:49:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/07/28 12:49:47 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012/07/28 12:49:47 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012/07/28 12:49:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/07/28 12:49:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012/07/28 12:49:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012/07/28 12:49:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/07/28 12:49:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/07/28 12:49:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012/07/28 12:49:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012/07/28 12:49:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012/07/28 12:49:45 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/07/28 12:49:45 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/07/28 12:49:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/07/28 12:49:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/07/28 12:49:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/07/28 12:49:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012/07/28 12:49:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012/07/28 12:49:43 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012/07/28 12:49:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012/07/28 12:49:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012/07/28 12:49:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012/07/28 12:49:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012/07/28 12:49:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012/07/28 12:49:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012/07/28 12:49:42 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012/07/28 12:49:42 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/07/28 12:49:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/07/28 12:49:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012/07/28 12:49:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/07/28 12:49:40 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012/07/28 12:49:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/07/28 12:49:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012/07/28 12:49:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/07/28 12:49:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012/07/28 12:49:25 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/07/28 12:49:25 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/07/28 12:49:24 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/07/28 12:49:23 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/07/28 12:37:57 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Macrovision
[2012/07/28 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Roxio
[2012/07/28 12:35:13 | 000,398,336 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\TVWizudlg.exe
[2012/07/28 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/07/28 12:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/07/28 12:12:15 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2012/07/28 12:12:15 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2012/07/28 12:11:18 | 000,048,128 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2012/07/28 12:11:18 | 000,045,056 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2012/07/28 12:11:18 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2012/07/28 12:11:17 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/07/28 12:09:50 | 000,000,000 | ---D | C] -- C:\dell
[2012/07/28 12:06:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2012/07/28 12:06:36 | 000,000,000 | ---D | C] -- C:\Intel
[2012/07/28 12:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012/07/28 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2012/07/28 12:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
[2012/07/28 11:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2012/07/28 11:56:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/07/28 11:56:06 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/07/28 11:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012/07/28 11:55:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2012/07/28 11:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/07/28 11:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2012/07/28 11:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/07/28 11:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012/07/28 11:25:48 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012/07/28 11:25:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012/07/28 11:25:47 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012/07/28 11:25:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012/07/28 11:25:46 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012/07/28 11:25:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012/07/28 11:25:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012/07/28 11:25:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012/07/28 11:25:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012/07/28 11:25:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012/07/28 11:25:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012/07/28 11:25:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012/07/28 11:25:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012/07/28 11:25:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012/07/28 11:25:42 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012/07/28 11:25:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012/07/28 11:25:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012/07/28 11:25:42 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012/07/28 11:25:42 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012/07/28 11:25:41 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012/07/28 11:25:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012/07/28 11:25:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012/07/28 11:25:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012/07/28 11:25:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012/07/28 11:25:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012/07/28 11:25:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012/07/28 11:25:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012/07/28 11:25:36 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012/07/28 11:25:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012/07/28 11:25:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012/07/28 11:25:26 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012/07/28 11:25:25 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012/07/28 11:25:25 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012/07/28 11:25:25 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012/07/28 11:25:25 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012/07/28 11:25:24 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012/07/28 11:25:24 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012/07/28 11:25:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012/07/28 11:25:23 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012/07/28 11:22:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/07/28 11:22:40 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/07/28 11:22:40 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/07/28 11:17:45 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Roxio Log Files
[2012/07/28 11:14:03 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\AVG
[2012/07/28 11:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/07/28 11:01:51 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/07/28 11:01:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/07/28 11:00:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2012/07/28 10:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/07/28 10:56:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/07/28 10:56:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/07/28 10:38:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/07/28 10:10:24 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2012/07/28 10:10:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2012/07/28 10:10:23 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2012/07/28 09:35:43 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/07/28 09:34:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012/07/28 09:34:21 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012/07/28 09:34:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012/07/28 09:34:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012/07/28 09:34:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012/07/28 09:34:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012/07/28 09:34:20 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012/07/28 09:34:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012/07/28 09:34:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012/07/28 09:34:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012/07/28 09:34:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012/07/28 09:34:18 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012/07/28 09:34:18 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012/07/28 09:34:18 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012/07/28 09:34:18 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012/07/28 09:34:18 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012/07/28 09:33:44 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\AVG2012
[2012/07/28 09:32:55 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/07/28 09:32:54 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012/07/28 09:32:54 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012/07/28 09:32:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012/07/28 09:32:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012/07/28 09:32:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012/07/28 09:32:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012/07/28 09:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/28 09:32:35 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\AVG Secure Search
[2012/07/28 09:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/07/28 09:32:00 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/07/28 09:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/07/28 09:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/07/28 09:28:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/07/28 09:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/07/28 09:28:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/07/28 09:28:25 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/07/28 09:28:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/07/28 09:27:58 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/07/28 09:27:58 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/07/28 09:27:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/07/28 09:27:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/07/28 09:27:57 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/07/28 09:27:56 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/07/28 09:27:54 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/07/28 09:27:54 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/07/28 09:27:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/07/28 09:27:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/07/28 09:27:42 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/07/28 09:27:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/07/28 09:27:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2012/07/28 09:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/07/28 09:26:46 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/07/28 09:26:45 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2012/07/28 09:26:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2012/07/28 09:26:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2012/07/28 09:26:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012/07/28 09:26:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/07/28 09:26:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012/07/28 09:26:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2012/07/28 09:26:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2012/07/28 09:26:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2012/07/28 09:26:17 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2012/07/28 09:26:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/07/28 09:26:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/07/28 09:26:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/07/28 09:26:03 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/07/28 09:25:47 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/07/28 09:25:47 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/07/28 09:25:47 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/07/28 09:25:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/07/28 09:25:10 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2012/07/28 09:25:10 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012/07/28 09:25:07 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/07/28 09:25:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/07/28 09:24:55 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/07/28 09:24:47 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012/07/28 09:24:30 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/07/28 09:24:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/07/28 09:24:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/07/28 09:24:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012/07/28 09:24:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/07/28 09:24:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012/07/28 09:24:17 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/07/28 09:24:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2012/07/28 09:24:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/07/28 09:24:14 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/07/28 09:24:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/07/28 09:24:12 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/07/28 09:24:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/07/28 09:24:06 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/07/28 09:24:06 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/07/28 09:23:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/07/28 09:23:22 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/07/28 09:23:22 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/07/28 09:23:20 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/07/28 09:21:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/07/28 09:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/07/28 09:18:09 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Macromedia
[2012/07/28 09:18:08 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Adobe
[2012/07/28 09:18:07 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/28 09:18:07 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/28 09:18:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012/07/28 09:12:45 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/07/28 09:10:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2012/07/28 09:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/07/28 09:09:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Searches
[2012/07/28 09:04:13 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/07/28 09:04:05 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Roaming\Identities
[2012/07/28 09:04:04 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Contacts
[2012/07/28 09:04:03 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\VirtualStore
[2012/07/28 09:03:58 | 000,000,000 | --SD | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Videos
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Saved Games
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Pictures
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Music
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Links
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Favorites
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Downloads
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Documents
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\Desktop
[2012/07/28 09:03:58 | 000,000,000 | R--D | C] -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\Temporary Internet Files
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Templates
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Start Menu
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\SendTo
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Recent
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\PrintHood
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\NetHood
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Videos
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Pictures
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Documents\My Music
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\My Documents
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Local Settings
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\History
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Cookies
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\Application Data
[2012/07/28 09:03:58 | 000,000,000 | -HSD | C] -- C:\Users\Courtney\AppData\Local\Application Data
[2012/07/28 09:03:58 | 000,000,000 | -H-D | C] -- C:\Users\Courtney\AppData
[2012/07/28 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Temp
[2012/07/28 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Courtney\AppData\Local\Microsoft

========== Files - Modified Within 30 Days ==========

[2012/08/01 07:09:41 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 07:09:41 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/01 07:01:45 | 102,697,338 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/08/01 07:01:12 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/08/01 06:59:28 | 000,608,644 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/01 06:59:28 | 000,106,114 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/01 06:58:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/01 06:58:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/31 07:18:10 | 000,000,870 | ---- | M] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/31 07:18:10 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/31 07:09:05 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/31 07:06:52 | 000,061,440 | ---- | M] ( ) -- C:\Users\Courtney\Desktop\VEW.exe
[2012/07/31 06:35:10 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/07/31 06:13:37 | 000,033,589 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/07/30 06:33:13 | 000,003,060 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120730_063307.reg
[2012/07/29 15:38:35 | 000,001,876 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120729_153830.reg
[2012/07/29 15:21:59 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fixit Center.lnk
[2012/07/29 13:00:28 | 000,000,943 | ---- | M] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/29 12:59:37 | 000,276,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/29 12:41:52 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/07/29 12:41:52 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/07/29 12:41:45 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/07/29 12:41:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/07/29 12:41:44 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/29 12:41:43 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/29 12:41:43 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/07/29 12:41:43 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/07/29 12:41:43 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/07/29 12:41:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/07/29 12:41:41 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/07/29 12:41:41 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/07/29 12:41:41 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/07/29 12:41:41 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/07/29 12:41:41 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/07/29 12:41:40 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/29 12:41:40 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/07/29 12:41:40 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/29 12:41:40 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/07/29 12:41:40 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/07/29 12:41:40 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/07/29 12:41:39 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/07/29 12:41:39 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/07/29 12:41:39 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/07/29 12:41:38 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/07/29 12:41:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/07/29 12:41:37 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/29 12:41:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/29 12:41:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/07/29 12:41:36 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/29 12:41:36 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/07/29 12:41:36 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/07/29 12:41:36 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/07/29 12:41:35 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/07/29 12:41:35 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/07/29 12:41:35 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/07/29 12:41:35 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/07/29 12:41:35 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/07/29 12:41:34 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/07/29 12:40:54 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/07/29 12:40:54 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/07/29 12:40:54 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/07/29 12:40:53 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/07/29 12:40:53 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/07/29 12:40:53 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/07/29 12:40:52 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/07/29 12:40:49 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/07/29 12:40:48 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/07/29 12:40:46 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/07/29 12:40:46 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/07/29 12:40:45 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/07/29 12:40:45 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/07/29 12:40:44 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/07/29 12:40:44 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/07/29 12:40:44 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/07/29 12:40:43 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/07/29 12:40:18 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\dxgkrnl.sys.mui
[2012/07/29 12:40:16 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/07/29 12:40:16 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/07/29 12:40:16 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/07/29 12:40:14 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/07/29 12:40:12 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/07/29 12:40:12 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/07/29 06:40:45 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Courtney\Desktop\OTL.exe
[2012/07/28 20:35:34 | 000,000,680 | ---- | M] () -- C:\Users\Courtney\AppData\Local\d3d9caps.dat
[2012/07/28 20:28:54 | 000,001,606 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_202847.reg
[2012/07/28 18:33:24 | 000,000,470 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_183320.reg
[2012/07/28 18:11:35 | 000,007,328 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_181131.reg
[2012/07/28 17:33:07 | 000,007,468 | ---- | M] () -- C:\Users\Courtney\Documents\cc_20120728_173006.reg
[2012/07/28 17:02:49 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/28 12:35:37 | 000,016,058 | ---- | M] () -- C:\Windows\System32\results.xml
[2012/07/28 12:01:44 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/07/28 11:56:08 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/07/28 11:00:22 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/07/28 09:32:49 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/28 09:32:00 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/07/28 09:18:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/28 09:18:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012/08/01 07:01:45 | 102,697,338 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/08/01 07:01:12 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012/07/31 07:18:10 | 000,000,870 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/31 07:18:10 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/31 07:18:10 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/31 07:06:52 | 000,061,440 | ---- | C] ( ) -- C:\Users\Courtney\Desktop\VEW.exe
[2012/07/31 06:35:10 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/07/31 06:35:10 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/07/31 06:13:37 | 000,033,589 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/07/30 06:33:10 | 000,003,060 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120730_063307.reg
[2012/07/29 16:34:18 | 2137,042,944 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/29 15:38:32 | 000,001,876 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120729_153830.reg
[2012/07/29 15:11:15 | 000,000,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012/07/29 15:11:14 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fixit Center.lnk
[2012/07/29 12:41:40 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/07/28 20:28:50 | 000,001,606 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_202847.reg
[2012/07/28 18:33:22 | 000,000,470 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_183320.reg
[2012/07/28 18:11:33 | 000,007,328 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_181131.reg
[2012/07/28 17:32:51 | 000,007,468 | ---- | C] () -- C:\Users\Courtney\Documents\cc_20120728_173006.reg
[2012/07/28 17:02:47 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/28 12:50:44 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/07/28 12:50:42 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/07/28 12:50:37 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/07/28 12:50:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/07/28 12:50:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/07/28 12:50:34 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/07/28 12:50:28 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/07/28 12:50:14 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/07/28 12:50:12 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/07/28 12:49:42 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/07/28 12:49:34 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/07/28 12:35:37 | 000,016,058 | ---- | C] () -- C:\Windows\System32\results.xml
[2012/07/28 12:35:13 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012/07/28 12:35:13 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2012/07/28 12:01:41 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Starter.lnk
[2012/07/28 11:56:08 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012/07/28 11:56:07 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2012/07/28 11:55:49 | 000,000,022 | RH-- | C] () -- C:\Windows\dell_version
[2012/07/28 10:04:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/07/28 10:04:33 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/07/28 09:34:18 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/07/28 09:34:18 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/07/28 09:34:18 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/07/28 09:32:49 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/28 09:26:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012/07/28 09:18:08 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/28 09:11:38 | 000,000,943 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/07/28 09:04:13 | 000,000,949 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/07/28 09:04:12 | 000,000,944 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/07/28 09:04:04 | 000,000,915 | ---- | C] () -- C:\Users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/07/28 09:04:00 | 000,000,680 | ---- | C] () -- C:\Users\Courtney\AppData\Local\d3d9caps.dat
[2012/07/28 09:03:58 | 000,000,258 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/07/28 09:03:58 | 000,000,240 | ---- | C] () -- C:\Users\Courtney\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK1251GSY ATA Device
Partitions: 4
Status: Pred Fail
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 0.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 10.00GB
Starting Offset: 50331648
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 99.00GB
Starting Offset: 10787749888
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 2.00GB
Starting Offset: 117348237312
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2012/07/31 06:38:21 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Adobe
[2012/07/28 19:16:51 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\AVG
[2012/07/28 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\AVG2012
[2012/07/28 09:04:05 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Identities
[2012/07/28 09:18:09 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Macromedia
[2012/07/28 12:37:57 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Macrovision
[2012/07/31 06:38:21 | 000,000,000 | --SD | M] -- C:\Users\Courtney\AppData\Roaming\Microsoft
[2012/07/31 07:18:19 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Mozilla
[2012/07/29 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Roxio
[2012/07/28 11:17:45 | 000,000,000 | ---D | M] -- C:\Users\Courtney\AppData\Roaming\Roxio Log Files

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/01/20 21:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/20 21:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2009/04/11 01:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 01:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/20 21:33:36 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2008/01/20 21:34:16 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\System32\NapiNSP.dll
[2008/01/20 21:34:16 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_ac1d40c88f30e6c0\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2008/01/20 21:33:15 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\System32\nlaapi.dll
[2008/01/20 21:33:15 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2008/01/20 21:35:17 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\System32\pnrpnsp.dll
[2008/01/20 21:35:17 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpnsp.dll

< MD5 for: SERVICES.EXE >
[2008/01/20 21:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/04/11 01:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\System32\winrnr.dll
[2009/04/11 01:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_5b39cbfb4d3802b6\winrnr.dll
[2006/11/02 04:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6000.16386_none_571790f3532b2696\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2006/11/02 04:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\System32\wshelper.dll
[2006/11/02 04:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/07/29 12:41:43 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/07/29 12:41:43 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/13 19:17:47 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2012/07/29 12:41:41 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/07/29 12:41:43 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/07/29 12:41:43 | 000,748,664 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >


OTL Extras Log:
OTL Extras logfile created on: 01/08/2012 7:07:00 AM - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Courtney\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.32% Memory free
4.21 Gb Paging File | 3.02 Gb Available in Paging File | 71.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.24 Gb Total Space | 79.55 Gb Free Space | 80.16% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.91 Gb Free Space | 99.13% Space Free | Partition Type: NTFS

Computer Name: COURTNEY-PC | User Name: Courtney | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B6457B1-D163-42B2-BE5B-D08A5DDC3E60}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{335C9966-7AF6-4CC1-99DE-8AD5E21E43B5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{4166A997-687F-4DB4-910C-9FF26E295D67}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{792B4702-14C9-45F6-A029-01B08CA0EB8F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{7A739C17-EF0A-4896-913D-9C778C63FE10}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{8091F78F-3132-4FD9-86EE-02E162CA7B27}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{C57FF3B7-610F-4E74-BD36-53553EF9CBDC}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{F64D8E27-BE4A-405E-8FC7-25200C543087}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2012
"CCleaner" = CCleaner
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Speccy" = Speccy
"TVWiz" = Intel® TV Wizard

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31/07/2012 2:12:14 AM | Computer Name = Courtney-PC | Source = WinMgmt | ID = 10
Description =

Error - 31/07/2012 7:27:56 AM | Computer Name = Courtney-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 740 Start Time: 01cd6f0ef4acb930 Termination Time: 31

Error - 31/07/2012 8:10:43 AM | Computer Name = Courtney-PC | Source = WinMgmt | ID = 10
Description =

Error - 01/08/2012 8:01:26 AM | Computer Name = Courtney-PC | Source = Perflib | ID = 1010
Description =

Error - 01/08/2012 8:01:26 AM | Computer Name = Courtney-PC | Source = Perflib | ID = 1005
Description =

Error - 01/08/2012 8:01:26 AM | Computer Name = Courtney-PC | Source = Perflib | ID = 1017
Description =

[ System Events ]
Error - 01/08/2012 8:01:38 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 01/08/2012 8:14:35 AM | Computer Name = Courtney-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 01/08/2012 8:14:35 AM | Computer Name = Courtney-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 01/08/2012 8:14:35 AM | Computer Name = Courtney-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 01/08/2012 8:14:35 AM | Computer Name = Courtney-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 01/08/2012 8:14:35 AM | Computer Name = Courtney-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 01/08/2012 8:22:48 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 01/08/2012 8:22:48 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 01/08/2012 8:22:48 AM | Computer Name = Courtney-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.

Error - 01/08/2012 8:23:13 AM | Computer Name = Courtney-PC | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.


< End of report >
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
OTL says we have a good atapi.sys driver. Speccy says it's not too hot and that you have a TOSHIBA MK1251GSY hard drive so let's see if you can get their hard drive test utility to work for you.

http://storage.toshi...tware-utilities

I expect that the

Windows Diagnostic Tool Ver. 1.12
(For IDE/ATA/SATA Hard Drives)
ZIPfjdtwin.exe [464KB]

Would be the easiest to run. The other is better but requires a DOS boot disk and Toshiba is too lazy to provide that for you. Most hard drive makers give you a .iso file that you can burn to a CD and boot from but they don't.

Download save and run it and have it run the Comprehensive Test. They say it should take a little under 2 hours to run but this will depend on the speed of your PC. Does it pass?



Going to the Dell site and putting in your Service tag we get:

http://www.dell.com/...viceTag/71T1JF1

Then change Refine Your Results to look for Vista and hit Enter. There are 18 files. I would try the ones under SATA, Removable Storage, and under Diagnostics then run the dell diagnostic tool and see if it finds anything.
  • 0

#7
betagamma1051

betagamma1051

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Okay, I don't know what's wrong with me, but I downloaded the Toshiba thing and clicked Run as Administrator and it pulled up the Diagnostic Tool just fine and it lists my model name, serial number, and firm. I click Extended Test and I get an error pop-up that says "Please select the target drive to test." It doesn't let me click on anything. What am I doing wrong?
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
I guess it doesn't think your drive qualifies. It did mention Fujitsu Branded but it was the only Toshiba test I could find. Toshiba seems to have dumped their hard drive line.
They just give a telephone number and form for support now.
http://storage.toshi...upport-contacts

See if you can use the Hitachi Drive Fitness Test instead

http://pcsupport.abo...p/tophddiag.htm
  • 0

#9
betagamma1051

betagamma1051

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I downloaded everything you told me to from Dell, but I am having an issue with the Dell Diagnostic Tool and the Hitachi thing because they both want me to burn to a disk which I do not have.

I didn't want to come back empty handed, so I downloaded the SeaTools for Windows and ran the tests. Failed the S.M.A.R.T test, failed the Short Drive Self Test, passed the Short Generic test, and failed the Long Generic test.

Is there anything else I can use to help you help me further since I had the troubles with the Dell Diagnostic and Hitachi that you wanted me to use? Thank you for your patience with my lack of computer-fixing skills.
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP

Failed the S.M.A.R.T test


Probably time for a new hard drive. The S.M.A.R.T test is explained here:
http://www.hdsentine...smart/index.php

That it failed both SMART and long tests is a bad sign. Again it could be caused by a failure on the motherboard or bad cabling but since the short test works it appears that the motherboard and cabling are good enough to work so I would replace the hard drive.
  • 0

#11
betagamma1051

betagamma1051

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thank you for all your time and help! I was able to take all the info you gave me to Dell tech support and they had me run the Dell Diagnostic through the boot menu where it was confirmed that the hard drive was bad. My new hard drive is on the way! You guys are angels and I am so thankful for all the help I received!
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
Glad we could help and also glad that Dell is replacing your hard drive.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP