We are closer to the problem.
Run OTL as follows:
Sounds good, can't wait to get this fixed. Running back and forth to her place is a pain. I appreciate your efforts.
OTL logfile created on: 6/12/2013 7:34:48 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dianne\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 39.33% Memory free
8.14 Gb Paging File | 5.37 Gb Available in Paging File | 65.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.58 Gb Total Space | 532.08 Gb Free Space | 77.84% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 0.02 Gb Free Space | 0.12% Space Free | Partition Type: NTFS
Drive E: | 48.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: DIANNE-PC | User Name: dianne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2013/06/05 18:46:33 | 001,226,928 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013/06/05 18:17:00 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013/05/04 18:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dianne\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2010/09/28 18:13:24 | 000,791,360 | ---- | M] (Interactive Brands Inc.) -- C:\Program Files (x86)\PDF Suite 2010\ConversionService.exe
PRC - [2009/05/21 08:59:14 | 001,025,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
========== Modules (No Company Name) ========== MOD - [2013/06/05 18:17:03 | 000,158,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll
MOD - [2013/05/29 01:27:38 | 000,393,168 | ---- | M] () -- C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll
MOD - [2013/05/29 01:27:35 | 004,051,408 | ---- | M] () -- C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
MOD - [2013/05/29 01:26:36 | 001,597,392 | ---- | M] () -- C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll
MOD - [2013/01/09 04:31:11 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/09 04:30:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/09 04:30:05 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
========== Services (SafeList) ========== SRV:
64bit: - [2012/07/11 14:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2009/07/09 19:48:34 | 001,044,648 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysNative\dldtcoms.exe -- (dldt_device)
SRV:
64bit: - [2009/07/09 19:48:28 | 000,033,448 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV:
64bit: - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:
64bit: - [2008/07/18 08:42:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/06/05 18:17:00 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013/04/30 18:45:18 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/09/28 18:13:24 | 000,791,360 | ---- | M] (Interactive Brands Inc.) [Auto | Running] -- C:\Program Files (x86)\PDF Suite 2010\ConversionService.exe -- (PDF Suite 2010 Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 16:42:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/08/11 23:25:12 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/07/09 19:48:28 | 000,033,448 | ---- | M] () [Disabled | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV - [2009/05/21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009/04/17 10:17:02 | 000,636,144 | ---- | M] (SoftThinks) [Disabled | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/04/13 09:48:10 | 000,189,680 | ---- | M] (SingleClick Systems) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/03 19:15:32 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/02/25 12:38:12 | 000,595,184 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysWOW64\dldtcoms.exe -- (dldt_device)
SRV - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/06/05 18:17:03 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:
64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:
64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2009/02/23 05:47:04 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:
64bit: - [2008/07/21 07:18:30 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys -- (RtNdPt60)
DRV:
64bit: - [2008/07/15 08:14:10 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:
64bit: - [2008/07/10 07:28:50 | 000,170,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/06/18 17:48:54 | 000,029,184 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\packet.sys -- (Packet)
DRV:
64bit: - [2008/01/20 22:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:
64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2007/04/03 10:30:14 | 001,418,112 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Ph3xIB64.sys -- (Ph3xIB64)
DRV:
64bit: - [2006/11/02 03:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" =
http://search.mywebs...r={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://xfinity.comca...insDate11132012IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {E65EABE4-E694-4222-8333-E9ABBE5AB189}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" =
http://search.comcas...q={searchTerms}IE - HKCU\..\SearchScopes\{1DC242E9-1AB7-4413-8EE9-8A0005BCEC7C}: "URL" =
http://search.avg.co...}&iy=b&ychte=usIE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" =
http://search.alot.c...n=2.5.15000.521IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...1I7ADFA_enUS361IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.c...sa&d=2013-06-05 18:46:55&v=15.2.0.5&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" =
http://search.mywebs...r={searchTerms}IE - HKCU\..\SearchScopes\{B2CF385E-4E62-4BDA-A734-DBE9B5C2EB30}: "URL" =
http://search.condui...q={searchTerms}IE - HKCU\..\SearchScopes\{C34CE811-7235-4423-B317-2940DF564B8E}: "URL" =
http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKCU\..\SearchScopes\{E65EABE4-E694-4222-8333-E9ABBE5AB189}: "URL" =
http://search.condui...3829527319&UM=2IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: C:\Program Files (x86)\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\dianne\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\dianne\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2011/02/27 23:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dianne\AppData\Roaming\Mozilla\Extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\dianne\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: EpicPlay NPAPI Display Host (Enabled) = C:\Program Files (x86)\EpicPlay\npEpicHost.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\dianne\AppData\Local\Roblox\Versions\version-09a201d8e5f247c7\\NPRobloxProxy.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Skype Click to Call = C:\Users\dianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\
CHR - Extension: Skype Click to Call = C:\Users\dianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\
O1 - HOSTS file present but inaccessible!
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PDF Suite Helper) - {1AD61D5B-58A3-4592-9B34-DC84688FF805} - C:\Program Files (x86)\PDF Suite 2010\PDFIEHelper.dll (Interactive Brands Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PDF Suite Toolbar) - {261F6A8B-7AAF-4BF5-8552-6610F4D67819} - C:\Program Files (x86)\PDF Suite 2010\PDFIEPlugin.dll (Interactive Brands Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe (AVG Secure Search)
O4 - HKCU..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe (PC Utilities Pro)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:
64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9592D7CB-CDCE-4358-BC20-5FC63CC64C0D}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\1600x1200_blue.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\1600x1200_blue.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/03 12:46:04 | 000,000,101 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 90 Days ========== [2013/06/12 03:01:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/06/12 03:01:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/06/12 03:01:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/12 03:01:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/06/12 03:01:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/06/12 03:01:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/06/12 03:01:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/06/12 03:01:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/06/12 03:01:07 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/06/12 03:01:07 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/06/12 03:01:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/06/12 03:01:06 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/06/12 03:01:06 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/06/12 03:01:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/06/12 03:01:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/06/12 02:40:20 | 001,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/06/12 02:40:20 | 001,078,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/06/12 02:40:20 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/06/12 02:40:19 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/06/12 02:40:19 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/06/12 02:40:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/06/12 02:40:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/06/12 02:40:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/06/12 02:40:06 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/06/12 02:40:06 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/06/12 02:40:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printcom.dll
[2013/06/08 15:03:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/06/07 21:29:50 | 000,000,000 | ---D | C] -- C:\MyPoppy9426M
[2013/06/07 21:04:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/07 16:26:34 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/06/07 16:26:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/06/07 16:26:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/06/07 12:14:27 | 000,000,000 | ---D | C] -- C:\MyPoppy
[2013/06/06 21:08:17 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/06/06 17:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/06/05 22:08:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/06/05 22:08:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/06/05 22:08:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/06/05 21:52:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/05 21:51:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/06/05 21:49:04 | 005,078,746 | R--- | C] (Swearware) -- C:\Users\dianne\Desktop\MyPoppy.exe
[2013/06/05 18:48:48 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\AVG2013
[2013/06/05 18:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013/06/05 18:43:57 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/06/05 18:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/06/05 18:38:00 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\Avg2013
[2013/06/05 18:23:08 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\AVG Secure Search
[2013/06/05 18:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roblox
[2013/05/31 11:36:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/05/27 04:20:49 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\Tuguu SL
[2013/05/25 03:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013/05/25 03:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013/05/25 03:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vafmusic2
[2013/05/25 03:23:17 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\Uniblue
[2013/05/25 03:23:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013/05/25 03:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SingAlong
[2013/05/25 03:22:45 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\DownloadTerms
[2013/05/23 04:34:59 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\Systweak
[2013/05/22 22:46:18 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\IAC
[2013/05/15 02:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
[2013/05/15 02:31:11 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\ShopAtHome
[2013/05/05 18:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/05/05 18:06:21 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/05/05 18:06:06 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/05/05 16:33:29 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\Malwarebytes
[2013/05/05 16:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/05/05 16:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/05/05 16:33:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/05/05 16:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/05/04 23:06:09 | 000,000,000 | ---D | C] -- C:\FRST
[2013/05/04 18:45:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\dianne\Desktop\OTL.exe
[2013/04/30 18:14:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/04/30 17:50:23 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/04/30 08:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupon Savings
[2013/04/19 12:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_New
[2013/04/19 12:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Pro
[2013/04/19 12:35:20 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\Driver Pro
[2013/04/19 12:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Pro
[2013/04/19 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Local\CRE
[2013/04/19 12:34:43 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013/04/19 12:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/04/19 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\dianne\AppData\Roaming\player
[2013/04/19 12:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2013/04/19 12:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2013/04/16 16:38:46 | 000,049,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\circbogd.sys
[2013/04/09 20:28:44 | 004,691,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/04/09 20:28:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/04/09 20:28:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/04/09 20:28:40 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/04/09 20:28:37 | 002,425,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/04/09 20:28:37 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/03/20 16:41:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2009/08/19 09:41:49 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\dianne\AppData\Roaming\DataSafeDotNet.exe
========== Files - Modified Within 90 Days ========== [2013/06/12 07:32:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1424625615-964005803-1290662544-1000UA.job
[2013/06/12 07:31:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/12 07:31:41 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013/06/12 07:23:32 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 07:23:32 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/12 07:22:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/12 06:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/12 03:22:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/11 18:44:17 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1424625615-964005803-1290662544-1000Core.job
[2013/06/11 18:14:09 | 000,377,856 | ---- | M] () -- C:\Users\dianne\Desktop\zu0omelh.exe
[2013/06/08 18:45:30 | 000,000,632 | RHS- | M] () -- C:\Users\dianne\ntuser.pol
[2013/06/08 15:01:55 | 635,361,307 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/07 21:16:06 | 000,272,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/07 21:10:26 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/06/07 12:13:03 | 005,078,746 | R--- | M] (Swearware) -- C:\Users\dianne\Desktop\MyPoppy.exe
[2013/06/06 17:43:19 | 000,001,810 | ---- | M] () -- C:\Users\dianne\Desktop\Microsoft Security Essentials.lnk
[2013/06/06 17:36:22 | 000,002,090 | ---- | M] () -- C:\Users\dianne\Desktop\Google Chrome.lnk
[2013/06/05 18:17:03 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/16 23:09:56 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/05/16 23:01:13 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/05/16 23:00:22 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/05/16 22:56:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/05/16 22:56:00 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/05/16 22:55:59 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/05/16 22:54:09 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/05/16 22:51:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/05/16 22:46:31 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/05/16 18:27:30 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/05/16 18:26:07 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/05/16 18:21:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/05/16 18:21:34 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/05/16 18:17:21 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/05/16 18:12:55 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/05/05 18:05:34 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/05/05 18:05:24 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/05/05 18:05:23 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/05/05 18:05:22 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/05/05 18:05:20 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/05/05 18:05:20 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/05/05 17:53:09 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/05 16:33:22 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/05 16:16:20 | 000,004,700 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/05 16:09:46 | 000,759,750 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/05 16:09:46 | 000,642,736 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/05 16:09:46 | 000,119,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/04 18:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dianne\Desktop\OTL.exe
[2013/05/02 00:16:27 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/05/02 00:04:25 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/05/02 00:03:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\printcom.dll
[2013/04/30 18:45:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/04/30 18:45:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/04/24 00:09:48 | 001,269,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/04/24 00:09:48 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/04/24 00:09:41 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/04/24 00:00:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/04/23 22:10:00 | 001,078,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/04/23 21:46:29 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/04/21 03:14:36 | 000,754,664 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/19 12:35:26 | 000,000,867 | ---- | M] () -- C:\Users\dianne\Desktop\Driver Pro.lnk
[2013/04/19 12:28:06 | 000,000,903 | ---- | M] () -- C:\Users\dianne\Desktop\Optimizer Pro.lnk
[2013/04/17 09:04:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/04/17 08:30:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/04/16 16:38:46 | 000,049,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\circbogd.sys
[2013/04/12 23:34:30 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ========== [2013/06/11 18:14:06 | 000,377,856 | ---- | C] () -- C:\Users\dianne\Desktop\zu0omelh.exe
[2013/06/08 15:01:55 | 635,361,307 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/06/07 21:15:46 | 000,272,616 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/06 17:43:19 | 000,001,810 | ---- | C] () -- C:\Users\dianne\Desktop\Microsoft Security Essentials.lnk
[2013/06/05 22:08:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/05 22:08:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/05 22:08:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/05 22:08:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/05 22:08:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/05 16:33:22 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/05 16:16:05 | 000,004,700 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/04/19 12:35:26 | 000,000,867 | ---- | C] () -- C:\Users\dianne\Desktop\Driver Pro.lnk
[2013/04/19 12:28:06 | 000,000,903 | ---- | C] () -- C:\Users\dianne\Desktop\Optimizer Pro.lnk
[2011/12/04 14:19:52 | 000,000,632 | RHS- | C] () -- C:\Users\dianne\ntuser.pol
[2011/10/28 11:58:25 | 000,754,664 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/25 18:01:22 | 002,052,096 | ---- | C] () -- C:\Users\dianne\s-1-5-21-1424625615-964005803-1290662544-1000.rrr
[2010/07/25 16:25:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/04 20:39:28 | 000,005,632 | ---- | C] () -- C:\Users\dianne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/14 20:58:57 | 000,007,728 | ---- | C] () -- C:\Users\dianne\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ========== [2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
========== Custom Scans ========== < MD5 for: NTOSKRNL.EXE >[2009/04/24 23:26:03 | 004,413,704 | ---- | M] (Microsoft Corporation) MD5=00B97773349204592B772FCE3035E99C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20940_none_c6c71f658897fc89\ntoskrnl.exe
[2009/08/05 10:12:46 | 004,682,824 | ---- | M] (Microsoft Corporation) MD5=0170600F2A613CE3E8CC2B66A6DC7885 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[2009/08/05 10:56:15 | 004,691,016 | ---- | M] (Microsoft Corporation) MD5=043EB4B7C74C189E06584411B2C9EB8F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[2010/06/08 14:10:22 | 004,688,256 | ---- | M] (Microsoft Corporation) MD5=04C706018E9F0A2C835A427A8AB6EBA1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[2009/08/05 10:09:23 | 004,693,576 | ---- | M] (Microsoft Corporation) MD5=0DD0FCFB9609403352FF75656826E82F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[2013/03/11 09:33:42 | 004,678,504 | ---- | M] (Microsoft Corporation) MD5=1873B95FCEAA40EC9CADF2C1BB61ABF2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_ca794b2382f7e81c\ntoskrnl.exe
[2012/08/29 07:40:01 | 004,699,520 | ---- | M] (Microsoft Corporation) MD5=1A14913D51571403CF8A3941BDC3BA67 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
[2009/04/11 03:15:36 | 004,699,608 | ---- | M] (Microsoft Corporation) MD5=1B60CCC70788044404EEFBBB389FC111 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[2013/03/11 09:33:42 | 004,691,304 | ---- | M] (Microsoft Corporation) MD5=1F8B1075A863117A35EE94436E2962E7 -- C:\Windows\erdnt\cache64\ntoskrnl.exe
[2013/03/11 09:33:42 | 004,691,304 | ---- | M] (Microsoft Corporation) MD5=1F8B1075A863117A35EE94436E2962E7 -- C:\Windows\SysNative\ntoskrnl.exe
[2013/03/11 09:33:42 | 004,691,304 | ---- | M] (Microsoft Corporation) MD5=1F8B1075A863117A35EE94436E2962E7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_ca3a856069a23822\ntoskrnl.exe
[2009/04/24 23:32:04 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=247A2AAF7E5189716192EE19EC6EC6FB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[2010/10/15 10:02:22 | 004,689,808 | ---- | M] (Microsoft Corporation) MD5=255A6D981139EFEF605A88E003D1B2A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[2009/04/24 23:32:04 | 004,429,368 | ---- | M] (Microsoft Corporation) MD5=2A87B3D380E3800BF247D82E58F0FCBA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[2010/06/08 13:18:30 | 004,675,976 | ---- | M] (Microsoft Corporation) MD5=31F137EEB5121654A9448904D89209A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[2012/08/29 07:40:01 | 004,686,208 | ---- | M] (Microsoft Corporation) MD5=34C970A45CCC0D65A4A0F8D306E12844 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
[2010/10/15 10:02:22 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=3A22B135BC4341025E19B9ADFB26C02A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[2010/10/15 10:02:22 | 004,699,024 | ---- | M] (Microsoft Corporation) MD5=4065E920FB6ED05B5F62A1FB6908C6C5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[2010/02/18 11:01:52 | 004,690,832 | ---- | M] (Microsoft Corporation) MD5=413D579C2CDEF19CD842F4DF4A90C4ED -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[2009/12/08 17:05:14 | 004,412,504 | ---- | M] (Microsoft Corporation) MD5=46B167601033C2DB4E1A727569A8CA31 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[2009/07/21 11:52:38 | 004,691,032 | ---- | M] (Microsoft Corporation) MD5=4F9F4E0AEDF19C4C3E3AF8D981663996 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18295_none_c7f2b3166cc4f818\ntoskrnl.exe
[2009/12/08 17:09:06 | 004,425,304 | ---- | M] (Microsoft Corporation) MD5=5183EBE8114DA62A532E275CFB3729CC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[2009/04/24 23:32:04 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=5E31190EF331709EAB9FB66C3683540B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[2009/08/05 11:14:15 | 004,412,488 | ---- | M] (Microsoft Corporation) MD5=5E99FFD02816FF54247294C7C9C003B9 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[2009/08/12 02:51:47 | 004,691,424 | ---- | M] (Microsoft Corporation) MD5=65252FED486E5BF1E384CA65C16148C7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[2008/01/20 22:49:27 | 004,694,072 | ---- | M] (Microsoft Corporation) MD5=6760643D6400CA78640E9DD3824115B1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[2009/12/08 17:13:24 | 004,678,232 | ---- | M] (Microsoft Corporation) MD5=6DC7FC9EB17EF1CB809AED351DE91DB9 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[2009/04/24 23:31:35 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=6DEA6827709FC6F047580111651DFF02 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[2012/04/03 04:22:15 | 004,699,520 | ---- | M] (Microsoft Corporation) MD5=7180984A68411B9D2F2495E03561B47E -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
[2010/02/18 10:28:01 | 004,697,992 | ---- | M] (Microsoft Corporation) MD5=72FD908E7D1F176C00F1EF8F3D1445B0 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[2010/10/15 10:02:22 | 004,692,368 | ---- | M] (Microsoft Corporation) MD5=760A67A51D409EB396D1942D5555435C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[2010/06/08 14:00:36 | 004,697,992 | ---- | M] (Microsoft Corporation) MD5=825926D6AD714A529F4069D9EBBD1D3B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[2013/01/05 01:37:50 | 004,695,400 | ---- | M] (Microsoft Corporation) MD5=8A3AB79510C3384BF14D1731DD1ED963 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_c9f9a3f269d2e2a1\ntoskrnl.exe
[2009/08/12 02:51:49 | 004,427,232 | ---- | M] (Microsoft Corporation) MD5=8B3095B00E832ABFC7047A04E681CCDE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[2010/02/18 11:05:21 | 004,424,072 | ---- | M] (Microsoft Corporation) MD5=8E3658ABC4A2053DBEA37C84E416DEB5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[2009/08/04 08:47:29 | 004,698,168 | ---- | M] (Microsoft Corporation) MD5=8E43DA6C8040C68446AA4B5D84C8127A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[2009/12/08 16:22:09 | 004,698,184 | ---- | M] (Microsoft Corporation) MD5=9668520760E72E1B1B9EDFB7BFB6A691 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[2012/03/06 02:44:22 | 004,699,520 | ---- | M] (Microsoft Corporation) MD5=98581CA6B029D491F60E32A045BC4FF1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_c9d9306269eb3c26\ntoskrnl.exe
[2009/04/24 23:31:35 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=A1DC0EFF401FE35688F1046F10BEE5BF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[2011/06/20 04:45:17 | 004,699,536 | ---- | M] (Microsoft Corporation) MD5=A26DE9288D67E4EAC2D1205043AFD430 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
[2009/04/24 23:26:03 | 004,692,232 | ---- | M] (Microsoft Corporation) MD5=A541C4EB6704F0276882631A87A3F22F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22291_none_c8784cd385e6355f\ntoskrnl.exe
[2009/07/22 15:55:02 | 004,698,696 | ---- | M] (Microsoft Corporation) MD5=AC1AE1A7F7771A64FD4ACDC5D08334A6 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18075_none_c9eec6bc69db1281\ntoskrnl.exe
[2010/02/18 10:22:01 | 004,690,304 | ---- | M] (Microsoft Corporation) MD5=AE0C10C55347383C0CD6CFF3F4794FD7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[2010/02/18 11:10:08 | 004,411,272 | ---- | M] (Microsoft Corporation) MD5=AF706D838B59A6C30D8B46C5C2D9D2FD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[2013/01/22 09:12:35 | 004,681,592 | ---- | M] (Microsoft Corporation) MD5=B1266A731C2326EBE8E01F46F18728AC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_caae5a7582d04310\ntoskrnl.exe
[2012/03/06 02:44:22 | 004,687,744 | ---- | M] (Microsoft Corporation) MD5=B448C24F801DC79661E30DBC8E739DB2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_cab54f3182cb915a\ntoskrnl.exe
[2012/04/03 04:22:16 | 004,687,232 | ---- | M] (Microsoft Corporation) MD5=B59E026F49BF06B435795F867AD46009 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
[2010/02/18 11:04:01 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=C0EC74895F90E5E788061C7F305F57D1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[2009/08/05 11:07:10 | 004,425,288 | ---- | M] (Microsoft Corporation) MD5=C53B06CB817845873A3D32C1BAD33727 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[2009/12/08 16:05:33 | 004,691,528 | ---- | M] (Microsoft Corporation) MD5=CBA7366E93C4DCAA62005A177EEC2FCE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[2009/08/12 02:51:49 | 004,413,936 | ---- | M] (Microsoft Corporation) MD5=CC172711FF2FCE0673321A951B02C379 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[2010/06/08 13:47:14 | 004,690,832 | ---- | M] (Microsoft Corporation) MD5=CCCD9EE56C92778385A3E715DC3D5ABF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[2011/06/20 04:45:17 | 004,688,784 | ---- | M] (Microsoft Corporation) MD5=D14B8C4AB6C05B89D430D3911FE2833B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
[2009/04/24 23:27:40 | 004,692,232 | ---- | M] (Microsoft Corporation) MD5=D626D71E63BC5F22DBA5050C5A2A4E6D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22318_none_c8d5d01f859f045f\ntoskrnl.exe
[2009/07/23 15:54:41 | 004,693,560 | ---- | M] (Microsoft Corporation) MD5=D8BB403D63BA0A113E9A4F8E3BF81F8B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22183_none_ca6b930783029b8e\ntoskrnl.exe
[2009/12/08 16:59:29 | 004,691,032 | ---- | M] (Microsoft Corporation) MD5=E50C900C7F479886F26FA60ADBEE5852 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[2009/08/12 02:51:47 | 004,692,448 | ---- | M] (Microsoft Corporation) MD5=ED97E8551F0B1844250ED1B07393B10D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[2009/04/24 23:32:04 | 004,416,056 | ---- | M] (Microsoft Corporation) MD5=EFAAC7A874B65DF3F26B5092291D4859 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[2009/07/23 15:48:10 | 004,682,840 | ---- | M] (Microsoft Corporation) MD5=FDA61279138FDC0CEF095F80EC3CB828 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22478_none_c894f27d85cfa92c\ntoskrnl.exe
========== Alternate Data Streams ========== @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >
This topic is locked
icon
Sign In
Create Account
