My computer (Toshiba Satellite Series A665 with Windows 7)is running slowly or not responding at all. It freezes and all sorts of things pop up unexpectedly, or do not pop up at all when I need them to. I ran McAfee scan, and it would not complete. I then turned McAfee off and
used Microsoft Security Essentials and the result of that scan was the Severe Trojan Downloader:ASX/Wimad.CN . Microsoft says
that it has removed the Trojan Downloader, but the computer still seems to be doing the same things. I have wireless
access to the internet, but it is very slow or non responsive. I also used Spyware Doctor which I downloaded from
geekstogo. It found a variety of different problems, but unfortunately I can't open the results to look at them.
The results of the scan are below, followed by the OTL information from scanning. There was one file named OTL and a second named
EXTRAS.
Would very much appreciate help with this as soon as possible. I am in no way a techie, so small words simply written.
would be best!
Kristie
(recondite)
Category: Trojan Downloader
Description: This program is dangerous and downloads other programs.
Recommended action: Remove this software immediately.
Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.
Items:
containerfile:C:\Users\kristie\AppData\Local\Microsoft\Windows\Burn\Burn\Judy Moody and the Not Bummer Summer 2011 DvDrip Eng aXXo.avi
file:C:\Users\kristie\AppData\Local\Microsoft\Windows\Burn\Burn\Judy Moody and the Not Bummer Summer 2011 DvDrip Eng aXXo.avi->(ASF_Script_Commands)
----------------------------------------------------------------
OTL logfile created on: 7/22/2011 12:59:56 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\kristie\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 43.84% Memory free
7.60 Gb Paging File | 4.53 Gb Available in Paging File | 59.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.70 Gb Total Space | 226.79 Gb Free Space | 50.10% Space Free | Partition Type: NTFS
Computer Name: KRISTIE-PC | User Name: kristie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/22 12:58:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\kristie\Desktop\OTL.exe
PRC - [2011/07/10 13:38:12 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/05/10 16:03:16 | 001,205,760 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/03/27 13:49:31 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2011/02/08 13:21:52 | 001,114,040 | ---- | M] (MusicLab, LLC) -- C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011/01/31 10:12:44 | 000,232,896 | ---- | M] (Vuze Inc.) -- C:\Program Files (x86)\Vuze\Azureus.exe
PRC - [2010/05/01 20:55:36 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/04/01 13:52:22 | 000,252,728 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
PRC - [2010/03/03 18:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 18:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe
PRC - [2010/01/18 14:14:26 | 001,286,608 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
PRC - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
PRC - [2009/12/29 11:08:28 | 001,653,248 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
PRC - [2009/12/25 19:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2011/07/22 12:58:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\kristie\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/02/02 10:13:54 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 000,245,824 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\smum32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/07/28 14:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/07/22 20:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/06/29 15:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/06/07 19:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/07 19:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/10/21 13:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/02/27 19:10:02 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\windows\SysNative\lxdqcoms.exe -- (lxdq_device)
SRV:64bit: - [2008/02/27 19:09:54 | 000,033,960 | ---- | M] () [Auto | Running] -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxdqserv.exe -- (lxdqCATSCustConnectService)
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 18:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 18:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/06 13:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/02/27 19:09:44 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\windows\SysWow64\lxdqcoms.exe -- (lxdq_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/07/28 15:46:18 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/06/18 14:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/18 20:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/05/16 21:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®
DRV:64bit: - [2010/05/16 21:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 21:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/05/08 22:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/05/03 18:44:02 | 000,331,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/04/21 15:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/10 22:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/05 09:25:38 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/02/05 09:17:56 | 000,306,648 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/02/02 10:13:54 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2010/02/02 10:13:54 | 000,060,416 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/02/02 10:13:54 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/01/15 16:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/09 22:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/23 16:10:04 | 000,218,056 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/31 01:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 19:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 20:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 14:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 21:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 23:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - File not found
IE - HKCU\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\kristie\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/07 08:54:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/07 08:54:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011/02/04 10:39:34 | 000,000,000 | ---D | M]
[2011/03/29 16:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kristie\AppData\Roaming\Mozilla\Extensions
[2011/07/10 13:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kristie\AppData\Roaming\Mozilla\Firefox\extensions
[2011/07/10 13:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kristie\AppData\Roaming\Mozilla\Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110711121928.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files (x86)\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (Facetheme) - {66D8FBA6-D90F-40A9-AC55-84896F79CA69} - File not found
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110711121929.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (@c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll ()
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [lxdqamon] C:\Program Files (x86)\Lexmark Z2400 Series\lxdqamon.exe ()
O4:64bit: - HKLM..\Run: [lxdqmon.exe] C:\Program Files (x86)\Lexmark Z2400 Series\lxdqmon.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Millionaire%20Manor%20-%20The%20Hidden%20Object%20Show/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Master%20Thief%20-%20Skyscraper%20Sting/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\datamngr.dll (MusicLab, LLC)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\kristie\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/22 12:57:57 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\kristie\Desktop\OTL.exe
[2011/07/22 12:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/11 12:18:40 | 000,283,744 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys
[2011/07/10 13:39:50 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Roaming\eBayDesktopShortcut
[2011/07/10 13:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2011/07/10 13:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2011/07/10 13:38:45 | 000,000,000 | ---D | C] -- C:\Users\kristie\Documents\My RoboForm Data
[2011/07/10 13:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2011/07/10 13:33:39 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Local\Proxure
[2011/07/10 13:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk
[2011/07/09 18:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/07/09 18:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/07/09 18:26:58 | 000,000,000 | ---D | C] -- C:\e01b36fa460251cdde
[2011/07/06 17:11:27 | 000,065,072 | --S- | C] (PC Tools) -- C:\windows\SysNative\drivers\TfFsMon.sys
[2011/07/06 17:11:27 | 000,060,416 | --S- | C] (PC Tools) -- C:\windows\SysNative\drivers\TfSysMon.sys
[2011/07/06 17:11:27 | 000,041,888 | --S- | C] (PC Tools) -- C:\windows\SysNative\drivers\TfNetMon.sys
[2011/07/06 17:08:40 | 000,306,648 | ---- | C] (PC Tools) -- C:\windows\SysNative\drivers\pctgntdi64.sys
[2011/07/06 17:08:40 | 000,133,072 | ---- | C] (PC Tools) -- C:\windows\SysNative\drivers\pctwfpfilter64.sys
[2011/07/06 17:08:12 | 000,218,056 | ---- | C] (PC Tools) -- C:\windows\SysNative\drivers\PCTCore64.sys
[2011/07/06 17:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Doctor
[2011/07/06 17:08:06 | 000,092,896 | ---- | C] (PC Tools) -- C:\windows\SysNative\drivers\pctplsg64.sys
[2011/07/06 17:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2011/07/06 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Roaming\PC Tools
[2011/07/06 17:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/07/06 17:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/07/06 17:06:41 | 000,000,000 | ---D | C] -- C:\Users\kristie\Desktop\Downloads
[2011/07/06 17:06:03 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Roaming\GetRightToGo
[2011/07/02 22:11:28 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Roaming\DailyMagic
[2011/06/27 21:31:33 | 000,000,000 | ---D | C] -- C:\Users\kristie\AppData\Roaming\Specialbit
[2011/06/26 15:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grim Facade - Mystery of Venice Collectors Edition
[2011/05/17 15:45:43 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqinpa.dll
[2011/05/17 15:45:43 | 000,339,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqiesc.dll
[2011/05/17 15:45:42 | 000,647,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqpmui.dll
[2011/05/17 15:45:40 | 001,101,824 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqserv.dll
[2011/05/17 15:45:40 | 000,843,776 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqusb1.dll
[2011/05/17 15:45:40 | 000,053,248 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqprox.dll
[2011/05/17 15:45:39 | 000,663,552 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqhbn3.dll
[2011/05/17 15:45:39 | 000,594,600 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqcoms.exe
[2011/05/17 15:45:39 | 000,569,344 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqlmpm.dll
[2011/05/17 15:45:39 | 000,320,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqih.exe
[2011/05/17 15:45:38 | 000,851,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqcomc.dll
[2011/05/17 15:45:38 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqcomm.dll
[2011/05/17 15:45:37 | 000,365,224 | ---- | C] ( ) -- C:\windows\SysWow64\lxdqcfg.exe
[2011/02/22 10:52:05 | 000,069,750 | ---- | C] (MyWebSearch.com) -- C:\Users\kristie\AppData\Local\My Web Search Installer.exe
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/22 13:14:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/22 12:58:11 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\kristie\Desktop\OTL.exe
[2011/07/22 12:48:11 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\McAfee VirusScan.lnk
[2011/07/22 12:43:01 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/22 12:42:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/07/20 13:55:22 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 13:55:22 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 13:45:04 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/11 13:00:16 | 000,744,220 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/07/11 13:00:16 | 000,635,490 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/07/11 13:00:16 | 000,111,734 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/07/10 19:27:20 | 000,001,047 | ---- | M] () -- C:\Users\kristie\Desktop\Cruzer - Shortcut.lnk
[2011/07/10 14:23:26 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/07/10 13:45:32 | 000,001,264 | ---- | M] () -- C:\Users\kristie\Desktop\GoToMyPC Offer.lnk
[2011/07/10 13:39:50 | 000,000,206 | ---- | M] () -- C:\Users\kristie\Desktop\eBay.url
[2011/07/09 19:00:32 | 000,002,154 | ---- | M] () -- C:\windows\epplauncher.mif
[2011/07/09 18:59:57 | 000,758,066 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/07/06 17:08:10 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/07/04 03:17:17 | 000,274,320 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/07/02 22:06:58 | 439,442,820 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/06/26 15:33:22 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/11 12:59:20 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\McAfee VirusScan.lnk
[2011/07/10 19:27:20 | 000,001,047 | ---- | C] () -- C:\Users\kristie\Desktop\Cruzer - Shortcut.lnk
[2011/07/10 14:23:26 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/07/10 13:45:32 | 000,001,264 | ---- | C] () -- C:\Users\kristie\Desktop\GoToMyPC Offer.lnk
[2011/07/10 13:39:50 | 000,000,206 | ---- | C] () -- C:\Users\kristie\Desktop\eBay.url
[2011/07/09 19:00:32 | 000,002,154 | ---- | C] () -- C:\windows\epplauncher.mif
[2011/07/09 18:59:48 | 000,001,908 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/07/06 17:08:40 | 000,007,357 | ---- | C] () -- C:\windows\SysNative\drivers\pctgntdi64.cat
[2011/07/06 17:08:12 | 000,007,353 | ---- | C] () -- C:\windows\SysNative\drivers\pctcore64.cat
[2011/07/06 17:08:10 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/07/06 17:08:06 | 000,007,353 | ---- | C] () -- C:\windows\SysNative\drivers\pctplsg64.cat
[2011/06/26 15:33:22 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2011/05/17 15:45:44 | 000,348,160 | ---- | C] () -- C:\windows\SysWow64\LXDQinst.dll
[2011/05/17 15:45:44 | 000,335,872 | ---- | C] () -- C:\windows\SysWow64\lxdqcomx.dll
[2011/05/16 19:03:59 | 000,018,944 | ---- | C] () -- C:\Users\kristie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 17:35:24 | 000,000,095 | ---- | C] () -- C:\Users\kristie\AppData\Local\fusioncache.dat
[2011/01/31 17:12:18 | 000,758,066 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/04/21 15:14:54 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2010/04/21 15:14:52 | 000,870,560 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2010/04/21 15:14:52 | 000,104,636 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2010/04/21 14:22:50 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2010/04/21 14:22:50 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2009/04/28 08:37:00 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll
========== LOP Check ==========
[2011/02/06 18:02:09 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Alawar
[2011/05/04 09:39:59 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Alawar Entertainment
[2011/06/11 22:06:48 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Artogon
[2011/07/22 13:31:53 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Azureus
[2011/02/03 15:13:12 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Big Fish Games
[2011/02/06 16:48:57 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Boomzap
[2011/05/04 20:37:40 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Camel101
[2011/02/01 23:21:53 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\ChaYoWo Games
[2011/07/02 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\DailyMagic
[2011/06/12 19:59:28 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\DragonsEye Studios
[2011/02/21 18:05:04 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Dying for Daylight
[2011/02/21 18:05:32 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Dying for Daylight Shared
[2011/07/10 13:39:50 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\eBayDesktopShortcut
[2011/02/01 16:36:16 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\ERS G-Studio
[2011/06/29 17:33:47 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\ERS Game Studios
[2011/02/06 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\FlyWheelGames
[2011/02/04 12:14:30 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\FreeFileOpener
[2011/02/16 20:59:35 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Friday's games
[2011/05/04 14:35:17 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Funlinker
[2011/06/12 19:48:06 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Funswitch
[2011/02/26 12:57:47 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\GameMill Entertainment
[2011/05/04 20:37:35 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\GarageGames
[2011/07/06 17:20:39 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\GetRightToGo
[2011/02/01 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Ghost Ship Studios
[2011/03/04 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Gogii
[2011/02/26 13:20:58 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\HdO Adventure
[2011/02/04 11:30:24 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\IsolatedStorage
[2011/01/30 18:31:36 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\MA2
[2011/02/22 17:38:16 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\MasterThief
[2011/06/11 21:45:23 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\MumboJumbo
[2011/05/16 19:03:04 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\MusicNet
[2011/03/07 21:03:19 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\My Games
[2011/06/11 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Orneon
[2011/01/31 22:32:02 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Phantasmat_bf_ce1
[2011/01/31 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\PlayFirst
[2011/03/27 15:24:00 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Raptr
[2011/05/21 03:16:08 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\SoftGrid Client
[2011/06/27 21:31:33 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Specialbit
[2011/02/16 20:44:57 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\SpinTop
[2011/06/13 19:51:06 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Teyon
[2011/03/02 20:06:36 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Tific
[2011/01/30 18:43:29 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\TikisLab
[2011/03/03 20:43:19 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Toshiba
[2011/05/20 09:51:40 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\TP
[2011/01/31 22:02:56 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Vast Studios
[2011/02/12 16:02:54 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Virtual Prophecy
[2011/02/04 10:40:16 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\WeatherBug
[2011/01/28 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\WinBatch
[2011/05/06 10:02:02 | 000,000,000 | ---D | M] -- C:\Users\kristie\AppData\Roaming\Windows Live Writer
[2009/07/14 01:08:49 | 000,020,924 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:F5B51004
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:A819A132
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:B190BE3A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:ED2D63E4
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:13019F4B
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:C60C6342
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:2CC32B31
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:CA23BCFD
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C76CFF82
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:708E3F13
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:689AB7E9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:587F3582
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0FE0A03C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DD7D9B9F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:A5241382
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:51E66512
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:22AF5FED
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:6F0B6A5A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:BE6B5FC3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AA0017FD
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:3CAE2A70
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:53B8C5D2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:59465B40
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E894A3ED
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:927EC486
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:86B7FDDB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A6D6E537
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A4E7D25F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:BE40C8A2
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A6D89509
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:63C29481
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DB2748F7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C4A88D6B
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8BE7A048
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:774A0E14
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:198EE5DE
< End of report >
OTL Extras logfile created on: 7/22/2011 12:59:56 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\kristie\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 43.84% Memory free
7.60 Gb Paging File | 4.53 Gb Available in Paging File | 59.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.70 Gb Total Space | 226.79 Gb Free Space | 50.10% Space Free | Partition Type: NTFS
Computer Name: KRISTIE-PC | User Name: kristie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Lexmark Z2400 Series" = Lexmark Z2400 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3D97C9-407D-4296-AD36-A5289AB8853D}" = GoToMyPC Offer
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F018A9E-56DE-4A79-A5EF-25F413F1D538}" = WeatherBug
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9FE59F0-5BFA-4FDF-84C6-F45457715379}" = InstallIQ Updater
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B86C9440-82D7-423C-9FEC-6CB3092D1AA4}" = Bing Bar Platform
"{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}" = Toshiba Book Place
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = RoboForm 7-3-2 (All Users)
"alotToolbar" = ALOT Toolbar
"BearShare 2 MediaBar" = MediaBar
"BFGC" = Big Fish Games: Game Manager
"BFG-Midnight Mysteries - Devil on the Mississippi Collector's Edition" = Midnight Mysteries: Devil on the Mississippi Collector's Edition
"BFG-Shiver - Vanishing Hitchhiker" = Shiver: Vanishing Hitchhiker
"BFG-Shiver - Vanishing Hitchhiker Collector's Edition" = Shiver: Vanishing Hitchhiker Collector's Edition
"BFG-Tearstone" = Tearstone
"BFG-The Dark Hills of Cherai" = The Dark Hills of Cherai
"Dogpile Bundle Toolbar" = Dogpile Bundle Toolbar
"facetheme" = Facetheme
"Free File Opener_is1" = Free File Opener version 2011.6.0
"Google Chrome" = Google Chrome
"Hidden Mysteries Titanic" = Hidden Mysteries Titanic
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MightyMagoo" = Mighty Magoo
"Mission Against Terror Online_is1" = MATonline2.1.6.324
"MSC" = McAfee VirusScan
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PriceGong" = PriceGong 2.1.0
"Shop to Win 2" = Shop to Win 2
"Spyware Doctor" = Spyware Doctor 7.0
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"48e4cff94f039634" = Best Buy pc app
"NetAssistant" = Freeze.com NetAssistant
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/7/2011 2:58:06 PM | Computer Name = kristie-PC | Source = TOSHIBA Service Station | ID = 0
Description = Cannot start service TMachInfo on computer '.'.
Error - 7/7/2011 2:58:06 PM | Computer Name = kristie-PC | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service
Error - 7/8/2011 8:28:23 AM | Computer Name = kristie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7600.16800 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c4c Start
Time: 01cc3cde3c930daf Termination Time: 0 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: be4d8cf1-a95d-11e0-bdf1-1c750874d7be
Error - 7/9/2011 5:26:51 PM | Computer Name = kristie-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7600.16800 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 11d4 Start
Time: 01cc3d6a87b69bf6 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: 1a6f4094-aa72-11e0-bdf1-1c750874d7be
Error - 7/10/2011 12:41:50 AM | Computer Name = kristie-PC | Source = TOSHIBA Service Station | ID = 0
Description = The following module failed to stop processing: Alerts. Error: Operation
failed.
Error - 7/10/2011 9:08:18 AM | Computer Name = kristie-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.
Error - 7/10/2011 1:37:56 PM | Computer Name = kristie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: TFService.exe, version: 4.10.2.1, time
stamp: 0x4b6726ee Faulting module name: ntdll.dll, version: 6.1.7600.16695, time
stamp: 0x4cc7ab86 Exception code: 0xc0000264 Fault offset: 0x000a23ca Faulting process
id: 0x1808 Faulting application start time: 0x01cc3ef940f02ac4 Faulting application
path: C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe Faulting module
path: C:\windows\SysWOW64\ntdll.dll Report Id: 5844e5f3-ab1b-11e0-8a7d-1c750874d7be
Error - 7/10/2011 1:45:19 PM | Computer Name = kristie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: install.exe_McAfee Integrated Security
Platform Installer, version: 4.5.188.0, time stamp: 0x4bc8ff5c Faulting module name:
KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf Exception code:
0xc000008c Fault offset: 0x0000b727 Faulting process id: 0x1b5c Faulting application
start time: 0x01cc3f28fa794bad Faulting application path: C:\Users\kristie\AppData\Local\Temp\_498_McAfee_Internet_Security_(272)_102_OG_1280_User\User\install.exe
Faulting
module path: C:\windows\syswow64\KERNELBASE.dll Report Id: 608a74df-ab1c-11e0-8a7d-1c750874d7be
Error - 7/10/2011 7:00:01 PM | Computer Name = kristie-PC | Source = Windows Backup | ID = 4103
Description =
Error - 7/11/2011 11:40:09 AM | Computer Name = kristie-PC | Source = TOSHIBA Service Station | ID = 0
Description = The following module failed to stop processing: Software Updates.
Error: Operation failed.
[ Media Center Events ]
Error - 6/30/2011 11:32:57 AM | Computer Name = kristie-PC | Source = MCUpdate | ID = 0
Description = 11:32:57 AM - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 6/30/2011 11:33:51 AM | Computer Name = kristie-PC | Source = MCUpdate | ID = 0
Description = 11:33:51 AM - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 6/30/2011 11:35:00 AM | Computer Name = kristie-PC | Source = MCUpdate | ID = 0
Description = 11:34:39 AM - Failed to retrieve SportsV2 (Error: Unable to connect
to the remote server)
[ System Events ]
Error - 7/7/2011 10:24:40 AM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Appinfo service.
Error - 7/7/2011 10:24:40 AM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7000
Description = The Application Information service failed to start due to the following
error: %%1053
Error - 7/7/2011 10:25:10 AM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Schedule service.
Error - 7/7/2011 10:25:40 AM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the seclogon service.
Error - 7/7/2011 10:25:40 AM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7000
Description = The Secondary Logon service failed to start due to the following error:
%%1053
Error - 7/7/2011 2:58:06 PM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the TMachInfo
service to connect.
Error - 7/7/2011 3:00:38 PM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7022
Description = The McAfee Network Agent service hung on starting.
Error - 7/7/2011 3:03:45 PM | Computer Name = kristie-PC | Source = DCOM | ID = 10010
Description =
Error - 7/7/2011 3:06:37 PM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 7/7/2011 3:24:50 PM | Computer Name = kristie-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
< End of report >