Hi CompCav, Thanks for you time in helping me with my issue. A quick update on my computer. In February this year I had taken my computer to a tech to get other issues resolved. He found a virus, removed it(cant remember what it was) but also put a few programs on my computer that I did not ask for nor want. I was using Optus mobile broadband on my laptop at the time (I have since gotten cable internet) and my usage doubled and the same old problems (with some new) started occurring again. I deleted a couple of the programs he installed after finding out they were bad for back-doors. Deleted programs -itunes -bonjour(Microsoft Word) -IE8(I had IE9 when I took it too him) another program I can't seem to delete is the so called upgrade he gave me from Optus to Reliance 3G. After speaking with Optus and trying to re-install Optus program from stick, it will only install Reliance 3G!! Optus suggested something wrong and my system may being used to bounce signal from! I still use my Optus broadband on my laptop when away from the house. Should I stop using it while we work through current issues?
I re-installed IE9 and all the old things that were happening (before I took my laptop to the tech) started happening again. All of which I mentioned in my first post. You may need your patients with me as I've only been computing since November 2011. So here goes...please find all that you requested below
OTL.txt
OTL logfile created on: 26/04/2012 6:45:32 PM - Run 6
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Melinda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.86 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 69.18% Memory free
7.71 Gb Paging File | 6.33 Gb Available in Paging File | 82.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.38 Gb Total Space | 392.47 Gb Free Space | 86.76% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 1.73 Gb Free Space | 13.23% Space Free | Partition Type: NTFS
Computer Name: KGB | User Name: Melinda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - C:\Users\Melinda\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe (AVG)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\AVG\AVG PC Tuneup\madExcept_.bpl ()
MOD - C:\Program Files (x86)\AVG\AVG PC Tuneup\madBasic_.bpl ()
MOD - C:\Program Files (x86)\AVG\AVG PC Tuneup\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
========== Win32 Services (SafeList) ========== SRV:
64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:
64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:
64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vToolbarUpdater10.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:
64bit: - (mbamchameleon) -- C:\Windows\SysNative\drivers\mbamchameleon.sys ()
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:
64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:
64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:
64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:
64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:
64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation )
DRV:
64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:
64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:
64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:
64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:
64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:
64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:
64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (dfg) -- C:\Windows\SysWOW64\drivers\dfg.sys (defrag Development Team)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.jp.msn.com/CQALL/13IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:
64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://eu.ask.com/we...&l=dis&o=CPNTDFIE:
64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://au.search.yah...psg&type=CPNTDFIE:
64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia....h={searchTerms}IE:
64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.co...w={searchTerms}IE:
64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://eu.ask.com/we...&l=dis&o=CPNTDFIE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://au.search.yah...psg&type=CPNTDFIE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia....h={searchTerms}IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.co...w={searchTerms}IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com.au/IE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\..\SearchScopes,DefaultScope = {9907022F-A16F-41DD-A63A-755908A97C5E}
IE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
http://blekko.com/?s...q={searchTerms}IE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\..\SearchScopes\{9907022F-A16F-41DD-A63A-755908A97C5E}: "URL" =
http://www.google.co...age={startPage}IE - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/05 13:38:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/14 20:47:19 | 000,000,000 | ---D | M]
[2011/12/28 18:44:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/03 15:38:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/12/20 13:16:49 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
O1 HOSTS File: ([2012/03/08 23:29:07 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:
64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000..\Run: [Spy Protector] C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2138450356-3777672214-2490113955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8:
64bit: - Extra context menu item: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8:
64bit: - Extra context menu item: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8:
64bit: - Extra context menu item: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM ()
O8:
64bit: - Extra context menu item: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM ()
O8 - Extra context menu item: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O16:
64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.ma...director/sw.cab (Reg Error: Key error.)
O16:
64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bit...m/qsax/qsax.cab (BitDefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MEL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{808E4596-7271-40D6-A6BF-AD9AC7592073}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B2B64CB-6CEB-4628-B274-81517F023C55}: NameServer = 198.142.0.51 61.88.88.88
O18:
64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ========== [2012/04/26 17:55:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Melinda\Desktop\OTL.exe
[2012/04/26 09:30:24 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CCD73A2E-AE34-4A43-BBAC-1780A63F2518}
[2012/04/26 09:30:14 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{52D44C32-A3CE-40FB-B8D2-F1956147701D}
[2012/04/25 21:29:48 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{87B55922-639E-4669-86FE-00949C182A07}
[2012/04/25 21:29:38 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D3CD3D74-2810-4AAD-876C-9534985E2A76}
[2012/04/25 09:29:11 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{59C2588F-F50C-4C56-AA24-BE9BD5A8017A}
[2012/04/25 09:28:52 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{A48E0F4D-90FE-4B89-B4FB-7D9A0AD9C6A1}
[2012/04/24 20:11:11 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{25C45252-AE75-44C3-8260-E65FF92C416F}
[2012/04/24 20:10:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{3459F998-D835-413A-868F-3DE4A5BEC39C}
[2012/04/24 08:10:31 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{64B6E454-9683-473C-BE56-A40D13EA7488}
[2012/04/24 08:10:19 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DA6B4FC0-1E01-4DFD-8872-85DEA2E2B471}
[2012/04/23 20:09:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D006BE77-568D-4CC1-8689-22CA44216880}
[2012/04/23 20:09:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6ED138A0-7982-46AE-BD1C-95E6A52BC53E}
[2012/04/23 08:09:14 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{77CC18D9-1902-48D3-B3C1-8D4760B5A968}
[2012/04/23 08:09:02 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{59B7EE85-AEEC-4F44-B493-DC323E9DBA30}
[2012/04/22 09:35:25 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CA6C1451-EF07-4111-8364-036224B82EAD}
[2012/04/22 09:35:14 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D9C8C268-9BF4-4ACD-9359-76E09D70A2E9}
[2012/04/21 17:30:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Documents\Email contacts
[2012/04/21 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B503596C-C7F6-4DA7-8DD3-EFD0BCF47AC0}
[2012/04/21 17:27:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D03E3B92-1535-4080-95E3-4DC88477850C}
[2012/04/21 08:55:35 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Documents\Free meter
[2012/04/21 08:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/04/20 15:19:36 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Desktop\FreeMeter_v1.6.3
[2012/04/20 11:26:50 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Documents\Chakras and Sound
[2012/04/16 11:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reliance 3G
[2012/04/16 11:56:09 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/04/16 11:56:09 | 000,093,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/04/16 11:56:09 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/04/16 11:56:09 | 000,055,296 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2012/04/16 11:56:09 | 000,029,184 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/04/16 11:53:29 | 000,999,936 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2012/04/16 11:53:29 | 000,256,000 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012/04/16 11:53:29 | 000,121,600 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/04/16 11:53:29 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/04/16 11:53:29 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/04/16 11:50:21 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/04/14 14:34:36 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/14 14:27:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9183FB58-DB80-4D97-A2C6-16B58FF4F25E}
[2012/04/14 14:26:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2C585B9B-CF03-4A0A-B259-1914EFAD068D}
[2012/04/14 07:12:32 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F93ADE6E-7AA2-41BA-9C81-94879818B955}
[2012/04/14 07:12:20 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{32BAFF1D-CDF2-4A53-9E37-EB9853BDD1F1}
[2012/04/13 16:52:42 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{C27B40BF-36D4-4C2F-94A6-1A36D678DE90}
[2012/04/13 09:35:42 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{EC932874-B989-40A7-BED4-4B1DE83C2055}
[2012/04/12 21:35:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9C0FF176-7327-48FA-8E6F-FC141010B94B}
[2012/04/12 09:34:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{023ED782-2740-4E16-9FD6-6A50AB5981FA}
[2012/04/11 21:34:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B84CFABE-FE63-4E00-8B50-B150C1A4EAF6}
[2012/04/11 12:22:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/11 12:22:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/11 12:22:20 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/11 12:22:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/11 12:22:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/11 12:22:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/11 12:22:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/11 12:22:19 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/11 12:22:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/11 12:22:19 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/11 12:22:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/11 12:21:59 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/11 12:21:58 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/11 12:21:58 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/11 12:20:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/11 12:20:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/11 12:20:04 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/11 09:02:12 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{460D6280-D054-477C-A39B-A8CBB86EB483}
[2012/04/10 21:11:05 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[2012/04/10 21:01:48 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8A68E6A8-F334-448E-8E3E-E16517D85AC2}
[2012/04/10 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{731361E4-2C5B-48C3-9460-3A109B129811}
[2012/04/09 08:39:30 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{57F12377-02CB-4423-A39D-9D8D7FE6C116}
[2012/04/08 08:39:31 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8315E4DF-116B-4D54-A3F7-F2B3F5B0A1D5}
[2012/04/07 11:43:33 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DD5F3593-21DF-4972-A5BE-B29A75345656}
[2012/04/06 23:43:09 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{1BF43F00-A917-4DE5-9605-3E633561E93B}
[2012/04/06 09:30:20 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7A928057-42F5-4B4B-B5E9-6208DAFC3824}
[2012/04/06 01:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Playrix Entertainment
[2012/04/06 00:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2012/04/06 00:25:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPlayCity.com
[2012/04/05 20:44:30 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{A1876668-DEB4-488B-8EFD-D0ED58B073F3}
[2012/04/05 08:44:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{554470F5-1751-4E23-AB21-1FA406B970A7}
[2012/04/04 20:27:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{865E1F2E-1C44-4B07-BA25-01B23E1D818D}
[2012/04/04 08:27:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F1F4A1FC-AF26-41F6-BDE1-DD1774DCEF4C}
[2012/04/03 08:06:12 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5E254370-BBCA-4DD2-AC04-27606558E3A3}
[2012/04/02 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{FE17DFC1-6FCD-42BA-BC3E-2B6541E250A0}
[2012/04/01 22:05:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{477D73E4-7304-4378-88A3-F36F497631AE}
[2012/04/01 10:05:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{79566A73-CD0E-42BD-8123-E974F8497E00}
[2012/03/31 22:05:23 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9A4436E6-A2DA-420B-A7B8-DB7E4F549190}
[2012/03/31 10:58:20 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Video
[2012/03/31 10:04:59 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0278FCE3-3509-4AFC-BDD7-39256AB442C7}
[2012/03/30 19:49:01 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5ECB98B4-81AC-4959-BA9C-2D8F158D40EC}
[2012/03/30 07:48:34 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5DBE1C05-93F5-49FB-8BE1-150866C18F2D}
[2012/03/29 19:48:10 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0A562645-605C-491D-9FC2-5F7967D9531C}
[2012/03/29 07:47:44 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E57C3A22-C097-42F0-97BA-CA483478567D}
[2012/03/29 07:47:33 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F9D6695F-62CD-4E0B-B273-D549D70520AE}
[2012/03/28 08:28:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{FCF12662-CF50-4005-BBAD-0A50177205EB}
[2012/03/28 08:28:05 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2736B27F-6C01-4F6D-9C7B-5766335E9FF8}
[2012/03/27 18:48:46 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{AB0D8E12-7E71-46CF-A05B-E204DAB1B4BF}
[2012/03/27 18:48:35 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{63A59ECD-751A-4DE9-976D-0D724E729C87}
[2012/03/27 06:48:05 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8E07F5D0-2919-4B1B-9845-418EA586D803}
[2012/03/27 06:47:49 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{3E853C80-F0C2-4165-9B8D-7D7082DAC73B}
[2012/03/26 12:51:25 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{95991D3D-8C04-4F03-8E54-499311FBC30A}
[2012/03/26 12:51:14 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{670AE4AE-A4D9-41AE-BDCA-D1C39254CECF}
[2012/03/25 08:35:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7AD7B4DA-14C4-4556-9C56-7E05BCBEA640}
[2012/03/25 08:35:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6F1DC764-CECD-491E-A389-ADA45BBF124D}
[2012/03/24 08:13:03 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{807EFB36-9246-473A-8CD5-92E110735AA5}
[2012/03/24 08:12:46 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D4594301-CDE2-4DD5-92E6-452A569D48E9}
[2012/03/23 08:21:55 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{02A72F8E-DE69-4AC0-9991-EB7A5D269CC7}
[2012/03/23 08:21:43 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9F88E881-1673-4186-8767-AC42DEFEBAB4}
[2012/03/22 09:19:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0B51B560-5FA6-4FD6-89FB-6A9FCA84DEBA}
[2012/03/22 09:19:30 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6ECC1406-584B-4FCE-8080-F86A945B739D}
[2012/03/21 08:00:35 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DE043930-CA16-4DF8-AF05-2A28825AEC60}
[2012/03/21 08:00:24 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{3536CA53-5A22-4D1E-B840-3006B3B238CF}
[2012/03/19 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\LogMeIn Rescue Applet
[2012/03/19 07:11:30 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B20D5F31-1F18-4B5C-AFA2-A0BC08E6304D}
[2012/03/19 07:11:19 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{4FA3E691-0E43-42DB-82FC-D2572FD1C6CB}
[2012/03/18 19:02:03 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E7AFE311-44A8-4927-80B6-8171AC6C16BB}
[2012/03/18 19:01:52 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0F61602E-4714-4DDA-81E6-E7F810923507}
[2012/03/18 07:01:24 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{74312EAF-E55F-4BA1-83A7-A0B76B4B0FAD}
[2012/03/18 07:01:02 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B20485BC-6C00-4E1D-A507-D47C6CCBBBBD}
[2012/03/17 15:19:24 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\Ilivid Player
[2012/03/17 15:15:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A37818CF-E0CC-4A13-B685-605AE2F01FD2}
[2012/03/17 15:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012/03/17 15:14:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2012/03/17 09:28:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2246046E-5E0F-42F1-9A9A-D337D85BA751}
[2012/03/17 09:28:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{AED1DADD-8661-4A9A-B9DE-A0966C82BA68}
[2012/03/16 07:47:10 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7979D50A-8E34-4B08-B818-9709769785A1}
[2012/03/16 07:46:59 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{353C6033-8E1D-41F6-9D93-530D535E58B2}
[2012/03/15 08:50:15 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B334E627-DD18-4768-9F12-F0B7E0186873}
[2012/03/15 08:49:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{21C4BB98-12BE-4B85-86C8-787BEAA43049}
[2012/03/14 16:01:32 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/14 16:00:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/14 16:00:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/14 16:00:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/14 16:00:14 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/14 16:00:14 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/14 14:48:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{35677158-1BC4-4BE9-A6B6-64C23C1CB28F}
[2012/03/14 14:47:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{61953E66-496E-4393-A6DC-D678C771589C}
[2012/03/13 08:20:57 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{70BEA903-457F-4CB4-A89D-AAD8D6112125}
[2012/03/13 08:20:44 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{45765166-0B93-4B95-9224-ED65A985D98C}
[2012/03/12 11:14:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F3135FA4-532D-41F6-A83A-759D76D97B96}
[2012/03/12 11:14:06 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{603AE8D0-DFB0-4EF2-8323-AF0877561F9F}
[2012/03/11 23:13:40 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{39BD69EA-F049-4CFA-AFEB-2063162B501E}
[2012/03/11 23:13:28 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{ACE14922-4222-40A5-9E72-063CC2B92329}
[2012/03/11 11:13:02 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0477A125-CB0D-4F1B-8033-1D060CB6ED9B}
[2012/03/11 11:12:51 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{AB27C04E-FA63-4AF7-97CD-875955AD7EEF}
[2012/03/10 21:51:03 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{99CBCED4-F722-40E9-BCA5-1F4307DB030C}
[2012/03/10 21:50:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6FE46668-8E80-419D-B1E7-1BE27959F21B}
[2012/03/10 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E15C9562-311B-4445-86BF-F257960EA4E3}
[2012/03/10 09:50:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{67851101-075B-4C3A-8836-1C7A2E83EBC6}
[2012/03/10 09:49:11 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CE29D8C3-E1B6-4137-AEA9-4C90C2502084}
[2012/03/10 09:48:59 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7C10E732-DFE8-4191-BBB7-3CA21FCC8D6B}
[2012/03/09 20:54:25 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F8AA99DC-D76E-4C59-A305-7EBE201DE550}
[2012/03/09 20:54:14 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F2051F52-F829-43FD-9688-6D543624728C}
[2012/03/09 08:53:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{C402E922-BA58-474C-9A11-5497398D2ABB}
[2012/03/09 08:53:36 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F722EFDE-8244-4A62-9795-1BEABE5B2B69}
[2012/03/08 22:44:41 | 005,650,384 | ---- | C] (ZookaWare) -- C:\Users\Melinda\Desktop\RegZooka.exe
[2012/03/08 20:02:40 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{92426E5F-1124-47B0-A326-5A8730AC2AB6}
[2012/03/08 20:02:26 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{57E6E48F-CF5B-4245-949A-21B2CA120AB4}
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/08 08:01:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{257FD2D9-35E1-4D46-8E76-EA8C6671FB4A}
[2012/03/08 08:01:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D668B82E-4CEF-4346-87E0-2401AF25A883}
[2012/03/08 08:00:09 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0811BBBD-47E6-48F1-AF72-034BE9F2A316}
[2012/03/08 07:59:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6A5495FF-F8FE-470D-9B60-C2A129DAF25A}
[2012/03/07 10:39:26 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CDAF7103-32CF-42B4-965D-9BE02FAFF275}
[2012/03/07 10:39:15 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{55F7CAA0-B28D-4FE4-9CBE-6BC0CAC4C0D4}
[2012/03/06 22:38:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E3470C59-9255-4619-8F80-F6FB9E2BDEE7}
[2012/03/06 22:38:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{365B430B-863D-4DB5-A857-D3AA46A05D55}
[2012/03/06 16:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/03/06 10:38:02 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{FE666845-0C2A-4B8C-8433-77717CC80AC9}
[2012/03/06 10:37:51 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D257974D-26E3-4509-B231-4D631906D321}
[2012/03/05 17:27:15 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DD4CBA2F-0A2F-4A90-A313-844F8DDDED2D}
[2012/03/05 17:27:03 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{27B148E7-F144-4CBD-BB5A-9288CB325EBB}
[2012/03/05 13:28:25 | 000,191,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/05 13:28:25 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/05 13:28:25 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/05 13:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/05 13:18:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/05 13:12:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/05 13:12:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/05 13:12:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/05 13:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/05 09:37:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{4B6876B6-308B-40A2-847D-96D3E0E8C600}
[2012/03/04 13:42:34 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{77E2FB96-EA72-4573-A7C8-1BA89AA32086}
[2012/03/04 13:42:21 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{235D0258-4EFF-43C2-9331-9E837AE20543}
[2012/03/04 09:24:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5ECD4915-7A2A-428A-B031-9D13B34F3573}
[2012/03/03 10:14:42 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Desktop\equake3d
[2012/03/03 09:33:51 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8C6355C3-F161-414D-9E86-8102414D0A0F}
[2012/03/03 09:33:39 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{C536FD0F-EF71-42FA-964F-E65B05FABC27}
[2012/03/02 21:33:12 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{179E95D5-86DD-412A-9C83-2F47485F27C4}
[2012/03/02 21:32:59 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{B1A16406-A391-489C-9FFE-B4B963DC8EC6}
[2012/03/02 09:32:32 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E38677B8-16B8-4B65-B1E2-C61016F79045}
[2012/03/02 09:32:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{1AB1A71D-F7FF-4968-8397-58264C9E22D2}
[2012/03/01 10:10:26 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E2F6CF50-0A88-4CC3-9251-0045AA001CB5}
[2012/03/01 10:10:10 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5ED5BC0E-42FC-4BBC-94CA-4EE4B5F4220C}
[2012/02/29 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{646C1CD0-AD93-447D-A1AC-34B7550F1B04}
[2012/02/29 19:23:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8EB176D6-BF9D-48FE-86FE-965CC94E8EDC}
[2012/02/29 18:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2012/02/29 07:22:45 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7A16235F-28DA-4ED1-B5A6-B447CBC943BE}
[2012/02/29 07:22:27 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{0FDFC69C-B7E1-424A-9C15-02D71884E8D5}
[2012/02/28 10:35:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D6305987-BADE-4E41-8176-79D9CF8DAE17}
[2012/02/28 10:35:00 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{5BED19A1-A056-4B25-B521-11F38CCED2A3}
[2012/02/27 08:33:48 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6B2C0377-6EB9-42C5-B43B-5138AFD4A8DC}
[2012/02/27 08:33:35 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{4B9863F2-A5B1-45A3-BB04-9FAE8B208777}
[2012/02/26 20:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2012/02/26 20:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2012/02/26 20:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/02/26 20:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/02/26 20:55:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/02/26 14:11:18 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll0255.old
[2012/02/26 14:11:18 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll0255.old
[2012/02/26 14:01:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/26 13:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2012/02/26 13:52:46 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\blekkotb
[2012/02/26 13:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2012/02/26 13:10:17 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\PackageAware
[2012/02/26 12:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2012/02/26 12:49:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2012/02/26 11:15:00 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8A9022B6-35F2-4A14-A38E-A5171529D45E}
[2012/02/26 11:14:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{47F36EE9-811D-4B40-9A4D-7D08BC6C6ACD}
[2012/02/25 12:28:13 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8F3CA914-3EB2-46D2-96B0-F84F1DD70849}
[2012/02/25 12:28:00 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9FBD3079-0AD7-4756-AA69-AB25BAAE8969}
[2012/02/24 22:29:56 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{BD4A7EFF-55ED-46D9-A565-7200F4FC580D}
[2012/02/24 22:29:43 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{29BAA61E-873C-43DD-AEBD-4ACD7500DE70}
[2012/02/24 16:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
[2012/02/24 16:15:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free YouTube Downloader
[2012/02/24 16:06:52 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\TempDIR
[2012/02/24 08:11:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{18573A8F-A672-4253-ADF3-9863112B7F34}
[2012/02/24 08:10:52 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D8925F3F-3B25-4751-8E9F-43614E409A6E}
[2012/02/23 18:32:27 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\RegZooka
[2012/02/23 12:57:17 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{699EA9CD-22FD-469E-B13B-9DE7AB676268}
[2012/02/23 12:57:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{00B4FF27-DF7A-4BDC-9043-64332043CB6C}
[2012/02/22 12:29:07 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{6D94C375-1761-40D5-9D45-8875CA506471}
[2012/02/22 12:28:54 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{4324BA1C-0CE9-45F8-8A7B-2AA9DE54629B}
[2012/02/22 12:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/02/22 12:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/02/22 12:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/02/21 18:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ieSpell
[2012/02/21 16:19:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/02/21 16:19:10 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/02/21 16:19:10 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/02/21 16:19:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/02/21 16:19:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/02/21 16:19:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/02/21 16:19:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/02/21 16:19:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/02/21 16:19:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/02/21 16:19:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/02/21 16:19:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/02/21 16:19:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/02/21 16:19:10 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/02/21 16:19:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/02/21 16:19:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/02/21 16:19:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/02/21 16:19:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/02/21 16:19:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/02/21 16:19:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/02/21 16:19:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/02/21 16:19:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/02/21 16:19:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/02/21 16:19:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/02/21 16:19:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/02/21 16:19:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/02/21 16:19:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/02/21 16:19:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/02/21 16:19:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/02/21 16:19:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/02/21 16:19:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/02/21 16:19:08 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/02/21 16:19:08 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/02/21 16:19:08 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/02/21 16:19:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/02/21 16:19:08 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/02/21 16:19:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/02/21 16:19:08 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/02/21 16:19:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/02/21 16:19:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/02/21 16:19:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/02/21 16:19:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/02/21 16:19:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/02/21 16:19:08 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/02/21 16:19:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/02/21 16:19:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/02/21 16:19:08 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/02/21 16:19:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/02/21 16:19:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/02/21 16:19:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/02/21 16:19:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/02/21 16:19:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/02/21 16:19:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/02/21 16:19:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/02/21 16:19:07 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/02/21 16:19:07 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/02/21 16:19:07 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/02/21 16:19:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/02/21 16:19:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/02/21 16:19:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/02/21 16:19:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/02/21 16:19:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/02/21 11:36:45 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{963E04B7-D5B8-4510-A9B7-25D4DC8777C6}
[2012/02/21 11:36:33 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{FBF94B8A-0762-408C-8D20-C5D4486E5668}
[2012/02/20 12:00:44 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2F31F851-C3A9-42F6-8C02-5E534256C585}
[2012/02/20 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CC6EBAAD-E13B-4CF5-89E9-19B49C15403F}
[2012/02/20 11:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/02/19 09:11:13 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{1850DD9B-5D9E-4C59-A522-4409E50BD7ED}
[2012/02/19 09:10:34 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{C591CD94-6404-49BC-976B-A9B0D7893255}
[2012/02/18 13:36:34 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{A6110E3E-48E2-4B13-907C-29F9D0B1AC9C}
[2012/02/18 13:36:20 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{447E2B99-A8B7-43DF-9DEC-7C947FB70AD0}
[2012/02/17 11:11:26 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E38477BD-47FA-4013-AEF7-34950A36F875}
[2012/02/17 11:11:13 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{85598587-4617-44FF-9805-A2755E2E6FF3}
[2012/02/17 10:20:32 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/17 10:20:19 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/17 10:20:19 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/17 10:19:52 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/12 21:23:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegZooka
[2012/02/12 21:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegZooka
[2012/02/12 20:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup
[2012/02/12 19:59:38 | 008,351,256 | ---- | C] (AVG ) -- C:\Users\Melinda\Desktop\avg_pct_stf_all_10_27.exe
[2012/02/12 18:47:22 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CF68B384-58C8-4AF2-8F4F-B11A84844412}
[2012/02/12 18:47:10 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{CF8E12B8-CC50-4B0A-AD44-8FC2D308A089}
[2012/02/10 22:31:32 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E2D88596-B333-48BF-921C-F68017EB3E31}
[2012/02/10 22:31:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7789A5CD-2D6B-4AF3-BDDC-472E8AE0F612}
[2012/02/08 21:18:29 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{74284BDD-B4BF-4D60-8324-C6905ED65368}
[2012/02/08 21:18:17 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8CD19904-9F8E-4774-8886-52432678B33F}
[2012/02/06 18:46:48 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/02/06 15:43:38 | 000,000,000 | ---D | C] -- C:\AVGTemp
[2012/02/06 10:00:40 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{A53A4C63-DA99-4E5C-93BA-F1095D54C2BB}
[2012/02/06 10:00:27 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{9FB28661-6D2E-4A62-8837-B5FE9CA39647}
[2012/02/06 09:42:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2012/02/06 09:42:00 | 000,000,000 | ---D | C] -- C:\inetpub
[2012/02/06 09:42:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2012/02/05 18:28:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/02/05 17:50:12 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\ieSpell
[2012/02/05 16:16:42 | 001,182,616 | ---- | C] (PC Drivers HeadQuarters ) -- C:\Users\Melinda\Desktop\DriverDetective.exe
[2012/02/05 13:39:12 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\AVG2012
[2012/02/05 13:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/02/05 13:38:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/02/05 13:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/02/05 13:38:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/02/05 13:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/02/05 13:31:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/02/05 13:30:38 | 003,968,400 | ---- | C] (AVG Technologies) -- C:\Users\Melinda\Desktop\avg_isc_stb_all_2012_1913.exe
[2012/02/05 12:04:08 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2CC509FB-7652-451F-9CC0-E6DC52B67C72}
[2012/02/05 12:03:56 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{07F00172-AD37-44C8-8EC3-66460858CEB3}
[2012/02/05 12:02:57 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2C5CFAF5-B96C-49A2-B0AB-C2914151C48F}
[2012/02/05 11:52:20 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\Apple Computer
[2012/02/05 11:52:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/02/05 11:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/05 11:26:49 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\Apple
[2012/02/05 08:29:18 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{2AA6F83B-5A32-4D75-BBD0-D07B48FDF59F}
[2012/02/05 08:19:51 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{BB685AC7-E562-46D3-B51F-7C7E31E5CA6C}
[2012/02/05 08:19:28 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DA05869A-5DAF-4EE6-A0AE-2A86E76C68F7}
[2012/02/04 16:05:31 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\ZumoDrive
[2012/02/04 12:44:32 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2012/02/04 12:44:32 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01007.dll
[2012/02/04 12:43:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reliance 3G
[2012/02/04 12:26:26 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\WinRAR
[2012/02/04 11:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/02/04 11:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/02/04 10:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012/02/04 09:39:31 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/02/04 09:29:00 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/02/04 08:57:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2012/02/04 08:56:33 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/02/04 08:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
[2012/02/04 08:31:42 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/02/04 08:31:42 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\eSupport.com
[2012/02/04 08:08:42 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\Registry Mechanic
[2012/02/04 07:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/02/04 07:53:28 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Roaming\Product_RM
[2012/02/04 07:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/02/03 23:23:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/02/03 22:36:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/03 22:36:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/03 22:36:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/03 22:36:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/03 12:48:35 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/03 12:47:23 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E8022EC3-2C4A-4DD1-A428-E77A243E7118}
[2012/02/03 12:47:11 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{4B682FA8-70EC-4AE4-8A36-46E23FB99A93}
[2012/02/03 00:46:44 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DEC6C2DE-9F3B-4C0A-A0F7-49459E6819A4}
[2012/02/03 00:46:32 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{F92CF7ED-C234-4680-AF41-08A34A49A271}
[2012/02/02 15:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012/02/02 15:48:00 | 000,378,240 | ---- | C] (Neuber Software) -- C:\Users\Melinda\Desktop\SvchostAnalyzer.exe
[2012/02/02 12:18:27 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/02/02 12:17:59 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Users\Melinda\Desktop\OTM.exe
[2012/02/02 12:10:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/02 12:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/02/02 12:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/02/02 10:59:59 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{3987F8CA-3C67-4940-BA8B-A898AB9C78BB}
[2012/02/02 10:59:47 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{22662600-D07F-4C6E-84D0-2D3400403A09}
[2012/02/01 20:07:09 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\CrashDumps
[2012/02/01 12:49:03 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{735EA2DA-5973-427F-B85D-0CA79F5E3AB2}
[2012/02/01 12:48:51 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D1ED4088-6988-45C9-92F9-458FDF75FA00}
[2012/01/31 17:56:04 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{1004B6BC-F856-4EB2-964A-DC2C3537DE1D}
[2012/01/31 17:55:52 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{8567ADEC-D5FF-46B5-B915-81D6F5723D23}
[2012/01/30 21:07:48 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{3A6B55EA-FAF3-4E0C-9602-08BCE821C552}
[2012/01/30 21:07:32 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{32DD466A-A93C-4B65-B966-E34297476878}
[2012/01/30 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{17B684CF-78B4-4FD9-A3D0-0C286337F226}
[2012/01/30 09:03:15 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{465C552D-1063-44EF-97F6-1F7116034674}
[2012/01/30 09:01:13 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{E89FC909-5628-4CE1-9F79-C5D5F7BFFC47}
[2012/01/30 09:01:00 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{7E02D3BE-1A29-4A06-A14A-28355778DC22}
[2012/01/29 17:58:33 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Documents\Just add you
[2012/01/29 14:43:53 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{DD930E5E-3CFF-4FE4-9C5B-30CD58C229A8}
[2012/01/29 14:43:41 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{41A93FD7-9A8E-4AC6-A9C2-C06427E90703}
[2012/01/29 14:43:10 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{FCDD3A4A-673D-425A-B536-3FA5D2F18132}
[2012/01/29 14:42:58 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{28D69055-053F-478B-BECD-A217DD992B85}
[2012/01/29 01:37:31 | 009,888,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2012/01/29 01:37:31 | 000,339,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2012/01/29 01:29:42 | 000,439,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/01/29 01:29:29 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/01/29 01:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/01/29 01:21:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/01/29 01:16:07 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/01/29 01:16:07 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/01/29 01:16:04 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/01/29 01:16:04 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/01/29 01:16:03 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/01/29 01:16:02 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/01/29 01:16:01 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/01/29 01:16:00 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/01/29 01:16:00 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/01/29 01:16:00 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/01/29 01:16:00 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/01/29 01:16:00 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/01/29 01:16:00 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/01/29 01:16:00 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/01/29 01:16:00 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/01/29 01:16:00 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/01/29 01:15:58 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/01/29 01:15:38 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/01/29 01:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Drivers.com
[2012/01/28 20:04:34 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{81E5D732-B9E9-4409-B36E-ACEEDD3C6FE1}
[2012/01/28 20:04:22 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{66C4D755-5E58-46E5-9A98-130BD49EAB58}
[2012/01/27 22:22:21 | 000,000,000 | ---D | C] -- C:\Users\Melinda\Documents\LocaleMetaData
[2012/01/27 20:21:25 | 000,000,000 | ---D | C] -- C:\Users\Melinda\AppData\Local\{D646F1B2-7854-4FDC-AD17-F8573371FD60}
========== Files - Modified Within 90 Days ========== [2012/04/26 18:01:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/26 17:58:23 | 000,763,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/26 17:58:23 | 000,657,378 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/26 17:58:23 | 000,118,576 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/26 17:55:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Melinda\Desktop\OTL.exe
[2012/04/26 17:01:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/26 15:45:58 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/26 15:45:58 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/26 15:38:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/26 15:38:23 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/26 10:56:17 | 000,271,846 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/26 08:44:38 | 096,270,290 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/21 17:44:53 | 000,003,688 | ---- | M] () -- C:\Users\Melinda\Documents\Contacts.csv
[2012/04/20 19:21:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMelinda.job
[2012/04/20 15:13:15 | 000,075,941 | ---- | M] () -- C:\Users\Melinda\Desktop\FreeMeter_v1.6.3.zip
[2012/04/17 08:58:48 | 000,624,083 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/04/16 11:56:57 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/04/10 21:10:55 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2012/04/06 00:25:47 | 000,002,212 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Call of Atlantis.lnk
[2012/04/06 00:25:47 | 000,002,188 | ---- | M] () -- C:\Users\Melinda\Desktop\Call of Atlantis.lnk
[2012/04/06 00:25:47 | 000,002,083 | ---- | M] () -- C:\Users\Melinda\Desktop\Play Online Games.lnk
[2012/04/06 00:25:47 | 000,002,044 | ---- | M] () -- C:\Users\Melinda\Desktop\MyPlayCity Games.lnk
[2012/04/04 21:48:27 | 003,136,930 | ---- | M] () -- C:\Users\Melinda\Desktop\Survival.pdf
[2012/04/04 21:34:19 | 003,023,620 | ---- | M] () -- C:\Users\Melinda\Desktop\SurvivalManual.pdf
[2012/04/04 16:36:14 | 000,154,887 | ---- | M] () -- C:\Users\Melinda\Desktop\fixit4me.gadget
[2012/04/04 11:48:27 | 000,000,019 | ---- | M] () -- C:\Users\Melinda\Desktop\channel_ajax
[2012/04/02 21:23:27 | 010,413,632 | ---- | M] () -- C:\Users\Melinda\Desktop\Missing-411.mp3
[2012/03/30 18:31:15 | 000,007,610 | ---- | M] () -- C:\Users\Melinda\AppData\Local\Resmon.ResmonCfg
[2012/03/29 13:06:30 | 000,201,065 | ---- | M] () -- C:\Users\Melinda\Desktop\Volunteer Registration Form 2012-signed.pdf
[2012/03/29 12:43:47 | 000,164,857 | ---- | M] () -- C:\Users\Melinda\Desktop\Volunteer Registration Form 2012.pdf
[2012/03/28 18:04:53 | 002,130,102 | ---- | M] () -- C:\Users\Melinda\Documents\Smiles.bmp
[2012/03/28 18:01:42 | 000,032,585 | ---- | M] () -- C:\Users\Melinda\Documents\Smiles.gif
[2012/03/28 16:41:47 | 000,225,530 | ---- | M] () -- C:\Users\Melinda\Documents\reciept Animals Australia.gif
[2012/03/17 15:15:06 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/03/15 08:47:42 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/13 13:45:47 | 000,200,519 | ---- | M] () -- C:\Users\Melinda\Documents\Optus recharge reciept.png
[2012/03/12 21:54:35 | 004,239,590 | ---- | M] () -- C:\Users\Melinda\Desktop\Vegatarian Ebook2.pdf
[2012/03/08 23:29:07 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/03/08 22:45:31 | 000,000,957 | ---- | M] () -- C:\Users\Melinda\Desktop\RegZooka.lnk
[2012/03/08 22:45:18 | 005,650,384 | ---- | M] (ZookaWare) -- C:\Users\Melinda\Desktop\RegZooka.exe
[2012/03/08 22:42:59 | 000,002,016 | -H-- | M] () -- C:\Users\Melinda\Documents\Default.rdp
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/07 10:55:27 | 000,001,555 | ---- | M] () -- C:\Users\Melinda\Documents\Did you get this.eml
[2012/03/06 16:23:37 | 005,559,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 15:29:47 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 15:29:41 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/05 13:28:17 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/03/05 13:28:17 | 000,191,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/05 13:28:17 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/05 13:28:17 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/05 13:12:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/05 13:12:43 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/05 13:12:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/05 13:12:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/05 12:36:58 | 002,044,252 | ---- | M] () -- C:\Users\Melinda\Desktop\tdsskiller 1.zip
[2012/03/03 12:14:24 | 000,540,162 | ---- | M] () -- C:\Users\Melinda\Desktop\MindSurgePop.pdf
[2012/03/01 16:16:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 16:08:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 16:03:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/28 16:26:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 16:18:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 16:18:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 16:15:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 16:13:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 16:09:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/28 10:41:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/28 10:39:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/28 10:36:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/28 10:33:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/28 10:29:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/27 17:17:45 | 000,029,472 | ---- | M] () -- C:\Users\Melinda\Documents\Veda.pdf
[2012/02/26 20:58:14 | 000,000,291 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2012/02/26 20:55:57 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2012/02/26 20:55:52 | 000,000,903 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2012/02/26 20:54:31 | 000,001,798 | ---- | M] () -- C:\Users\Melinda\Desktop\MusicStation - Shortcut.lnk
[2012/02/26 20:51:34 | 000,001,556 | ---- | M] () -- C:\Users\Melinda\Desktop\mbam - Shortcut.lnk
[2012/02/26 20:30:40 | 000,001,460 | ---- | M] () -- C:\Users\Melinda\Desktop\avgui - Shortcut.lnk
[2012/02/26 14:32:56 | 001,462,592 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/02/26 12:53:33 | 000,650,538 | ---- | M] () -- C:\Users\Melinda\Desktop\SecurityTaskManager_Manual.pdf
[2012/02/25 18:43:43 | 000,001,542 | ---- | M] () -- C:\Users\Melinda\Desktop\TaskMan - Shortcut.lnk
[2012/02/25 17:59:19 | 002,086,240 | ---- | M] () -- C:\Users\Melinda\Desktop\SecurityTaskManager_Setup.exe
[2012/02/24 16:15:41 | 000,002,093 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
[2012/02/24 15:38:31 | 000,000,123 | ---- | M] () -- C:\Users\Melinda\Desktop\Microsoft Fix it.url
[2012/02/24 08:15:54 | 001,356,320 | ---- | M] () -- C:\Users\Melinda\Desktop\WordsofWisdomCalendar.pdf
[2012/02/24 08:15:17 | 001,191,491 | ---- | M] () -- C:\Users\Melinda\Desktop\GoodVibrations.pdf
[2012/02/24 08:14:50 | 000,727,340 | ---- | M] () -- C:\Users\Melinda\Desktop\ConsciousnessEvolution.pdf
[2012/02/22 12:39:33 | 000,324,377 | ---- | M] () -- C:\Users\Melinda\Desktop\3.Relationships.pdf
[2012/02/22 12:37:39 | 000,198,909 | ---- | M] () -- C:\Users\Melinda\Desktop\2.Power.pdf
[2012/02/22 12:37:10 | 000,211,354 | ---- | M] () -- C:\Users\Melinda\Desktop\1.Money.pdf
[2012/02/21 22:16:05 | 001,147,854 | ---- | M] () -- C:\Users\Melinda\Desktop\equake3d.zip
[2012/02/21 16:19:11 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/02/21 16:19:10 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/02/21 16:19:10 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/02/21 16:19:10 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/02/21 16:19:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/02/21 16:19:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/02/21 16:19:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/02/21 16:19:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/02/21 16:19:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/02/21 16:19:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/02/21 16:19:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/02/21 16:19:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/02/21 16:19:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/21 16:19:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/02/21 16:19:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/02/21 16:19:10 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/02/21 16:19:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/02/21 16:19:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/02/21 16:19:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/02/21 16:19:09 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/02/21 16:19:09 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/02/21 16:19:09 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/02/21 16:19:09 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/02/21 16:19:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/02/21 16:19:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/02/21 16:19:09 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/02/21 16:19:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/02/21 16:19:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/02/21 16:19:09 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/02/21 16:19:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/02/21 16:19:08 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/02/21 16:19:08 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/02/21 16:19:08 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/02/21 16:19:08 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/02/21 16:19:08 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/02/21 16:19:08 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/02/21 16:19:08 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/02/21 16:19:08 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/02/21 16:19:08 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/02/21 16:19:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/02/21 16:19:08 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/02/21 16:19:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/02/21 16:19:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/02/21 16:19:08 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/02/21 16:19:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/02/21 16:19:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/02/21 16:19:08 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/02/21 16:19:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/02/21 16:19:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/02/21 16:19:08 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/02/21 16:19:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/02/21 16:19:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/02/21 16:19:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/02/21 16:19:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/02/21 16:19:07 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/02/21 16:19:07 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/02/21 16:19:07 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/02/21 16:19:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/02/21 16:19:07 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/02/21 16:19:07 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/02/21 16:19:07 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/21 16:19:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/02/21 16:19:07 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/02/20 22:45:14 | 192,324,644 | ---- | M] () -- C:\Users\Melinda\Desktop\guyfinley-sevensteps.zip
[2012/02/20 22:15:09 | 000,394,379 | ---- | M] () -- C:\Users\Melinda\Desktop\ThePowerPart2[1].pdf
[2012/02/20 19:29:15 | 002,075,864 | ---- | M] () -- C:\Users\Melinda\Desktop\Read This[1].pdf
[2012/02/20 17:58:55 | 070,433,991 | ---- | M] () -- C:\Users\Melinda\Desktop\blue-sciatica.mp3
[2012/02/20 17:49:46 | 000,235,764 | ---- | M] () -- C:\Users\Melinda\Desktop\sleeplikeababyreport.pdf
[2012/02/20 17:40:21 | 009,186,449 | ---- | M] () -- C:\Users\Melinda\Desktop\Formerly Illegal Treatment Reverses Pain in Minutes.mp3
[2012/02/20 17:19:43 | 008,330,656 | ---- | M] () -- C:\Users\Melinda\Desktop\Prolozone Therapy, Powerful Cure for Pain.mp3
[2012/02/20 17:17:48 | 002,275,936 | ---- | M] () -- C:\Users\Melinda\Desktop\Turbulence-Training-Fat-Loss-Beginner-Programs.pdf
[2012/02/20 17:02:19 | 001,007,901 | ---- | M] () -- C:\Users\Melinda\Desktop\Foods that kill fat.pdf
[2012/02/20 17:01:44 | 001,220,548 | ---- | M] () -- C:\Users\Melinda\Desktop\Stretching_Tips.pdf
[2012/02/20 16:37:28 | 006,093,330 | ---- | M] () -- C:\Users\Melinda\Desktop\BeyondDietMainProduct.zip
[2012/02/17 16:08:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 15:04:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/17 12:00:23 | 000,003,584 | ---- | M] () -- C:\Users\Melinda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/17 10:25:11 | 000,771,342 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/12 20:10:06 | 000,001,136 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup.lnk
[2012/02/12 20:10:06 | 000,001,112 | ---- | M] () -- C:\Users\Melinda\Desktop\AVG PC Tuneup.lnk
[2012/02/12 19:59:38 | 008,351,256 | ---- | M] (AVG ) -- C:\Users\Melinda\Desktop\avg_pct_stf_all_10_27.exe
[2012/02/10 22:58:52 | 000,452,069 | ---- | M] () -- C:\Users\Melinda\Desktop\MessagesFromTheFuture.pdf
[2012/02/10 16:06:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/02/08 22:06:46 | 000,003,780 | ---- | M] () -- C:\Users\Melinda\Documents\Resident Shield scan.csv
[2012/02/08 21:13:54 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/02/06 18:51:36 | 000,024,572 | ---- | M] () -- C:\Users\Melinda\Documents\AVG Scan 6.2.2012.csv
[2012/02/06 15:42:43 | 000,304,968 | ---- | M] () -- C:\Users\Melinda\Desktop\get_fwndis_noAVG2012_en.exe
[2012/02/05 16:16:52 | 001,182,616 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Users\Melinda\Desktop\DriverDetective.exe
[2012/02/05 13:38:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/05 13:38:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/02/05 13:38:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/05 13:30:47 | 003,968,400 | ---- | M] (AVG Technologies) -- C:\Users\Melinda\Desktop\avg_isc_stb_all_2012_1913.exe
[2012/02/04 12:44:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/04 11:48:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/04 08:31:42 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/02/04 08:31:42 | 000,001,088 | ---- | M] () -- C:\Users\Melinda\Desktop\Find Drivers with DriverAgent.lnk
[2012/02/03 23:45:11 | 000,001,097 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/02/03 22:46:12 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2012/02/03 01:35:16 | 000,962,530 | ---- | M] () -- C:\Users\Melinda\Desktop\22PowerfulToolsToTransformYourFear_New.pdf
[2012/02/03 01:11:31 | 006,176,103 | ---- | M] () -- C:\Users\Melinda\Desktop\WordsOfWisdom.zip
[2012/02/02 15:48:01 | 000,378,240 | ---- | M] (Neuber Software) -- C:\Users\Melinda\Desktop\SvchostAnalyzer.exe
[2012/02/02 13:13:13 | 059,104,204 | ---- | M] () -- C:\Users\Melinda\Desktop\AlphaMindControl.zip
[2012/02/02 12:18:00 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Users\Melinda\Desktop\OTM.exe
[2012/02/02 12:08:20 | 000,000,888 | ---- | M] () -- C:\Users\Melinda\Desktop\NTREGOPT.lnk
[2012/02/02 12:08:20 | 000,000,869 | ---- | M] () -- C:\Users\Melinda\Desktop\ERUNT.lnk
[2012/02/01 21:51:44 | 002,919,658 | ---- | M] () -- C:\Users\Melinda\Documents\Resource and performance log.html
[2012/02/01 21:47:46 | 000,069,632 | ---- | M] () -- C:\Users\Melinda\Documents\event viewer diagnostic performance log.evtx
[2012/02/01 02:10:18 | 000,001,401 | ---- | M] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/01 00:37:27 | 000,005,850 | ---- | M] () -- C:\Users\Melinda\Documents\email AVG.eml
[2012/01/29 01:48:29 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/01/29 01:36:57 | 009,888,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2012/01/29 01:36:55 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2012/01/27 22:22:20 | 001,118,208 | ---- | M] () -- C:\Users\Melinda\Documents\Events 864.evtx
========== Files Created - No Company Name ========== [2012/04/26 10:56:17 | 000,271,846 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/04/26 08:44:38 | 096,270,290 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/21 17:44:53 | 000,003,688 | ---- | C] () -- C:\Users\Melinda\Documents\Contacts.csv
[2012/04/20 15:13:14 | 000,075,941 | ---- | C] () -- C:\Users\Melinda\Desktop\FreeMeter_v1.6.3.zip
[2012/04/17 08:58:48 | 000,624,083 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/04/16 11:56:57 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Reliance 3G.lnk
[2012/04/10 21:10:55 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/04/06 00:25:47 | 000,002,212 | ---- | C] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Call of Atlantis.lnk
[2012/04/06 00:25:47 | 000,002,188 | ---- | C] () -- C:\Users\Melinda\Desktop\Call of Atlantis.lnk
[2012/04/06 00:25:47 | 000,002,083 | ---- | C] () -- C:\Users\Melinda\Desktop\Play Online Games.lnk
[2012/04/06 00:25:47 | 000,002,044 | ---- | C] () -- C:\Users\Melinda\Desktop\MyPlayCity Games.lnk
[2012/04/04 21:48:27 | 003,136,930 | ---- | C] () -- C:\Users\Melinda\Desktop\Survival.pdf
[2012/04/04 21:34:19 | 003,023,620 | ---- | C] () -- C:\Users\Melinda\Desktop\SurvivalManual.pdf
[2012/04/04 16:36:05 | 000,154,887 | ---- | C] () -- C:\Users\Melinda\Desktop\fixit4me.gadget
[2012/04/04 11:48:27 | 000,000,019 | ---- | C] () -- C:\Users\Melinda\Desktop\channel_ajax
[2012/04/02 21:22:13 | 010,413,632 | ---- | C] () -- C:\Users\Melinda\Desktop\Missing-411.mp3
[2012/03/29 13:06:30 | 000,201,065 | ---- | C] () -- C:\Users\Melinda\Desktop\Volunteer Registration Form 2012-signed.pdf
[2012/03/29 12:43:47 | 000,164,857 | ---- | C] () -- C:\Users\Melinda\Desktop\Volunteer Registration Form 2012.pdf
[2012/03/28 18:04:53 | 002,130,102 | ---- | C] () -- C:\Users\Melinda\Documents\Smiles.bmp
[2012/03/28 18:01:40 | 000,032,585 | ---- | C] () -- C:\Users\Melinda\Documents\Smiles.gif
[2012/03/28 16:41:45 | 000,225,530 | ---- | C] () -- C:\Users\Melinda\Documents\reciept Animals Australia.gif
[2012/03/17 15:15:06 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/03/13 13:45:47 | 000,200,519 | ---- | C] () -- C:\Users\Melinda\Documents\Optus recharge reciept.png
[2012/03/12 21:53:52 | 004,239,590 | ---- | C] () -- C:\Users\Melinda\Desktop\Vegatarian Ebook2.pdf
[2012/03/08 22:45:31 | 000,000,957 | ---- | C] () -- C:\Users\Melinda\Desktop\RegZooka.lnk
[2012/03/08 17:51:45 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/08 17:51:44 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/07 10:55:26 | 000,001,555 | ---- | C] () -- C:\Users\Melinda\Documents\Did you get this.eml
[2012/03/05 12:36:42 | 002,044,252 | ---- | C] () -- C:\Users\Melinda\Desktop\tdsskiller 1.zip
[2012/03/03 12:13:29 | 000,540,162 | ---- | C] () -- C:\Users\Melinda\Desktop\MindSurgePop.pdf
[2012/02/27 17:17:45 | 000,029,472 | ---- | C] () -- C:\Users\Melinda\Documents\Veda.pdf
[2012/02/26 20:55:57 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2012/02/26 20:55:54 | 000,000,291 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2012/02/26 20:55:52 | 000,000,903 | ---- | C] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\MusicStation.lnk
[2012/02/26 20:54:31 | 000,001,798 | ---- | C] () -- C:\Users\Melinda\Desktop\MusicStation - Shortcut.lnk
[2012/02/26 20:51:34 | 000,001,556 | ---- | C] () -- C:\Users\Melinda\Desktop\mbam - Shortcut.lnk
[2012/02/26 20:30:40 | 000,001,460 | ---- | C] () -- C:\Users\Melinda\Desktop\avgui - Shortcut.lnk
[2012/02/26 14:32:49 | 001,462,592 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/02/26 14:11:18 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0255.old
[2012/02/26 12:53:33 | 000,650,538 | ---- | C] () -- C:\Users\Melinda\Desktop\SecurityTaskManager_Manual.pdf
[2012/02/25 18:43:43 | 000,001,542 | ---- | C] () -- C:\Users\Melinda\Desktop\TaskMan - Shortcut.lnk
[2012/02/25 17:58:31 | 002,086,240 | ---- | C] () -- C:\Users\Melinda\Desktop\SecurityTaskManager_Setup.exe
[2012/02/24 16:15:41 | 000,002,093 | ---- | C] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
[2012/02/24 15:38:31 | 000,000,123 | ---- | C] () -- C:\Users\Melinda\Desktop\Microsoft Fix it.url
[2012/02/24 08:15:40 | 001,356,320 | ---- | C] () -- C:\Users\Melinda\Desktop\WordsofWisdomCalendar.pdf
[2012/02/24 08:15:03 | 001,191,491 | ---- | C] () -- C:\Users\Melinda\Desktop\GoodVibrations.pdf
[2012/02/24 08:14:48 | 000,727,340 | ---- | C] () -- C:\Users\Melinda\Desktop\ConsciousnessEvolution.pdf
[2012/02/22 12:39:33 | 000,324,377 | ---- | C] () -- C:\Users\Melinda\Desktop\3.Relationships.pdf
[2012/02/22 12:37:39 | 000,198,909 | ---- | C] () -- C:\Users\Melinda\Desktop\2.Power.pdf
[2012/02/22 12:37:10 | 000,211,354 | ---- | C] () -- C:\Users\Melinda\Desktop\1.Money.pdf
[2012/02/21 22:15:59 | 001,147,854 | ---- | C] () -- C:\Users\Melinda\Desktop\equake3d.zip
[2012/02/21 16:19:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/21 16:19:07 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/20 22:45:14 | 192,324,644 | ---- | C] () -- C:\Users\Melinda\Desktop\guyfinley-sevensteps.zip
[2012/02/20 22:15:08 | 000,394,379 | ---- | C] () -- C:\Users\Melinda\Desktop\ThePowerPart2[1].pdf
[2012/02/20 19:29:15 | 002,075,864 | ---- | C] () -- C:\Users\Melinda\Desktop\Read This[1].pdf
[2012/02/20 17:58:55 | 070,433,991 | ---- | C] () -- C:\Users\Melinda\Desktop\blue-sciatica.mp3
[2012/02/20 17:49:46 | 000,235,764 | ---- | C] () -- C:\Users\Melinda\Desktop\sleeplikeababyreport.pdf
[2012/02/20 17:40:21 | 009,186,449 | ---- | C] () -- C:\Users\Melinda\Desktop\Formerly Illegal Treatment Reverses Pain in Minutes.mp3
[2012/02/20 17:19:43 | 008,330,656 | ---- | C] () -- C:\Users\Melinda\Desktop\Prolozone Therapy, Powerful Cure for Pain.mp3
[2012/02/20 17:17:48 | 002,275,936 | ---- | C] () -- C:\Users\Melinda\Desktop\Turbulence-Training-Fat-Loss-Beginner-Programs.pdf
[2012/02/20 17:02:19 | 001,007,901 | ---- | C] () -- C:\Users\Melinda\Desktop\Foods that kill fat.pdf
[2012/02/20 17:01:44 | 001,220,548 | ---- | C] () -- C:\Users\Melinda\Desktop\Stretching_Tips.pdf
[2012/02/20 16:37:28 | 006,093,330 | ---- | C] () -- C:\Users\Melinda\Desktop\BeyondDietMainProduct.zip
[2012/02/17 12:00:22 | 000,003,584 | ---- | C] () -- C:\Users\Melinda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/12 20:10:06 | 000,001,136 | ---- | C] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup.lnk
[2012/02/12 20:10:06 | 000,001,112 | ---- | C] () -- C:\Users\Melinda\Desktop\AVG PC Tuneup.lnk
[2012/02/10 22:58:50 | 000,452,069 | ---- | C] () -- C:\Users\Melinda\Desktop\MessagesFromTheFuture.pdf
[2012/02/08 22:06:46 | 000,003,780 | ---- | C] () -- C:\Users\Melinda\Documents\Resident Shield scan.csv
[2012/02/06 18:51:36 | 000,024,572 | ---- | C] () -- C:\Users\Melinda\Documents\AVG Scan 6.2.2012.csv
[2012/02/06 15:42:43 | 000,304,968 | ---- | C] () -- C:\Users\Melinda\Desktop\get_fwndis_noAVG2012_en.exe
[2012/02/06 11:40:54 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/02/05 13:38:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/05 13:38:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/02/05 13:38:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/04 12:44:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012/02/04 11:46:11 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/02/04 09:29:00 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/02/04 08:31:42 | 000,001,088 | ---- | C] () -- C:\Users\Melinda\Desktop\Find Drivers with DriverAgent.lnk
[2012/02/03 23:45:11 | 000,001,097 | ---- | C] () -- C:\Users\Melinda\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/02/03 22:36:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/03 22:36:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/03 22:36:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/03 22:36:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/03 22:36:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/03 01:35:16 | 000,962,530 | ---- | C] () -- C:\Users\Melinda\Desktop\22PowerfulToolsToTransformYourFear_New.pdf
[2012/02/03 01:10:27 | 006,176,103 | ---- | C] () -- C:\Users\Melinda\Desktop\WordsOfWisdom.zip
[2012/02/02 12:59:26 | 059,104,204 | ---- | C] () -- C:\Users\Melinda\Desktop\AlphaMindControl.zip
[2012/02/02 12:08:20 | 000,000,888 | ---- | C] () -- C:\Users\Melinda\Desktop\NTREGOPT.lnk
[2012/02/02 12:08:20 | 000,000,869 | ---- | C] () -- C:\Users\Melinda\Desktop\ERUNT.lnk
[2012/02/01 21:52:34 | 002,919,658 | ---- | C] () -- C:\Users\Melinda\Documents\Resource and performance log.html
[2012/02/01 21:47:46 | 000,069,632 | ---- | C] () -- C:\Users\Melinda\Documents\event viewer diagnostic performance log.evtx
[2012/02/01 01:36:54 | 000,002,016 | -H-- | C] () -- C:\Users\Melinda\Documents\Default.rdp
[2012/02/01 00:37:27 | 000,005,850 | ---- | C] () -- C:\Users\Melinda\Documents\email AVG.eml
[2012/01/29 01:16:00 | 000,200,468 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/01/27 22:22:20 | 001,118,208 | ---- | C] () -- C:\Users\Melinda\Documents\Events 864.evtx
[2012/01/01 18:20:00 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/01/01 18:19:42 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/12/27 20:08:35 | 000,007,610 | ---- | C] () -- C:\Users\Melinda\AppData\Local\Resmon.ResmonCfg
[2011/12/10 13:14:27 | 000,771,342 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/10 10:06:33 | 000,001,854 | ---- | C] () -- C:\Users\Melinda\AppData\Roaming\GhostObjGAFix.xml
[2011/12/02 20:39:54 | 000,102,912 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011/12/02 20:39:54 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011/11/30 20:41:00 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/11/30 16:44:26 | 000,000,268 | RH-- | C] () -- C:\Users\Melinda\AppData\Roaming\libiconv
[2011/11/30 16:44:26 | 000,000,268 | RH-- | C] () -- C:\Users\Melinda\AppData\Roaming\laserjet
[2011/11/30 16:44:26 | 000,000,268 | RH-- | C] () -- C:\Users\Melinda\AppData\Roaming\images
[2011/10/21 16:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/21 16:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/21 16:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/21 16:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/05/25 07:20:30 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/12/21 09:50:14 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010/12/17 11:07:18 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
========== LOP Check ========== [2011/12/31 10:05:15 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Acapela Group
[2012/01/04 11:29:41 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Auslogics
[2012/01/28 21:28:45 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\AVG
[2012/01/27 15:11:19 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\AVG Secure Search
[2012/02/05 13:39:12 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\AVG2012
[2011/12/26 18:00:23 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\FixCleaner
[2012/03/19 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\ieSpell
[2012/01/01 18:20:00 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Nikon
[2011/12/10 14:58:48 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\PC Cleaners
[2012/02/04 07:53:28 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Product_RM
[2012/02/04 08:08:42 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Registry Mechanic
[2012/02/23 18:32:27 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\RegZooka
[2012/01/07 19:34:07 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Smart PDF Converter Pro
[2012/04/21 18:07:14 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\SoftGrid Client
[2011/08/13 14:33:09 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Synaptics
[2012/01/09 19:10:06 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Systweak
[2011/12/31 10:28:13 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\TP
[2011/08/13 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\WildTangent
[2011/12/02 22:07:35 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\Windows Live Writer
[2012/02/04 16:05:35 | 000,000,000 | ---D | M] -- C:\Users\Melinda\AppData\Roaming\ZumoDrive
[2012/03/26 17:20:44 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 14:49:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 15:49:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/25 15:49:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 15:49:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 15:44:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 12:54:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 15:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 15:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 12:54:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: SVCHOST.EXE >[2009/07/14 10:44:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/14 10:44:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 10:44:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 13:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 11:09:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/14 11:09:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 11:09:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/21 12:53:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/21 12:53:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 12:53:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 12:54:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/21 12:54:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 12:54:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/21 12:54:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/21 12:54:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 12:54:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/01/13 13:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{57530E21-4DB5-4EB7-8673-0EA6EDD6AA43}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{808E4596-7271-40D6-A6BF-AD9AC7592073}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{9B2B64CB-6CEB-4628-B274-81517F023C55}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{BC979BD0-7FFE-422C-B54A-97263ABB5C74}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 07 01 00 01 0B 01 01 01 02 01 04 01 09 01 08 01 06 01 05 01 0C 01 03 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 12
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/21 16:19:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/21 16:19:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/21 16:19:10 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/02/21 16:19:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/02/21 16:19:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/02/21 16:19:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/02/21 16:19:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/02/21 16:19:08 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/02/21 16:19:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/02/21 16:19:11 | 000,748,336 | ---- | M] (Microsoft Corporation)
< C:\Windows\assembly\tmp\U\*.* /s > < C:\Program Files\Common Files\ComObjects\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < type c:\diskreport.txt /c >Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: KGB
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 SYSTEM NTFS Partition 199 MB Healthy System
Volume 2 C NTFS Partition 452 GB Healthy Boot
Volume 3 D RECOVERY NTFS Partition 13 GB Healthy
Volume 4 HP_TOOLS FAT32 Partition 103 MB Healthy
Volume 5 F Removable 0 B No Media
========== Alternate Data Streams ========== @Alternate Data Stream - 764 bytes -> C:\Users\Melinda\Documents\Did you get this.eml:OECustomProperty
@Alternate Data Stream - 550 bytes -> C:\Users\Melinda\Documents\email AVG.eml:OECustomProperty
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
Extras.txtOTL Extras logfile created on: 26/04/2012 6:45:32 PM - Run 6
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Melinda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.86 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 69.18% Memory free
7.71 Gb Paging File | 6.33 Gb Available in Paging File | 82.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.38 Gb Total Space | 392.47 Gb Free Space | 86.76% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 1.73 Gb Free Space | 13.23% Space Free | Partition Type: NTFS
Computer Name: KGB | User Name: Melinda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B5949C-F1D8-474A-9FB1-6F04C66C35B4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{063885EE-B80D-4789-B8F3-09A2B3B023BB}" = rport=445 | protocol=6 | dir=out | app=system |
"{0BD2D855-6CC4-4990-8650-BC7ABED5E65B}" = rport=138 | protocol=17 | dir=out | app=system |
"{0F88C939-1F75-489C-946C-36D0F2E6F2EB}" = lport=139 | protocol=6 | dir=in | app=system |
"{2A0B0BF8-E71E-482E-9AE3-984B1D08DFE3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{309BE0E3-7E8A-4BA6-82D5-2C980CC5E4D1}" = lport=137 | protocol=17 | dir=in | app=system |
"{3DA6E5B5-207D-412F-87DA-496D832E113A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{494D4779-E7D8-4076-A1E1-80F8ECAE2B3E}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A0505C3-E5D3-4CBB-BE8D-A69757B180BE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{97E8B054-87BD-44A1-B941-41FE6183E1EE}" = rport=137 | protocol=17 | dir=out | app=system |
"{9997CBE8-FB6F-4203-BAF8-0C1223AD89FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9042525-50E5-46CE-8DED-5B6202CC20F2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{C80208EA-D030-416D-BFF1-1AB8D5EBA334}" = rport=139 | protocol=6 | dir=out | app=system |
"{D3C6522B-B99A-4520-B59E-4E791DBF8D30}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B27563C-AC72-4982-86E6-9819D09225C5}" = protocol=58 | dir=out |
[email protected],-28546 |
"{118C6D42-5C9F-46A6-9B59-17AC1297F75D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{137B9E5D-B81B-4A6E-BAC8-9B03199991EA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{14435110-6CF7-47EC-BAA0-6EECC2619BDB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{16A990AF-8BE7-412A-B528-73CE297DF587}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{392679FA-9C4A-4449-8002-71B7DE25E2B8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{5D4A001E-DF0C-4141-90D7-E4013D07D3EA}" = protocol=1 | dir=out |
[email protected],-28544 |
"{7C9B83D2-54A3-410F-B53A-3E0E9CB723E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{8AD5472F-9397-4FAD-8389-D9268B4A8817}" = protocol=1 | dir=in |
[email protected],-28543 |
"{96454115-C12C-4314-9814-ABC7F0A861CF}" = protocol=58 | dir=in |
[email protected],-28545 |
"{97B641D1-92B1-4965-BE29-C888C0768723}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{ACDAFAB3-CBC8-4134-9C92-118F89457CB9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BE35F2B7-1E7C-478D-8D90-74856745DE62}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{E196E3F4-50CF-4B28-A7AA-FA6C40420003}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{EFA33C8C-3758-4B36-BB66-594C0621B1CD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{AD51F780-B4F7-4415-969C-E3B1A880A387}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{B19DC599-8F6A-4348-8227-2B320385A23E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java 6 Update 31 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{124DB96E-CBF5-44FB-AB59-7D2444DEC777}" = HP On Screen Display
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9945F35E-85EF-4759-A95C-2E10AA34EA58}" = ESU for Microsoft Windows 7 SP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.5.124
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B97E3520-C726-475E-BC0C-7561952633AB}" = HP Power Manager
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E74E7F63-E70F-43f2-873F-35FB66F263B2}" = MusicStation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"AVG Secure Search" = AVG Security Toolbar
"Call of Atlantis_is1" = Call of Atlantis
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"ieSpell" = ieSpell
"iLivid" = iLivid
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RegZooka" = RegZooka
"Reliance 3G" = Reliance 3G
"Security Task Manager" = Security Task Manager 1.8d
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087343" = Dora's World Adventure
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087533" = Zuma Deluxe
"WT089299" = Mystery P.I. - The London Caper
"WT089300" = World Cup Cricket 20-20
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 23/04/2012 5:42:23 PM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 23/04/2012 8:38:34 PM | Computer Name = KGB.MEL | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 23/04/2012 11:14:28 PM | Computer Name = KGB.MEL | Source = VSS | ID = 8193
Description =
Error - 24/04/2012 5:05:31 AM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 24/04/2012 7:55:27 PM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 25/04/2012 12:11:11 AM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 25/04/2012 3:37:36 AM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 25/04/2012 7:11:57 PM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 26/04/2012 2:10:02 AM | Computer Name = KGB.MEL | Source = WinMgmt | ID = 10
Description =
Error - 26/04/2012 5:16:41 AM | Computer Name = KGB.MEL | Source = VSS | ID = 8193
Description =
[ Hewlett-Packard Events ]
Error - 12/11/2011 11:51:40 PM | Computer Name = Melinda-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111113022135.xml
File not created by asset agent
[ HP Wireless Assistant Events ]
Error - 13/08/2011 2:00:41 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:01:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:02:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:03:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:04:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:05:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:06:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:07:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:08:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 13/08/2011 2:09:42 AM | Computer Name = Melinda-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
[ Media Center Events ]
Error - 6/03/2012 7:47:07 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 10:16:59 AM - Error connecting to the internet. 10:16:59 AM - Unable
to contact server..
Error - 13/03/2012 7:52:14 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 10:22:14 AM - Error connecting to the internet. 10:22:14 AM - Unable
to contact server..
Error - 13/03/2012 7:52:26 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 10:22:19 AM - Error connecting to the internet. 10:22:19 AM - Unable
to contact server..
Error - 13/03/2012 8:52:30 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 11:22:30 AM - Error connecting to the internet. 11:22:30 AM - Unable
to contact server..
Error - 13/03/2012 8:52:36 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 11:22:35 AM - Error connecting to the internet. 11:22:35 AM - Unable
to contact server..
Error - 13/03/2012 9:52:40 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 12:22:40 PM - Error connecting to the internet. 12:22:40 PM - Unable
to contact server..
Error - 13/03/2012 9:52:46 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 12:22:45 PM - Error connecting to the internet. 12:22:45 PM - Unable
to contact server..
Error - 13/03/2012 10:52:51 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 1:22:51 PM - Error connecting to the internet. 1:22:51 PM - Unable
to contact server..
Error - 13/03/2012 10:52:57 PM | Computer Name = Melinda-HP | Source = MCUpdate | ID = 0
Description = 1:22:56 PM - Error connecting to the internet. 1:22:56 PM - Unable
to contact server..
Error - 16/04/2012 6:28:03 PM | Computer Name = KGB.MEL | Source = MCUpdate | ID = 0
Description = 7:57:56 AM - Error connecting to the internet. 7:57:56 AM - Unable
to contact server..
[ System Events ]
Error - 25/04/2012 7:11:17 PM | Computer Name = KGB.MEL | Source = DCOM | ID = 10005
Description =
Error - 25/04/2012 7:11:17 PM | Computer Name = KGB.MEL | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 25/04/2012 7:12:49 PM | Computer Name = KGB.MEL | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%3
Error - 25/04/2012 7:12:52 PM | Computer Name = KGB.MEL | Source = WMPNetworkSvc | ID = 866287
Description =
Error - 26/04/2012 2:08:31 AM | Computer Name = KGB.MEL | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126
Error - 26/04/2012 2:08:37 AM | Computer Name = KGB.MEL | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 26/04/2012 2:09:17 AM | Computer Name = KGB.MEL | Source = DCOM | ID = 10005
Description =
Error - 26/04/2012 2:09:17 AM | Computer Name = KGB.MEL | Source = Service Control Manager | ID = 7001
Description = The Windows Image Acquisition (WIA) service depends on the Shell Hardware
Detection service which failed to start because of the following error: %%1058
Error - 26/04/2012 2:10:52 AM | Computer Name = KGB.MEL | Source = Service Control Manager | ID = 7000
Description = The HP Support Assistant Service service failed to start due to the
following error: %%3
Error - 26/04/2012 2:10:55 AM | Computer Name = KGB.MEL | Source = WMPNetworkSvc | ID = 866287
Description =
< End of report >
aswMBR logaswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-26 19:03:31
-----------------------------
19:03:31.069 OS Version: Windows x64 6.1.7601 Service Pack 1
19:03:31.069 Number of processors: 2 586 0x2A07
19:03:31.085 ComputerName: KGB UserName:
19:03:33.175 Initialize success
19:04:11.007 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:04:11.007 Disk 0 Vendor: Hitachi_HTS545050B9A300 PB4OCA1G Size: 476940MB BusType: 11
19:04:11.022 Disk 0 MBR read successfully
19:04:11.022 Disk 0 MBR scan
19:04:11.022 Disk 0 Windows 7 default MBR code
19:04:11.038 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
19:04:11.054 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463242 MB offset 409600
19:04:11.069 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13394 MB offset 949129216
19:04:11.085 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
19:04:11.132 Disk 0 scanning C:\Windows\system32\drivers
19:04:18.822 Service scanning
19:04:43.283 Modules scanning
19:04:43.283 Disk 0 trace - called modules:
19:04:43.314 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:04:43.314 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004f02160]
19:04:43.330 3 CLASSPNP.SYS[fffff88001b6143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004a13060]
19:04:43.330 Scan finished successfully
19:04:58.212 Disk 0 MBR has been saved successfully to "C:\Users\Melinda\Desktop\MBR.dat"
19:04:58.228 The log file has been saved successfully to "C:\Users\Melinda\Desktop\aswMBR.txt"
Thanks