Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 x64 Will Not Start - Startup Repair - ci.dll


  • This topic is locked This topic is locked
14 replies to this topic

#1 WKeith

WKeith

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 20 June 2011 - 08:37 PM

Hi, thanks in advance for your assistance.

My college-aged daughter & I cannot seem to start her Windows 7 64-bit laptop. It boots to Startup Repair and says that the issue is with C:\ci.dll, and that it is not able to repair the problem. This is true whether I try regular boot up, or safe mode boot up. I cannot start windows normally. If I disable driver signing from the F8 menu options, then Windows 7 will start up and I can login. Once I realized that, I installed and ran MalwareBytes... it found and removed several trojans, but still no luck booting without disabling driver signing, and no safe mode. At least I have a mechanism to install and run something to get a log of issues, if something of that sort would help debug.

Please assist if you can! Thank you very much!

BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 21 June 2011 - 02:02 PM

Hi WKeith,

Welcome to our site. I will assist you.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64 and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#3 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 21 June 2011 - 04:15 PM

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.1
Ran by SYSTEM at 2011-06-21 17:12:24
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1822504 2009-08-23] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-20] (IDT, Inc.)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1926928 2009-09-21] (Intel® Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-08-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-08-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-08-25] (Intel Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436224 2010-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] ()
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1486392 2011-04-05] (McAfee, Inc.)
HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-09-08] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2010-11-17] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2010-10-05] (Dell)
HKLM-x32\...\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [449584 2011-05-29] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30208 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe
HKLM\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-26] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-26] (Microsoft Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1


==================== Services ====================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2010-10-16] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [183560 2011-02-28] (Microsoft Corporation.)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [345376 2010-10-07] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-03] (Microsoft Corporation)
2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-04] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1420560 2009-09-21] (Intel® Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1135104 2011-02-19] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [16680 2010-06-15] (Citrix Online, a division of Citrix Systems, Inc.)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] ()
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [932640 2010-11-17] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-27] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [509416 2010-10-07] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [200056 2011-04-14] (McAfee, Inc.)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [245352 2011-04-14] (McAfee, Inc.)
2 mfevtp; "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe" [149032 2011-04-14] (McAfee, Inc.)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2010-11-11] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2009-09-21] ()
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [282616 2010-11-11] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [149352 2010-01-09] (Microsoft Corporation)
3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [4925184 2010-01-09] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
2 ReflectService; "C:\Program Files\Macrium\Reflect\ReflectService.exe" [301024 2010-07-29] ()
2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [831760 2009-09-21] (Intel® Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-02] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [249648 2011-02-25] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
2 SftService; "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE" [705856 2011-01-13] (SoftThinks SAS)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-21] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
2 sprtsvc_DellSupportCenter; "C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe" /service /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-20] (IDT, Inc.)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 TurboBoost; "C:\Program Files\Intel\TurboBoost\TurboBoost.exe" [126352 2009-11-02] (Intel® Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-06-24] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-14] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-21] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [442880 2010-12-21] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2286976 2010-09-21] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-21] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [78848 2010-06-15] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)
2 btwdins; c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [x]
2 FontCache3.0.0.032; c:\windows\system32\nlslexicons003e32.exe [x]
2 SENS32; c:\windows\system32\setupapi32.exe [x]

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [228352 2010-06-15] (Microsoft Corporation)
3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [23912 2009-07-24] (ST Microelectronics)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [499712 2011-04-24] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-13] (Microsoft Corporation)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-13] (Microsoft Corporation)
3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [551936 2009-07-13] (Microsoft Corporation)
3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [79360 2009-07-13] (Microsoft Corporation)
3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [98344 2009-06-30] (Broadcom Corporation.)
3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [132648 2009-06-30] (Broadcom Corporation.)
3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [35104 2009-04-07] (Broadcom Corporation.)
3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [21160 2009-06-30] (Broadcom Corporation.)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 cfwids; C:\Windows\System32\drivers\cfwids.sys [63056 2011-04-14] (McAfee, Inc.)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [172704 2009-06-15] (Creative Technology Ltd.)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-26] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2011-01-26] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-09-26] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HECIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2009-09-16] (Intel Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10611552 2010-08-25] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158720 2010-02-10] (Intel Corporation)
3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-01-07] (Intel® Corporation)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121376 2011-04-14] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190520 2011-04-14] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441840 2011-04-14] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [530304 2011-04-14] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75160 2011-04-14] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94992 2011-04-14] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283744 2011-04-14] (McAfee, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [188928 2010-10-24] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [40832 2010-10-24] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-03] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-05-03] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-03] (Microsoft Corporation)
0 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30296 2010-06-15] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Intel Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [72064 2010-10-24] (Microsoft Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1657216 2011-03-11] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
3 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55280 2009-07-09] (Sonic Solutions)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
3 rimmptsk; C:\Windows\System32\DRIVERS\rimmpx64.sys [67584 2009-06-25] (REDC)
2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [60416 2009-07-01] (REDC)
3 rimsptsk; C:\Windows\System32\DRIVERS\rimspx64.sys [55296 2009-06-25] (REDC)
2 risdpcie; C:\Windows\System32\DRIVERS\risdpe64.sys [80896 2009-07-01] (REDC)
3 rismxdp; C:\Windows\System32\DRIVERS\rixdpx64.sys [57856 2009-06-25] (REDC)
2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [55808 2009-07-04] (REDC)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-20] (Realtek )
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-07-13] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-28] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-28] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-28] (Microsoft Corporation)
0 stdflt; C:\Windows\System32\DRIVERS\stdflt.sys [18792 2009-07-23] (ST Microelectronics)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-01-20] (IDT, Inc.)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [285744 2009-08-23] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2011-04-25] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2011-04-25] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327680 2010-06-15] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2010-09-28] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99328 2011-03-28] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\drivers\usbehci.sys [52224 2011-03-28] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-28] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [25600 2011-03-28] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [91136 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [30720 2011-03-28] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184832 2010-06-15] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WimFltr; C:\Windows\System32\DRIVERS\wimfltr.sys [151656 2006-11-01] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41472 2010-06-15] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112640 2010-06-15] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-06-15] (Microsoft Corporation)
3 mfeavfk01; [x]

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-20 19:01 - 2011-06-20 19:01 - 0000000 ____D C:\Users\Maggie\Application Data\Malwarebytes
2011-06-20 19:01 - 2011-06-20 19:01 - 0000000 ____D C:\Users\Maggie\AppData\Roaming\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-06-20 19:00 - 2011-06-20 19:00 - 0001115 ____A C:\Users\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-20 19:00 - 2011-05-29 08:11 - 0039984 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-06-20 19:00 - 2011-05-29 08:11 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-06-20 18:59 - 2011-06-20 19:00 - 9435312 ____A (Malwarebytes Corporation ) C:\Users\Maggie\Downloads\mbam-setup-1.51.0.1200.exe
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\Local Settings\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-18 14:16 - 2011-06-18 14:16 - 0351744 ____A (CrypKey Inc.) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-032.dll
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Windows\SysWOW64\setupapi32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Windows\SysWOW64\KBDNEPR32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\All Users\inseng32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\All Users\Application Data\inseng32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\ProgramData\inseng32.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\msiexec.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\0.17107669646044354.exe
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:13 - 2011-06-18 11:13 - 0777216 ____A () C:\Users\Maggie\0.06620873830259588.exe
2011-06-16 17:06 - 2011-06-16 17:07 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-16 17:06 - 2011-06-16 17:07 - 0000000 ____D C:\Users\Maggie\Local Settings\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-16 17:06 - 2011-06-16 17:07 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\Local Settings\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\AppData\Local\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 17:46 - 2011-05-28 00:22 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-06-15 17:46 - 2011-05-27 23:38 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-06-15 17:46 - 2011-04-22 15:13 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-06-15 17:46 - 2011-04-22 14:31 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-06-15 17:46 - 2011-04-22 14:31 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-06-15 17:45 - 2011-05-27 22:25 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-06-15 17:45 - 2011-05-27 22:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-06-15 17:45 - 2011-04-22 15:18 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-06-15 17:45 - 2011-04-22 15:18 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-15 17:45 - 2011-04-22 15:15 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-06-15 17:45 - 2011-04-22 15:14 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-15 17:45 - 2011-04-22 15:14 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-06-15 17:45 - 2011-04-22 15:14 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-06-15 17:45 - 2011-04-22 15:14 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-06-15 17:45 - 2011-04-22 15:13 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-06-15 17:45 - 2011-04-22 15:13 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-06-15 17:45 - 2011-04-22 15:13 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-06-15 17:45 - 2011-04-22 15:13 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-06-15 17:45 - 2011-04-22 15:13 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-15 17:45 - 2011-04-22 15:09 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-06-15 17:45 - 2011-04-22 14:31 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-15 17:45 - 2011-04-22 14:31 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-06-15 17:45 - 2011-04-22 14:30 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-06-15 17:45 - 2011-04-22 13:49 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-06-15 17:45 - 2011-04-22 13:23 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 20:16 - 2011-04-26 21:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-06-14 20:15 - 2011-05-27 22:07 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-14 20:15 - 2011-05-03 21:51 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-06-14 20:15 - 2011-05-03 21:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-06-14 20:15 - 2011-05-03 21:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-06-14 20:15 - 2011-04-25 00:32 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-06-14 20:15 - 2011-04-24 21:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-06-14 20:14 - 2011-05-03 00:21 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-06-14 20:14 - 2011-05-02 23:50 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-06-14 20:14 - 2011-04-28 22:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-06-14 20:14 - 2011-04-28 22:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-06-14 20:14 - 2011-04-28 22:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-06-14 20:14 - 2011-01-17 01:17 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-06-14 20:14 - 2011-01-17 00:38 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2011-06-14 20:14 - 2010-12-18 01:13 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-06-14 20:14 - 2010-12-18 00:31 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\Local Settings\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\AppData\Local\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-13 18:30 - 2011-06-13 18:31 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-13 18:30 - 2011-06-13 18:31 - 0000000 ____D C:\Users\Maggie\Local Settings\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-13 18:30 - 2011-06-13 18:31 - 0000000 ____D C:\Users\Maggie\AppData\Local\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\Local Settings\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\AppData\Local\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\Local Settings\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\AppData\Local\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 09:11 - 2011-06-10 09:11 - 0769536 ____A (Dmitry Streblechenko) C:\Users\Maggie\0.16804945070764465.exe
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\Local Settings\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\AppData\Local\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-08 10:26 - 2011-06-08 10:27 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-08 10:26 - 2011-06-08 10:27 - 0000000 ____D C:\Users\Maggie\Local Settings\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-08 10:26 - 2011-06-08 10:27 - 0000000 ____D C:\Users\Maggie\AppData\Local\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-07 15:29 - 2011-06-07 15:30 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-07 15:29 - 2011-06-07 15:30 - 0000000 ____D C:\Users\Maggie\Local Settings\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-07 15:29 - 2011-06-07 15:30 - 0000000 ____D C:\Users\Maggie\AppData\Local\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\Local Settings\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-05 12:15 - 2011-06-05 12:16 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-05 12:15 - 2011-06-05 12:16 - 0000000 ____D C:\Users\Maggie\Local Settings\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-05 12:15 - 2011-06-05 12:16 - 0000000 ____D C:\Users\Maggie\AppData\Local\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\AppData\Local\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-02 09:59 - 2011-06-02 10:00 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-02 09:59 - 2011-06-02 10:00 - 0000000 ____D C:\Users\Maggie\Local Settings\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-02 09:59 - 2011-06-02 10:00 - 0000000 ____D C:\Users\Maggie\AppData\Local\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\Local Settings\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\AppData\Local\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-05-30 12:57 - 2011-06-18 21:44 - 0000062 ____A C:\Users\All Users\Application Data\30cbf3cf
2011-05-30 12:57 - 2011-06-18 21:44 - 0000062 ____A C:\Users\All Users\30cbf3cf
2011-05-30 12:57 - 2011-06-18 21:44 - 0000062 ____A C:\ProgramData\30cbf3cf
2011-05-30 12:52 - 2011-05-30 12:53 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-30 12:52 - 2011-05-30 12:53 - 0000000 ____D C:\Users\Maggie\Local Settings\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-30 12:52 - 2011-05-30 12:53 - 0000000 ____D C:\Users\Maggie\AppData\Local\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-29 20:49 - 2011-05-29 20:50 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-29 20:49 - 2011-05-29 20:50 - 0000000 ____D C:\Users\Maggie\Local Settings\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-29 20:49 - 2011-05-29 20:50 - 0000000 ____D C:\Users\Maggie\AppData\Local\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-28 13:44 - 2011-06-20 18:56 - 0001812 __ASH C:\Windows\SysWOW64\e04bf4c81270P.manifest
2011-05-28 13:44 - 2011-06-20 18:56 - 0000013 __ASH C:\Windows\SysWOW64\e04bf4c81270C.manifest
2011-05-28 13:44 - 2011-06-20 18:56 - 0000011 __ASH C:\Windows\SysWOW64\e04bf4c81270S.manifest
2011-05-28 13:44 - 2011-06-20 18:56 - 0000011 __ASH C:\Windows\SysWOW64\e04bf4c81270O.manifest
2011-05-28 13:44 - 2011-06-18 14:16 - 0000127 ____A C:\Windows\SysWOW64\451273663
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\Users\All Users\Application Data\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\Users\All Users\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:33 - 2011-05-28 13:34 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-28 13:33 - 2011-05-28 13:34 - 0000000 ____D C:\Users\Maggie\Local Settings\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-28 13:33 - 2011-05-28 13:34 - 0000000 ____D C:\Users\Maggie\AppData\Local\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\Local Settings\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\AppData\Local\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-25 09:04 - 2011-04-22 15:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-05-23 22:15 - 2011-05-23 22:16 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-23 22:15 - 2011-05-23 22:16 - 0000000 ____D C:\Users\Maggie\Local Settings\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-23 22:15 - 2011-05-23 22:16 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-22 12:32 - 2011-05-22 12:33 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}
2011-05-22 12:32 - 2011-05-22 12:33 - 0000000 ____D C:\Users\Maggie\Local Settings\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}
2011-05-22 12:32 - 2011-05-22 12:33 - 0000000 ____D C:\Users\Maggie\AppData\Local\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}


============ 3 Months Modified Files and folders =============

2011-06-21 17:12 - 2011-06-21 17:12 - 0000000 ____D C:\FRST
2011-06-20 21:10 - 2011-05-18 11:26 - 0000000 ____D C:\Program Files (x86)\Yontoo Layers
2011-06-20 21:10 - 2011-02-24 19:50 - 0000000 ____D C:\Program Files (x86)\ClickPotatoLite
2011-06-20 21:10 - 2010-06-22 18:25 - 0000000 ____D C:\users\Maggie
2011-06-20 21:10 - 2009-07-13 22:20 - 0000000 ___RD C:\Program Files (x86)
2011-06-20 21:10 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\wfp
2011-06-20 21:10 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\wbem
2011-06-20 21:10 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\registration
2011-06-20 20:07 - 2010-06-22 18:38 - 0000000 ___AH C:\Users\Maggie\Local Settings\IconCache.db
2011-06-20 20:07 - 2010-06-22 18:38 - 0000000 ___AH C:\Users\Maggie\Local Settings\Application Data\IconCache.db
2011-06-20 20:07 - 2010-06-22 18:38 - 0000000 ___AH C:\Users\Maggie\AppData\Local\IconCache.db
2011-06-20 19:37 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-06-20 19:37 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\AppCompat
2011-06-20 19:36 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-06-20 19:09 - 2009-07-14 00:10 - 1138005 ____A C:\Windows\WindowsUpdate.log
2011-06-20 19:03 - 2009-07-13 23:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-20 19:03 - 2009-07-13 23:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-20 19:01 - 2011-06-20 19:01 - 0000000 ____D C:\Users\Maggie\Application Data\Malwarebytes
2011-06-20 19:01 - 2011-06-20 19:01 - 0000000 ____D C:\Users\Maggie\AppData\Roaming\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0001115 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-06-20 19:00 - 2011-06-20 19:00 - 0001115 ____A C:\Users\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-06-20 19:00 - 2011-06-20 19:00 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-20 19:00 - 2011-06-20 18:59 - 9435312 ____A (Malwarebytes Corporation ) C:\Users\Maggie\Downloads\mbam-setup-1.51.0.1200.exe
2011-06-20 18:57 - 2010-06-15 10:22 - 0000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2011-06-20 18:56 - 2011-05-28 13:44 - 0001812 __ASH C:\Windows\SysWOW64\e04bf4c81270P.manifest
2011-06-20 18:56 - 2011-05-28 13:44 - 0000013 __ASH C:\Windows\SysWOW64\e04bf4c81270C.manifest
2011-06-20 18:56 - 2011-05-28 13:44 - 0000011 __ASH C:\Windows\SysWOW64\e04bf4c81270S.manifest
2011-06-20 18:56 - 2011-05-28 13:44 - 0000011 __ASH C:\Windows\SysWOW64\e04bf4c81270O.manifest
2011-06-20 18:56 - 2010-06-22 18:25 - 0000000 ____D C:\Users\Maggie\Local Settings\SoftThinks
2011-06-20 18:56 - 2010-06-22 18:25 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\SoftThinks
2011-06-20 18:56 - 2010-06-22 18:25 - 0000000 ____D C:\Users\Maggie\AppData\Local\SoftThinks
2011-06-20 18:56 - 2009-07-14 00:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-20 18:55 - 2010-06-15 12:02 - 3061190656 __ASH C:\hiberfil.sys
2011-06-20 18:55 - 2009-07-13 23:51 - 0060137 ____A C:\Windows\setupact.log
2011-06-19 22:09 - 2009-07-14 02:44 - 0000000 ___RD C:\Users\Public\Recorded TV
2011-06-19 22:07 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\Local Settings\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-19 16:45 - 2011-06-19 16:45 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
2011-06-18 21:44 - 2011-05-30 12:57 - 0000062 ____A C:\Users\All Users\Application Data\30cbf3cf
2011-06-18 21:44 - 2011-05-30 12:57 - 0000062 ____A C:\Users\All Users\30cbf3cf
2011-06-18 21:44 - 2011-05-30 12:57 - 0000062 ____A C:\ProgramData\30cbf3cf
2011-06-18 16:53 - 2010-06-15 12:02 - 0062992 ____A C:\Windows\PFRO.log
2011-06-18 14:16 - 2011-06-18 14:16 - 0351744 ____A (CrypKey Inc.) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-032.dll
2011-06-18 14:16 - 2011-05-28 13:44 - 0000127 ____A C:\Windows\SysWOW64\451273663
2011-06-18 14:15 - 2011-06-18 14:16 - 0777216 ____A () C:\Windows\SysWOW64\setupapi32.exe
2011-06-18 14:15 - 2011-06-18 14:16 - 0777216 ____A () C:\Windows\SysWOW64\KBDNEPR32.exe
2011-06-18 14:15 - 2011-06-18 14:16 - 0777216 ____A () C:\Users\All Users\inseng32.exe
2011-06-18 14:15 - 2011-06-18 14:16 - 0777216 ____A () C:\Users\All Users\Application Data\inseng32.exe
2011-06-18 14:15 - 2011-06-18 14:16 - 0777216 ____A () C:\ProgramData\inseng32.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\msiexec.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\0.17107669646044354.exe
2011-06-18 11:19 - 2011-01-23 13:20 - 0000000 ____D C:\Users\Maggie\Local Settings\Windows Live
2011-06-18 11:19 - 2011-01-23 13:20 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\Windows Live
2011-06-18 11:19 - 2011-01-23 13:20 - 0000000 ____D C:\Users\Maggie\AppData\Local\Windows Live
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:18 - 2011-06-18 11:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
2011-06-18 11:13 - 2011-06-18 11:13 - 0777216 ____A () C:\Users\Maggie\0.06620873830259588.exe
2011-06-16 17:07 - 2011-06-16 17:06 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-16 17:07 - 2011-06-16 17:06 - 0000000 ____D C:\Users\Maggie\Local Settings\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-16 17:07 - 2011-06-16 17:06 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2D29B456-7087-401A-A080-CDB1BC456888}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\Local Settings\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 18:06 - 2011-06-15 18:06 - 0000000 ____D C:\Users\Maggie\AppData\Local\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
2011-06-15 18:01 - 2010-07-22 09:24 - 0000478 ____A C:\Windows\Tasks\SyncBack Maggies files back up.job
2011-06-15 17:39 - 2009-07-13 23:45 - 0414656 ____A C:\Windows\System32\FNTCACHE.DAT
2011-06-14 21:15 - 2010-09-01 12:21 - 49454024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-06-14 21:14 - 2010-06-29 15:57 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-06-14 21:14 - 2010-06-29 15:57 - 0000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2011-06-14 21:14 - 2010-06-29 15:57 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-06-14 21:14 - 2010-06-15 10:30 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-14 20:34 - 2011-01-23 14:11 - 0000000 ____D C:\Users\Maggie\Local Settings\Windows Live Writer
2011-06-14 20:34 - 2011-01-23 14:11 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\Windows Live Writer
2011-06-14 20:34 - 2011-01-23 14:11 - 0000000 ____D C:\Users\Maggie\AppData\Local\Windows Live Writer
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 20:18 - 2011-06-14 20:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\Local Settings\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-14 16:43 - 2011-06-14 16:43 - 0000000 ____D C:\Users\Maggie\AppData\Local\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
2011-06-13 18:31 - 2011-06-13 18:30 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-13 18:31 - 2011-06-13 18:30 - 0000000 ____D C:\Users\Maggie\Local Settings\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-13 18:31 - 2011-06-13 18:30 - 0000000 ____D C:\Users\Maggie\AppData\Local\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\Local Settings\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-11 12:01 - 2011-06-11 12:01 - 0000000 ____D C:\Users\Maggie\AppData\Local\{10D8344D-CF61-44F8-944F-6AF87802F211}
2011-06-10 19:58 - 2010-08-27 14:18 - 0000000 ____D C:\Users\Maggie\Application Data\Skype
2011-06-10 19:58 - 2010-08-27 14:18 - 0000000 ____D C:\Users\Maggie\AppData\Roaming\Skype
2011-06-10 19:57 - 2010-08-27 14:22 - 0000000 ____D C:\Users\Maggie\Application Data\skypePM
2011-06-10 19:57 - 2010-08-27 14:22 - 0000000 ____D C:\Users\Maggie\AppData\Roaming\skypePM
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\Local Settings\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 19:52 - 2011-06-10 19:52 - 0000000 ____D C:\Users\Maggie\AppData\Local\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
2011-06-10 09:11 - 2011-06-10 09:11 - 0769536 ____A (Dmitry Streblechenko) C:\Users\Maggie\0.16804945070764465.exe
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\Local Settings\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-09 07:46 - 2011-06-09 07:46 - 0000000 ____D C:\Users\Maggie\AppData\Local\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
2011-06-08 10:27 - 2011-06-08 10:26 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-08 10:27 - 2011-06-08 10:26 - 0000000 ____D C:\Users\Maggie\Local Settings\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-08 10:27 - 2011-06-08 10:26 - 0000000 ____D C:\Users\Maggie\AppData\Local\{802B60C2-F180-45B6-A8B9-90CF959711C3}
2011-06-07 15:30 - 2011-06-07 15:29 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-07 15:30 - 2011-06-07 15:29 - 0000000 ____D C:\Users\Maggie\Local Settings\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-07 15:30 - 2011-06-07 15:29 - 0000000 ____D C:\Users\Maggie\AppData\Local\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\Local Settings\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-06 09:44 - 2011-06-06 09:44 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
2011-06-05 12:16 - 2011-06-05 12:15 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-05 12:16 - 2011-06-05 12:15 - 0000000 ____D C:\Users\Maggie\Local Settings\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-05 12:16 - 2011-06-05 12:15 - 0000000 ____D C:\Users\Maggie\AppData\Local\{E70C13BE-7165-4C91-891B-FC6B43D07225}
2011-06-03 20:59 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\NDF
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-03 12:37 - 2011-06-03 12:37 - 0000000 ____D C:\Users\Maggie\AppData\Local\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
2011-06-02 15:22 - 2009-07-14 00:13 - 0005384 ____A C:\Windows\System32\PerfStringBackup.INI
2011-06-02 15:22 - 2009-07-13 21:36 - 4766368 ____A C:\Windows\System32\perfh009.dat
2011-06-02 15:22 - 2009-07-13 21:36 - 1548828 ____A C:\Windows\System32\perfc009.dat
2011-06-02 10:00 - 2011-06-02 09:59 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-02 10:00 - 2011-06-02 09:59 - 0000000 ____D C:\Users\Maggie\Local Settings\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-02 10:00 - 2011-06-02 09:59 - 0000000 ____D C:\Users\Maggie\AppData\Local\{082A7A57-0E47-4865-952C-09D87C05C052}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\Local Settings\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-06-01 08:22 - 2011-06-01 08:22 - 0000000 ____D C:\Users\Maggie\AppData\Local\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
2011-06-01 08:14 - 2009-07-14 00:08 - 0032622 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-05-30 12:53 - 2011-05-30 12:52 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-30 12:53 - 2011-05-30 12:52 - 0000000 ____D C:\Users\Maggie\Local Settings\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-30 12:53 - 2011-05-30 12:52 - 0000000 ____D C:\Users\Maggie\AppData\Local\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
2011-05-29 20:50 - 2011-05-29 20:49 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-29 20:50 - 2011-05-29 20:49 - 0000000 ____D C:\Users\Maggie\Local Settings\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-29 20:50 - 2011-05-29 20:49 - 0000000 ____D C:\Users\Maggie\AppData\Local\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
2011-05-29 08:11 - 2011-06-20 19:00 - 0039984 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-05-29 08:11 - 2011-06-20 19:00 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\Users\All Users\Application Data\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\Users\All Users\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:44 - 2011-05-28 13:44 - 0167936 ____A C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
2011-05-28 13:34 - 2011-05-28 13:33 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-28 13:34 - 2011-05-28 13:33 - 0000000 ____D C:\Users\Maggie\Local Settings\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-28 13:34 - 2011-05-28 13:33 - 0000000 ____D C:\Users\Maggie\AppData\Local\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
2011-05-28 00:22 - 2011-06-15 17:46 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-05-27 23:38 - 2011-06-15 17:46 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-05-27 22:25 - 2011-06-15 17:45 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-05-27 22:07 - 2011-06-14 20:15 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-05-27 22:00 - 2011-06-15 17:45 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\Local Settings\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-27 19:16 - 2011-05-27 19:16 - 0000000 ____D C:\Users\Maggie\AppData\Local\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
2011-05-23 22:16 - 2011-05-23 22:15 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-23 22:16 - 2011-05-23 22:15 - 0000000 ____D C:\Users\Maggie\Local Settings\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-23 22:16 - 2011-05-23 22:15 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9426DDE4-00AA-43A3-8FD0-4B073B32C509}
2011-05-22 12:33 - 2011-05-22 12:32 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}
2011-05-22 12:33 - 2011-05-22 12:32 - 0000000 ____D C:\Users\Maggie\Local Settings\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}
2011-05-22 12:33 - 2011-05-22 12:32 - 0000000 ____D C:\Users\Maggie\AppData\Local\{0CCF0627-220C-447C-8C58-BB1FCF85D33B}
2011-05-19 20:10 - 2011-05-19 20:10 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{BBC73294-B4F3-419E-A54A-4775165BB505}
2011-05-19 20:10 - 2011-05-19 20:10 - 0000000 ____D C:\Users\Maggie\Local Settings\{BBC73294-B4F3-419E-A54A-4775165BB505}
2011-05-19 20:10 - 2011-05-19 20:10 - 0000000 ____D C:\Users\Maggie\AppData\Local\{BBC73294-B4F3-419E-A54A-4775165BB505}
2011-05-18 22:40 - 2011-05-18 22:40 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{6FEC3E34-4E44-41AE-BBF9-EA166FBAB069}
2011-05-18 22:40 - 2011-05-18 22:40 - 0000000 ____D C:\Users\Maggie\Local Settings\{6FEC3E34-4E44-41AE-BBF9-EA166FBAB069}
2011-05-18 22:40 - 2011-05-18 22:40 - 0000000 ____D C:\Users\Maggie\AppData\Local\{6FEC3E34-4E44-41AE-BBF9-EA166FBAB069}
2011-05-18 11:32 - 2011-05-18 11:32 - 0000000 ____D C:\Users\Maggie\My Documents\My ooVoo
2011-05-18 11:32 - 2011-05-18 11:32 - 0000000 ____D C:\Users\Maggie\Documents\My ooVoo
2011-05-18 11:26 - 2011-05-18 11:26 - 0001859 ____A C:\Users\Public\Desktop\ooVoo.lnk
2011-05-18 11:26 - 2011-05-18 11:26 - 0001859 ____A C:\Users\All Users\Desktop\ooVoo.lnk
2011-05-18 11:26 - 2011-05-18 11:26 - 0000000 ____D C:\Users\All Users\Tarma Installer
2011-05-18 11:26 - 2011-05-18 11:26 - 0000000 ____D C:\Users\All Users\Application Data\Tarma Installer
2011-05-18 11:26 - 2011-05-18 11:26 - 0000000 ____D C:\ProgramData\Tarma Installer
2011-05-18 11:26 - 2010-09-06 14:47 - 0000000 ____D C:\Program Files (x86)\ooVoo
2011-05-18 10:03 - 2011-05-18 10:03 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{BA6B5F85-8DE8-44CC-BBBB-7BC108AA8063}
2011-05-18 10:03 - 2011-05-18 10:03 - 0000000 ____D C:\Users\Maggie\Local Settings\{BA6B5F85-8DE8-44CC-BBBB-7BC108AA8063}
2011-05-18 10:03 - 2011-05-18 10:03 - 0000000 ____D C:\Users\Maggie\AppData\Local\{BA6B5F85-8DE8-44CC-BBBB-7BC108AA8063}
2011-05-17 18:04 - 2011-05-17 18:03 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{E6D1E0D6-C230-4E6B-A84C-41F75F409B19}
2011-05-17 18:04 - 2011-05-17 18:03 - 0000000 ____D C:\Users\Maggie\Local Settings\{E6D1E0D6-C230-4E6B-A84C-41F75F409B19}
2011-05-17 18:04 - 2011-05-17 18:03 - 0000000 ____D C:\Users\Maggie\AppData\Local\{E6D1E0D6-C230-4E6B-A84C-41F75F409B19}
2011-05-16 17:12 - 2011-05-16 17:12 - 0000426 ____A C:\Windows\BRWMARK.INI
2011-05-16 17:12 - 2011-05-16 17:12 - 0000034 ____A C:\Windows\SysWOW64\BD2140.DAT
2011-05-16 17:12 - 2011-05-16 17:12 - 0000000 ___RD C:\Users\Maggie\Application Data\Brother
2011-05-16 17:12 - 2011-05-16 17:12 - 0000000 ___RD C:\Users\Maggie\AppData\Roaming\Brother
2011-05-16 15:21 - 2011-05-16 15:21 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9D13AD89-A6D7-4B1E-9D70-55539A54669C}
2011-05-16 15:21 - 2011-05-16 15:21 - 0000000 ____D C:\Users\Maggie\Local Settings\{9D13AD89-A6D7-4B1E-9D70-55539A54669C}
2011-05-16 15:21 - 2011-05-16 15:21 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9D13AD89-A6D7-4B1E-9D70-55539A54669C}
2011-05-14 17:24 - 2011-05-14 17:24 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{311F7C0E-E00A-4025-8E76-3193721EB941}
2011-05-14 17:24 - 2011-05-14 17:24 - 0000000 ____D C:\Users\Maggie\Local Settings\{311F7C0E-E00A-4025-8E76-3193721EB941}
2011-05-14 17:24 - 2011-05-14 17:24 - 0000000 ____D C:\Users\Maggie\AppData\Local\{311F7C0E-E00A-4025-8E76-3193721EB941}
2011-05-14 09:43 - 2011-05-14 09:43 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{1E4FCA3C-4955-4912-B1AC-2409AE0344F4}
2011-05-14 09:43 - 2011-05-14 09:43 - 0000000 ____D C:\Users\Maggie\Local Settings\{1E4FCA3C-4955-4912-B1AC-2409AE0344F4}
2011-05-14 09:43 - 2011-05-14 09:43 - 0000000 ____D C:\Users\Maggie\AppData\Local\{1E4FCA3C-4955-4912-B1AC-2409AE0344F4}
2011-05-13 21:06 - 2011-01-28 12:34 - 0000000 ____D C:\Users\Maggie\workspace
2011-05-13 19:04 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\rescache
2011-05-13 12:23 - 2011-05-13 12:23 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{75ADB7C4-C538-4486-B239-69861E9F7822}
2011-05-13 12:23 - 2011-05-13 12:23 - 0000000 ____D C:\Users\Maggie\Local Settings\{75ADB7C4-C538-4486-B239-69861E9F7822}
2011-05-13 12:23 - 2011-05-13 12:23 - 0000000 ____D C:\Users\Maggie\AppData\Local\{75ADB7C4-C538-4486-B239-69861E9F7822}
2011-05-12 21:56 - 2011-05-12 21:56 - 0002519 ____A C:\Windows\IE9_main.log
2011-05-12 18:27 - 2011-05-12 18:27 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{FABC488D-D205-4054-A3F2-307FEDCD9CEB}
2011-05-12 18:27 - 2011-05-12 18:27 - 0000000 ____D C:\Users\Maggie\Local Settings\{FABC488D-D205-4054-A3F2-307FEDCD9CEB}
2011-05-12 18:27 - 2011-05-12 18:27 - 0000000 ____D C:\Users\Maggie\AppData\Local\{FABC488D-D205-4054-A3F2-307FEDCD9CEB}
2011-05-12 12:28 - 2011-05-12 12:28 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{933C4F53-E643-46D1-AC22-C248FE8D399B}
2011-05-12 12:28 - 2011-05-12 12:28 - 0000000 ____D C:\Users\Maggie\Local Settings\{933C4F53-E643-46D1-AC22-C248FE8D399B}
2011-05-12 12:28 - 2011-05-12 12:28 - 0000000 ____D C:\Users\Maggie\AppData\Local\{933C4F53-E643-46D1-AC22-C248FE8D399B}
2011-05-11 14:47 - 2011-05-11 14:47 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{B1CA9BA6-F2F9-414C-9700-2477491BC57E}
2011-05-11 14:47 - 2011-05-11 14:47 - 0000000 ____D C:\Users\Maggie\Local Settings\{B1CA9BA6-F2F9-414C-9700-2477491BC57E}
2011-05-11 14:47 - 2011-05-11 14:47 - 0000000 ____D C:\Users\Maggie\AppData\Local\{B1CA9BA6-F2F9-414C-9700-2477491BC57E}
2011-05-10 16:23 - 2011-05-10 16:23 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{73377E74-4919-4801-A801-25EF9CD6DF58}
2011-05-10 16:23 - 2011-05-10 16:23 - 0000000 ____D C:\Users\Maggie\Local Settings\{73377E74-4919-4801-A801-25EF9CD6DF58}
2011-05-10 16:23 - 2011-05-10 16:23 - 0000000 ____D C:\Users\Maggie\AppData\Local\{73377E74-4919-4801-A801-25EF9CD6DF58}
2011-05-09 11:53 - 2011-05-09 11:53 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{1DED2401-C84E-4DC0-A06A-87920912365B}
2011-05-09 11:53 - 2011-05-09 11:53 - 0000000 ____D C:\Users\Maggie\Local Settings\{1DED2401-C84E-4DC0-A06A-87920912365B}
2011-05-09 11:53 - 2011-05-09 11:53 - 0000000 ____D C:\Users\Maggie\AppData\Local\{1DED2401-C84E-4DC0-A06A-87920912365B}
2011-05-08 11:29 - 2011-05-08 11:29 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{3486B0F5-3C2B-4AF5-8DE4-422301A93678}
2011-05-08 11:29 - 2011-05-08 11:29 - 0000000 ____D C:\Users\Maggie\Local Settings\{3486B0F5-3C2B-4AF5-8DE4-422301A93678}
2011-05-08 11:29 - 2011-05-08 11:29 - 0000000 ____D C:\Users\Maggie\AppData\Local\{3486B0F5-3C2B-4AF5-8DE4-422301A93678}
2011-05-07 09:30 - 2011-05-07 09:30 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{8A5206D4-A80F-44C1-8426-6505123EBD73}
2011-05-07 09:30 - 2011-05-07 09:30 - 0000000 ____D C:\Users\Maggie\Local Settings\{8A5206D4-A80F-44C1-8426-6505123EBD73}
2011-05-07 09:30 - 2011-05-07 09:30 - 0000000 ____D C:\Users\Maggie\AppData\Local\{8A5206D4-A80F-44C1-8426-6505123EBD73}
2011-05-06 21:30 - 2011-05-06 21:29 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{E376C5F8-FA78-4454-9A85-F10ACFBFAEFD}
2011-05-06 21:30 - 2011-05-06 21:29 - 0000000 ____D C:\Users\Maggie\Local Settings\{E376C5F8-FA78-4454-9A85-F10ACFBFAEFD}
2011-05-06 21:30 - 2011-05-06 21:29 - 0000000 ____D C:\Users\Maggie\AppData\Local\{E376C5F8-FA78-4454-9A85-F10ACFBFAEFD}
2011-05-06 20:29 - 2011-05-06 20:29 - 2832544 ____A (Adobe Systems, Inc.) C:\Users\Maggie\Downloads\install_flash_player.exe
2011-05-05 18:45 - 2011-05-05 18:45 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{270B6B7C-5F4F-45B0-A095-DC4DC7B899C9}
2011-05-05 18:45 - 2011-05-05 18:45 - 0000000 ____D C:\Users\Maggie\Local Settings\{270B6B7C-5F4F-45B0-A095-DC4DC7B899C9}
2011-05-05 18:45 - 2011-05-05 18:45 - 0000000 ____D C:\Users\Maggie\AppData\Local\{270B6B7C-5F4F-45B0-A095-DC4DC7B899C9}
2011-05-05 17:17 - 2011-05-05 17:17 - 0005513 ____A C:\Users\Maggie\Downloads\SimplePippinTests.zip
2011-05-05 17:17 - 2011-05-05 17:17 - 0000000 ____D C:\Users\Maggie\Downloads\SimplePippinTests
2011-05-04 12:53 - 2011-05-04 12:53 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{C1D77044-FF61-428F-95CA-B15369CA5F33}
2011-05-04 12:53 - 2011-05-04 12:53 - 0000000 ____D C:\Users\Maggie\Local Settings\{C1D77044-FF61-428F-95CA-B15369CA5F33}
2011-05-04 12:53 - 2011-05-04 12:53 - 0000000 ____D C:\Users\Maggie\AppData\Local\{C1D77044-FF61-428F-95CA-B15369CA5F33}
2011-05-03 21:51 - 2011-06-14 20:15 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-05-03 21:51 - 2011-06-14 20:15 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-05-03 21:51 - 2011-06-14 20:15 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-05-03 15:07 - 2011-05-03 15:06 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{C3663FFC-C9A5-4A11-9026-5B1ABFDA0BED}
2011-05-03 15:07 - 2011-05-03 15:06 - 0000000 ____D C:\Users\Maggie\Local Settings\{C3663FFC-C9A5-4A11-9026-5B1ABFDA0BED}
2011-05-03 15:07 - 2011-05-03 15:06 - 0000000 ____D C:\Users\Maggie\AppData\Local\{C3663FFC-C9A5-4A11-9026-5B1ABFDA0BED}
2011-05-03 00:21 - 2011-06-14 20:14 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-05-02 23:50 - 2011-06-14 20:14 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-05-02 11:25 - 2011-05-02 11:25 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{B65109F4-832F-4CE1-9023-BA6FA0EC6C9E}
2011-05-02 11:25 - 2011-05-02 11:25 - 0000000 ____D C:\Users\Maggie\Local Settings\{B65109F4-832F-4CE1-9023-BA6FA0EC6C9E}
2011-05-02 11:25 - 2011-05-02 11:25 - 0000000 ____D C:\Users\Maggie\AppData\Local\{B65109F4-832F-4CE1-9023-BA6FA0EC6C9E}
2011-04-30 13:37 - 2011-04-30 13:37 - 0004538 ____A C:\Users\Maggie\Downloads\Evaluator(2).jar
2011-04-30 13:35 - 2010-06-22 18:25 - 0000000 ____D C:\Users\Maggie\AppData\LocalLow
2011-04-30 11:55 - 2011-04-30 11:55 - 0004538 ____A C:\Users\Maggie\Downloads\Evaluator.jar
2011-04-30 09:55 - 2011-04-30 09:55 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{F899EB7E-1103-49B6-A5EF-07CE95A88F1E}
2011-04-30 09:55 - 2011-04-30 09:55 - 0000000 ____D C:\Users\Maggie\Local Settings\{F899EB7E-1103-49B6-A5EF-07CE95A88F1E}
2011-04-30 09:55 - 2011-04-30 09:55 - 0000000 ____D C:\Users\Maggie\AppData\Local\{F899EB7E-1103-49B6-A5EF-07CE95A88F1E}
2011-04-30 09:23 - 2010-06-23 16:01 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-04-29 19:11 - 2011-04-29 19:10 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{A645C2D3-1F19-499D-A67C-0994F47CF148}
2011-04-29 19:11 - 2011-04-29 19:10 - 0000000 ____D C:\Users\Maggie\Local Settings\{A645C2D3-1F19-499D-A67C-0994F47CF148}
2011-04-29 19:11 - 2011-04-29 19:10 - 0000000 ____D C:\Users\Maggie\AppData\Local\{A645C2D3-1F19-499D-A67C-0994F47CF148}
2011-04-28 22:13 - 2011-06-14 20:14 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-04-28 22:12 - 2011-06-14 20:14 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-04-28 22:12 - 2011-06-14 20:14 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-04-28 12:44 - 2011-04-28 12:44 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{80CC71D6-200F-4A83-90D0-11E6D44DEE64}
2011-04-28 12:44 - 2011-04-28 12:44 - 0000000 ____D C:\Users\Maggie\Local Settings\{80CC71D6-200F-4A83-90D0-11E6D44DEE64}
2011-04-28 12:44 - 2011-04-28 12:44 - 0000000 ____D C:\Users\Maggie\AppData\Local\{80CC71D6-200F-4A83-90D0-11E6D44DEE64}
2011-04-27 11:24 - 2011-04-27 11:23 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{9D3BA4C3-4359-4F20-A5A7-851205ADA730}
2011-04-27 11:24 - 2011-04-27 11:23 - 0000000 ____D C:\Users\Maggie\Local Settings\{9D3BA4C3-4359-4F20-A5A7-851205ADA730}
2011-04-27 11:24 - 2011-04-27 11:23 - 0000000 ____D C:\Users\Maggie\AppData\Local\{9D3BA4C3-4359-4F20-A5A7-851205ADA730}
2011-04-26 21:57 - 2011-06-14 20:16 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-04-26 12:33 - 2011-04-26 12:33 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{82446F0A-0CF3-4749-AF41-1E8E4111F35C}
2011-04-26 12:33 - 2011-04-26 12:33 - 0000000 ____D C:\Users\Maggie\Local Settings\{82446F0A-0CF3-4749-AF41-1E8E4111F35C}
2011-04-26 12:33 - 2011-04-26 12:33 - 0000000 ____D C:\Users\Maggie\AppData\Local\{82446F0A-0CF3-4749-AF41-1E8E4111F35C}
2011-04-25 17:02 - 2011-04-25 17:02 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{5845970A-E02F-4C4B-B79F-FCBFD79A5F99}
2011-04-25 17:02 - 2011-04-25 17:02 - 0000000 ____D C:\Users\Maggie\Local Settings\{5845970A-E02F-4C4B-B79F-FCBFD79A5F99}
2011-04-25 17:02 - 2011-04-25 17:02 - 0000000 ____D C:\Users\Maggie\AppData\Local\{5845970A-E02F-4C4B-B79F-FCBFD79A5F99}
2011-04-25 00:32 - 2011-06-14 20:15 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-04-24 21:44 - 2011-06-14 20:15 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-04-24 10:53 - 2011-04-24 10:53 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{1A9CB4C8-D40F-45FF-890C-29748984EF55}
2011-04-24 10:53 - 2011-04-24 10:53 - 0000000 ____D C:\Users\Maggie\Local Settings\{1A9CB4C8-D40F-45FF-890C-29748984EF55}
2011-04-24 10:53 - 2011-04-24 10:53 - 0000000 ____D C:\Users\Maggie\AppData\Local\{1A9CB4C8-D40F-45FF-890C-29748984EF55}
2011-04-23 14:30 - 2011-04-23 14:30 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{D794D0D4-81BE-48F1-9128-6342F856E2A6}
2011-04-23 14:30 - 2011-04-23 14:30 - 0000000 ____D C:\Users\Maggie\Local Settings\{D794D0D4-81BE-48F1-9128-6342F856E2A6}
2011-04-23 14:30 - 2011-04-23 14:30 - 0000000 ____D C:\Users\Maggie\AppData\Local\{D794D0D4-81BE-48F1-9128-6342F856E2A6}
2011-04-22 19:58 - 2011-04-22 19:58 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{D12EF96D-2880-434A-8AA0-6C4FFDE2DB0A}
2011-04-22 19:58 - 2011-04-22 19:58 - 0000000 ____D C:\Users\Maggie\Local Settings\{D12EF96D-2880-434A-8AA0-6C4FFDE2DB0A}
2011-04-22 19:58 - 2011-04-22 19:58 - 0000000 ____D C:\Users\Maggie\AppData\Local\{D12EF96D-2880-434A-8AA0-6C4FFDE2DB0A}
2011-04-22 15:18 - 2011-06-15 17:45 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-04-22 15:18 - 2011-06-15 17:45 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-04-22 15:18 - 2011-05-25 09:04 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-04-22 15:15 - 2011-06-15 17:45 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-04-22 15:14 - 2011-06-15 17:45 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-04-22 15:14 - 2011-06-15 17:45 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-04-22 15:14 - 2011-06-15 17:45 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-04-22 15:14 - 2011-06-15 17:45 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-04-22 15:13 - 2011-06-15 17:46 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-04-22 15:13 - 2011-06-15 17:45 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-04-22 15:13 - 2011-06-15 17:45 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-04-22 15:13 - 2011-06-15 17:45 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-04-22 15:13 - 2011-06-15 17:45 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-04-22 15:13 - 2011-06-15 17:45 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-04-22 15:09 - 2011-06-15 17:45 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-04-22 14:31 - 2011-06-15 17:46 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-04-22 14:31 - 2011-06-15 17:46 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-04-22 14:31 - 2011-06-15 17:45 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-04-22 14:30 - 2011-06-15 17:45 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-04-22 13:49 - 2011-06-15 17:45 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-04-22 13:23 - 2011-06-15 17:45 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-04-21 12:18 - 2011-04-21 12:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{799520AD-4AC3-4EFC-BAB4-41B7FC37EFF5}
2011-04-21 12:18 - 2011-04-21 12:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{799520AD-4AC3-4EFC-BAB4-41B7FC37EFF5}
2011-04-21 12:18 - 2011-04-21 12:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{799520AD-4AC3-4EFC-BAB4-41B7FC37EFF5}
2011-04-20 11:21 - 2011-04-20 11:21 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{C96C7E73-3A78-4E62-AD40-455E0D30124F}
2011-04-20 11:21 - 2011-04-20 11:21 - 0000000 ____D C:\Users\Maggie\Local Settings\{C96C7E73-3A78-4E62-AD40-455E0D30124F}
2011-04-20 11:21 - 2011-04-20 11:21 - 0000000 ____D C:\Users\Maggie\AppData\Local\{C96C7E73-3A78-4E62-AD40-455E0D30124F}
2011-04-19 18:15 - 2011-04-19 18:15 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{7D85209C-226F-47F2-8383-FBE7E3412A1C}
2011-04-19 18:15 - 2011-04-19 18:15 - 0000000 ____D C:\Users\Maggie\Local Settings\{7D85209C-226F-47F2-8383-FBE7E3412A1C}
2011-04-19 18:15 - 2011-04-19 18:15 - 0000000 ____D C:\Users\Maggie\AppData\Local\{7D85209C-226F-47F2-8383-FBE7E3412A1C}
2011-04-19 18:00 - 2010-10-15 21:12 - 0005632 ____A C:\Users\Maggie\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-19 18:00 - 2010-10-15 21:12 - 0005632 ____A C:\Users\Maggie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-19 18:00 - 2010-10-15 21:12 - 0005632 ____A C:\Users\Maggie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-18 15:34 - 2011-04-18 15:34 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2F32F041-C3B0-4890-9C98-D2303F98FB38}
2011-04-18 15:34 - 2011-04-18 15:34 - 0000000 ____D C:\Users\Maggie\Local Settings\{2F32F041-C3B0-4890-9C98-D2303F98FB38}
2011-04-18 15:34 - 2011-04-18 15:34 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2F32F041-C3B0-4890-9C98-D2303F98FB38}
2011-04-17 18:44 - 2009-07-14 00:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-04-17 18:43 - 2011-04-17 18:43 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{AE5D3D3D-290F-44AE-A49F-7D4669FA6884}
2011-04-17 18:43 - 2011-04-17 18:43 - 0000000 ____D C:\Users\Maggie\Local Settings\{AE5D3D3D-290F-44AE-A49F-7D4669FA6884}
2011-04-17 18:43 - 2011-04-17 18:43 - 0000000 ____D C:\Users\Maggie\AppData\Local\{AE5D3D3D-290F-44AE-A49F-7D4669FA6884}
2011-04-17 18:38 - 2011-04-17 18:38 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{2A27B512-BA81-4CFF-BB63-C03B2320E9DC}
2011-04-17 18:38 - 2011-04-17 18:38 - 0000000 ____D C:\Users\Maggie\Local Settings\{2A27B512-BA81-4CFF-BB63-C03B2320E9DC}
2011-04-17 18:38 - 2011-04-17 18:38 - 0000000 ____D C:\Users\Maggie\AppData\Local\{2A27B512-BA81-4CFF-BB63-C03B2320E9DC}
2011-04-17 18:36 - 2011-04-17 18:36 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{5F77FFD1-9784-495D-B3C2-A7FC209B4967}
2011-04-17 18:36 - 2011-04-17 18:36 - 0000000 ____D C:\Users\Maggie\Local Settings\{5F77FFD1-9784-495D-B3C2-A7FC209B4967}
2011-04-17 18:36 - 2011-04-17 18:36 - 0000000 ____D C:\Users\Maggie\AppData\Local\{5F77FFD1-9784-495D-B3C2-A7FC209B4967}
2011-04-17 18:35 - 2011-04-17 18:35 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{524FE3E1-EE08-4B4D-AF40-F7FAC08E16F9}
2011-04-17 18:35 - 2011-04-17 18:35 - 0000000 ____D C:\Users\Maggie\Local Settings\{524FE3E1-EE08-4B4D-AF40-F7FAC08E16F9}
2011-04-17 18:35 - 2011-04-17 18:35 - 0000000 ____D C:\Users\Maggie\AppData\Local\{524FE3E1-EE08-4B4D-AF40-F7FAC08E16F9}
2011-04-17 18:31 - 2011-04-17 18:31 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{0EB362FE-EFB1-465F-A4E0-47D59B22F76B}
2011-04-17 18:31 - 2011-04-17 18:31 - 0000000 ____D C:\Users\Maggie\Local Settings\{0EB362FE-EFB1-465F-A4E0-47D59B22F76B}
2011-04-17 18:31 - 2011-04-17 18:31 - 0000000 ____D C:\Users\Maggie\AppData\Local\{0EB362FE-EFB1-465F-A4E0-47D59B22F76B}
2011-04-16 13:40 - 2011-04-16 13:40 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{70565800-701E-4B99-A3D0-EA077D334470}
2011-04-16 13:40 - 2011-04-16 13:40 - 0000000 ____D C:\Users\Maggie\Local Settings\{70565800-701E-4B99-A3D0-EA077D334470}
2011-04-16 13:40 - 2011-04-16 13:40 - 0000000 ____D C:\Users\Maggie\AppData\Local\{70565800-701E-4B99-A3D0-EA077D334470}
2011-04-15 19:30 - 2011-04-15 19:30 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{1EB710C6-3015-45A5-880F-338DF389486A}
2011-04-15 19:30 - 2011-04-15 19:30 - 0000000 ____D C:\Users\Maggie\Local Settings\{1EB710C6-3015-45A5-880F-338DF389486A}
2011-04-15 19:30 - 2011-04-15 19:30 - 0000000 ____D C:\Users\Maggie\AppData\Local\{1EB710C6-3015-45A5-880F-338DF389486A}
2011-04-14 13:06 - 2011-04-14 13:06 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{5E657656-6462-4D02-946E-425DD9CF7775}
2011-04-14 13:06 - 2011-04-14 13:06 - 0000000 ____D C:\Users\Maggie\Local Settings\{5E657656-6462-4D02-946E-425DD9CF7775}
2011-04-14 13:06 - 2011-04-14 13:06 - 0000000 ____D C:\Users\Maggie\AppData\Local\{5E657656-6462-4D02-946E-425DD9CF7775}
2011-04-14 13:01 - 2010-06-15 10:35 - 0009984 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0530304 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0441840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0283744 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0190520 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0121376 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0094992 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0075160 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfenlfk.sys
2011-04-14 13:01 - 2010-01-05 18:04 - 0063056 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys
2011-04-13 21:23 - 2011-04-13 21:23 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{D73B8F5E-A4F8-47F6-8261-B36493DD9576}
2011-04-13 21:23 - 2011-04-13 21:23 - 0000000 ____D C:\Users\Maggie\Local Settings\{D73B8F5E-A4F8-47F6-8261-B36493DD9576}
2011-04-13 21:23 - 2011-04-13 21:23 - 0000000 ____D C:\Users\Maggie\AppData\Local\{D73B8F5E-A4F8-47F6-8261-B36493DD9576}
2011-04-12 18:18 - 2011-04-12 18:18 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{A0D3D38C-0A88-47B0-AD62-B239755A7CB3}
2011-04-12 18:18 - 2011-04-12 18:18 - 0000000 ____D C:\Users\Maggie\Local Settings\{A0D3D38C-0A88-47B0-AD62-B239755A7CB3}
2011-04-12 18:18 - 2011-04-12 18:18 - 0000000 ____D C:\Users\Maggie\AppData\Local\{A0D3D38C-0A88-47B0-AD62-B239755A7CB3}
2011-04-11 10:56 - 2011-04-11 10:56 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{FB5EDCB3-A91F-4426-91DE-CF7294066D27}
2011-04-11 10:56 - 2011-04-11 10:56 - 0000000 ____D C:\Users\Maggie\Local Settings\{FB5EDCB3-A91F-4426-91DE-CF7294066D27}
2011-04-11 10:56 - 2011-04-11 10:56 - 0000000 ____D C:\Users\Maggie\AppData\Local\{FB5EDCB3-A91F-4426-91DE-CF7294066D27}
2011-04-10 15:33 - 2011-04-10 15:33 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{4FBD0CBF-CE95-4E8F-93FF-2CB7ECA99535}
2011-04-10 15:33 - 2011-04-10 15:33 - 0000000 ____D C:\Users\Maggie\Local Settings\{4FBD0CBF-CE95-4E8F-93FF-2CB7ECA99535}
2011-04-10 15:33 - 2011-04-10 15:33 - 0000000 ____D C:\Users\Maggie\AppData\Local\{4FBD0CBF-CE95-4E8F-93FF-2CB7ECA99535}
2011-04-09 01:58 - 2011-05-12 22:03 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-04-09 01:45 - 2011-05-11 06:21 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-04-09 01:13 - 2011-05-11 06:21 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-04-09 01:13 - 2011-05-11 06:21 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-04-09 00:56 - 2011-05-12 22:03 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-04-07 12:24 - 2011-04-07 12:24 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{86FEE6A9-64AF-416C-98A2-C3587668F554}
2011-04-07 12:24 - 2011-04-07 12:24 - 0000000 ____D C:\Users\Maggie\Local Settings\{86FEE6A9-64AF-416C-98A2-C3587668F554}
2011-04-07 12:24 - 2011-04-07 12:24 - 0000000 ____D C:\Users\Maggie\AppData\Local\{86FEE6A9-64AF-416C-98A2-C3587668F554}
2011-04-06 19:51 - 2011-04-06 19:51 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{BE0AFEB0-92F5-450F-A5EB-CF26AAD3566D}
2011-04-06 19:51 - 2011-04-06 19:51 - 0000000 ____D C:\Users\Maggie\Local Settings\{BE0AFEB0-92F5-450F-A5EB-CF26AAD3566D}
2011-04-06 19:51 - 2011-04-06 19:51 - 0000000 ____D C:\Users\Maggie\AppData\Local\{BE0AFEB0-92F5-450F-A5EB-CF26AAD3566D}
2011-04-06 11:46 - 2011-04-06 11:46 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{7ED31279-A5C7-4F84-919F-CABEC481A78B}
2011-04-06 11:46 - 2011-04-06 11:46 - 0000000 ____D C:\Users\Maggie\Local Settings\{7ED31279-A5C7-4F84-919F-CABEC481A78B}
2011-04-06 11:46 - 2011-04-06 11:46 - 0000000 ____D C:\Users\Maggie\AppData\Local\{7ED31279-A5C7-4F84-919F-CABEC481A78B}
2011-04-05 12:37 - 2011-04-05 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{91B3108E-F563-4023-976A-B5CEA63C64BC}
2011-04-05 12:37 - 2011-04-05 12:37 - 0000000 ____D C:\Users\Maggie\Local Settings\{91B3108E-F563-4023-976A-B5CEA63C64BC}
2011-04-05 12:37 - 2011-04-05 12:37 - 0000000 ____D C:\Users\Maggie\AppData\Local\{91B3108E-F563-4023-976A-B5CEA63C64BC}
2011-04-04 18:00 - 2011-04-04 18:00 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{661F5124-EB82-4FD5-A20A-4BB51755B7FB}
2011-04-04 18:00 - 2011-04-04 18:00 - 0000000 ____D C:\Users\Maggie\Local Settings\{661F5124-EB82-4FD5-A20A-4BB51755B7FB}
2011-04-04 18:00 - 2011-04-04 18:00 - 0000000 ____D C:\Users\Maggie\AppData\Local\{661F5124-EB82-4FD5-A20A-4BB51755B7FB}
2011-04-03 11:40 - 2011-04-01 22:07 - 0000000 ____D C:\lc3
2011-04-02 09:24 - 2011-04-02 09:24 - 0000000 ____D C:\Users\Maggie\Desktop\ExtensionSample
2011-04-02 09:23 - 2011-04-02 09:23 - 0385024 ____A C:\Users\Maggie\Downloads\LC301(2).exe
2011-04-02 09:17 - 2011-04-02 09:17 - 0056267 ____A C:\Users\Maggie\Downloads\lc3tools_v12(5).zip
2011-04-01 22:18 - 2011-04-01 22:18 - 0056267 ____A C:\Users\Maggie\Downloads\lc3tools_v12(4).zip
2011-04-01 22:16 - 2011-04-01 22:16 - 0056267 ____A C:\Users\Maggie\Downloads\lc3tools_v12(3).zip
2011-04-01 22:06 - 2011-04-01 22:06 - 0385024 ____A C:\Users\Maggie\Downloads\LC301.exe
2011-04-01 22:06 - 2011-04-01 22:06 - 0056267 ____A C:\Users\Maggie\Downloads\lc3tools_v12(2).zip
2011-04-01 22:06 - 2011-04-01 22:06 - 0000000 ____D C:\Users\Maggie\Downloads\lc3tools_v12(2)
2011-04-01 11:26 - 2011-04-01 11:26 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{CCC74127-7ED8-4439-B67A-A7189769AD4B}
2011-04-01 11:26 - 2011-04-01 11:26 - 0000000 ____D C:\Users\Maggie\Local Settings\{CCC74127-7ED8-4439-B67A-A7189769AD4B}
2011-04-01 11:26 - 2011-04-01 11:26 - 0000000 ____D C:\Users\Maggie\AppData\Local\{CCC74127-7ED8-4439-B67A-A7189769AD4B}
2011-03-31 19:34 - 2011-03-31 19:34 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{52CCB6FA-AA43-4661-8ADF-8AC4B0FF3C3A}
2011-03-31 19:34 - 2011-03-31 19:34 - 0000000 ____D C:\Users\Maggie\Local Settings\{52CCB6FA-AA43-4661-8ADF-8AC4B0FF3C3A}
2011-03-31 19:34 - 2011-03-31 19:34 - 0000000 ____D C:\Users\Maggie\AppData\Local\{52CCB6FA-AA43-4661-8ADF-8AC4B0FF3C3A}
2011-03-31 13:19 - 2011-03-31 13:19 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\{B181F5CD-953C-480B-A879-4445B298B739}
2011-03-31 13:19 - 2011-03-31 13:19 - 0000000 ____D C:\Users\Maggie\Local Settings\{B181F5CD-953C-480B-A879-4445B298B739}
2011-03-31 13:19 - 2011-03-31 13:19 - 0000000 ____D C:\Users\Maggie\AppData\Local\{B181F5CD-953C-480B-A879-4445B298B739}
2011-03-30 21:56 - 2010-06-15 10:27 - 0000000 ____D C:\Program Files (x86)\Windows Live
2011-03-29 18:41 - 2010-06-23 15:26 - 0000000 ____D C:\Users\Maggie\Local Settings\Application Data\AIM
2011-03-29 18:41 - 2010-06-23 15:26 - 0000000 ____D C:\Users\Maggie\Local Settings\AIM
2011-03-29 18:41 - 2010-06-23 15:26 - 0000000 ____D C:\Users\Maggie\AppData\Local\AIM
2011-03-29 12:21 - 2011-03-29 12:21 - 0002422 ____A C:\Users\Maggie\Downloads\signal.zip
2011-03-28 22:32 - 2011-05-11 06:21 - 0343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0324608 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0099328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0052224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2011-03-28 22:32 - 2011-05-11 06:21 - 0007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys

========================= Known DLLs =========================

[2009-07-13 19:41] - [2009-07-13 20:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 19:20] - [2009-07-13 20:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 19:00] - [2009-07-13 20:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 18:44] - [2009-07-13 20:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 18:55] - [2009-07-13 20:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 18:39] - [2009-07-13 20:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 18:39] - [2009-07-13 20:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 18:25] - [2009-07-13 20:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-06-15 17:45] - [2011-04-22 15:13] - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-06-15 17:46] - [2011-04-22 14:31] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 19:13] - [2009-07-13 20:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 18:57] - [2009-07-13 20:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 18:38] - [2009-07-13 20:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 18:25] - [2009-07-13 20:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 18:28] - [2009-07-13 20:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 18:16] - [2009-07-13 20:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 18:38] - [2009-07-13 20:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 18:25] - [2009-07-13 20:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 18:40] - [2009-07-13 20:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 18:28] - [2009-07-13 20:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 18:19] - [2009-07-13 20:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 18:12] - [2009-07-13 20:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 18:26] - [2009-07-13 20:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 18:15] - [2009-07-13 20:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 18:21] - [2009-07-13 20:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 18:12] - [2009-07-13 20:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-14 08:50] - [2010-06-29 00:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-14 08:50] - [2010-06-29 00:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2011-06-14 20:14] - [2010-12-18 01:13] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2011-06-14 20:14] - [2010-12-18 00:31] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 18:26] - [2009-07-13 20:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 18:15] - [2009-07-13 20:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 18:23] - [2009-07-13 20:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 18:12] - [2009-07-13 20:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 18:20] - [2009-07-13 20:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 18:11] - [2009-07-13 20:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 18:27] - [2009-07-13 20:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 18:16] - [2009-07-13 20:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-02 14:26] - [2010-07-27 09:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-02 14:26] - [2010-07-27 09:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 18:55] - [2009-07-13 20:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 18:39] - [2009-07-13 20:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-06-15 17:45] - [2011-04-22 15:18] - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-06-15 17:45] - [2011-04-22 14:31] - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 18:38] - [2009-07-13 20:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 18:24] - [2009-07-13 20:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 18:38] - [2009-07-13 20:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 18:25] - [2009-07-13 20:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 18:57] - [2009-07-13 20:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 18:41] - [2009-07-13 20:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-06-15 17:45] - [2011-04-22 15:18] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-06-15 17:45] - [2011-04-22 14:31] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 18:54] - [2009-07-13 20:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 18:38] - [2009-07-13 20:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 18:21] - [2009-07-13 20:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 18:12] - [2009-07-13 20:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

================== Bamital & volsnap Check ===================

C:\Windows\System32\winlogon.exe
[2010-06-15 12:51] - [2010-06-15 12:51] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 18:52] - [2009-07-13 20:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-04-27 06:21] - [2011-02-26 01:23] - 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-13 18:20] - [2009-07-13 20:45] - 0294992 ____A (Microsoft Corporation) 58F82EED8CA24B461441F9C3E4F0BF5C


========================= Memory info ========================

Percentage of memory in use: 15%
Total physical RAM: 3892.51 MB
Available physical RAM: 3304.91 MB
Total Pagefile: 3890.66 MB
Available Pagefile: 3297.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions ===========================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:360.02 GB) NTFS
3 Drive e: (Elements) (Fixed) (Total:931.51 GB) (Free:862.42 GB) NTFS
4 Drive f: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.07 GB) NTFS
5 Drive g: (HP v100w) (Removable) (Total:7.63 GB) (Free:7.63 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


Thanks!

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 21 June 2011 - 04:38 PM

Well done.

We are going to delete some bad files and fix the main infection.

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2 SENS32; c:\windows\system32\setupapi32.exe [x]
2011-06-18 14:16 - 2011-05-28 13:44 - 0000127 ____A C:\Windows\SysWOW64\451273663
2011-06-18 14:16 - 2011-06-18 14:16 - 0351744 ____A (CrypKey Inc.) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-032.dll
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Windows\SysWOW64\setupapi32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Windows\SysWOW64\KBDNEPR32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\All Users\inseng32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\All Users\Application Data\inseng32.exe
2011-06-18 14:16 - 2011-06-18 14:15 - 0777216 ____A () C:\ProgramData\inseng32.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\msiexec.exe
2011-06-18 14:15 - 2011-06-18 14:15 - 0777216 ____A () C:\Users\Maggie\0.17107669646044354.exe
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart the computer and let it boot normally without disabling Driver Signature Enforcement and let me know how it went.

#5 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 22 June 2011 - 07:31 PM

Hello... here's the log from the fix activity:

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.1)
Ran by SYSTEM at 2011-06-22 20:17:04 R:1
Running from G:\

==============================================

SENS32 service deleted successfully.
C:\Windows\SysWOW64\451273663 moved successfully.
C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-032.dll moved successfully.
C:\Windows\SysWOW64\setupapi32.exe moved successfully.
C:\Windows\SysWOW64\KBDNEPR32.exe moved successfully.
C:\Users\All Users\inseng32.exe moved successfully.
C:\Users\All Users\Application Data\inseng32.exe not found.
C:\ProgramData\inseng32.exe not found.
C:\Users\Maggie\msiexec.exe moved successfully.
C:\Users\Maggie\0.17107669646044354.exe moved successfully.

========= bootrec /FixMbr =========

’žT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========

After running FRST64, I rebooted the system without disabling Driver Signature Enforcement. The system started normally and everything seems fine, although shortly after logging on, Microsoft Security Essentials popped up with a warning about a trojan: Tracur.Q. I clicked remove (the recommended action).

Is there anything else I should do to complete the recovery? Was there anything in the logs you saw that might suggest what activity caused the problem? The PC has McAfee SecurityCenter, and it's set up to be pretty automated, although my daughter could have inadvertently disabled some of the protection.

Thank you again for your assistance, it is greatly appreciated.

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 23 June 2011 - 12:55 AM

Great. :thumbup2:

To answer your question this was a case of TDSS/TDL4 MBR infection. We will search for vulnerabilities and eventual leftovers.

Please download Malwarebytes' Anti-Malware from one of these locations:
malwarebytes.org
majorgeeks.com
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the MBAM log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


#7 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 23 June 2011 - 06:32 PM

Thanks for the additional information.

MalWareBytes ran and found 28 items... it did say to reboot to complete removal (which we did). Here's the log:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6931

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/23/2011 6:59:06 PM
mbam-log-2011-06-23 (18-59-06).txt

Scan type: Quick scan
Objects scanned: 178825
Time elapsed: 6 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 4
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{015430F9-0560-CBFD-EED2-6A448547A02C} (Trojan.Tracur.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{015430F9-0560-CBFD-EED2-6A448547A02C} (Trojan.Tracur.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAx.Info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAx.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur.Gen) -> Bad: (C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll) Good: () -> Quarantined and deleted successfully.

Folders Infected:
c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

Files Infected:
c:\programdata\api-ms-win-core-misc-l1-1-032.dll (Trojan.Tracur.Gen) -> Quarantined and deleted successfully.
c:\Users\Maggie\0.06620873830259588.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\launchhelp.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 23 June 2011 - 07:38 PM

Good job. :thumbup2:

Malwarebytes removed some stuff.

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste OTL.txt and attacht Extra.txt to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
[/list]

#9 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 24 June 2011 - 02:25 PM

Here's the OTL.txt, and I've attached the Extra.txt Attached File  Extras.Txt   42.19KB   1 downloads

OTL logfile created on: 6/24/2011 3:01:39 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = F:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 59.99% Memory free
7.60 Gb Paging File | 5.62 Gb Available in Paging File | 73.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 359.08 Gb Free Space | 79.61% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 862.42 Gb Free Space | 92.58% Space Free | Partition Type: NTFS
Drive F: | 7.63 Gb Total Space | 7.63 Gb Free Space | 99.98% Space Free | Partition Type: FAT32

Computer Name: MAGGIE-PC | User Name: Maggie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/24 14:54:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/10/15 04:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/08/17 22:09:54 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/22 09:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
PRC - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe


========== Modules (SafeList) ==========

MOD - [2011/06/24 14:54:42 | 000,579,072 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/11/11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/07/29 20:43:42 | 000,301,024 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/01/20 16:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/02 13:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/09/21 16:24:40 | 001,420,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 16:03:06 | 000,315,664 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2009/09/21 16:00:44 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/08/17 22:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 14:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/06/15 11:20:18 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/23 17:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/10 04:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/20 16:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/07 16:51:38 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/11/02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2009/08/23 23:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/20 12:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/24 02:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 13:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/04 07:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/01 20:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 06:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/07/01 00:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 00:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 00:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/25 05:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 04:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 04:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/07 03:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E6 16 2F 01 3F AF 7E 4D A3 A4 D6 35 65 92 7A EC [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E6 16 2F 01 3F AF 7E 4D A3 A4 D6 35 65 92 7A EC [binary data]

IE - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E6 16 2F 01 3F AF 7E 4D A3 A4 D6 35 65 92 7A EC [binary data]
IE - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {757a0be5-398a-456b-bc35-8c15470387ad}:1.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 09:35:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 10:23:22 | 000,000,000 | ---D | M]

[2010/06/23 17:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maggie\AppData\Roaming\Mozilla\Extensions
[2011/06/20 20:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maggie\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7d4ov.default\extensions
[2011/06/20 20:37:03 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Maggie\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7d4ov.default\extensions\{757a0be5-398a-456b-bc35-8c15470387ad}
[2010/09/01 13:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maggie\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7d4ov.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/05/18 12:26:18 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Maggie\AppData\Roaming\Mozilla\Firefox\Profiles\rwe7d4ov.default\extensions\plugin@yontoo.com
[2010/11/08 08:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/08 16:12:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/08 08:35:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2009/11/19 18:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 18:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110510093531.dll (McAfee, Inc.)
O2 - BHO: (no name) - {012F16E6-AF3F-4D7E-A3A4-D63565927AEc} - File not found
O2 - BHO: (9038a49d) - {092171C9-7F9A-4CB6-06D4-2CCE1528E8AE} - File not found
O2 - BHO: (9038a49d) - {14D612EB-202B-D081-FBE3-E001C6AA5097} - File not found
O2 - BHO: (9038a49d) - {1B1D8E44-A64C-1785-02CF-6E71F81E2886} - File not found
O2 - BHO: (9038a49d) - {24FE8755-CBFB-24CD-FB0F-78010357BD19} - File not found
O2 - BHO: (9038a49d) - {272A074B-85B0-9CE5-A201-C157C7D3C906} - File not found
O2 - BHO: (9038a49d) - {4215C874-0DAC-0FC0-188D-322BB4275916} - File not found
O2 - BHO: (9038a49d) - {4338E498-5302-1E22-E29E-C1FF41B90B96} - File not found
O2 - BHO: (9038a49d) - {47D6E786-08EB-B9C7-03AE-452C20384496} - File not found
O2 - BHO: (9038a49d) - {490AE62A-5079-C90A-B4B1-F03E1F4EBB3A} - File not found
O2 - BHO: (9038a49d) - {4B30AE5F-F242-48D4-CE07-AEB6D4473A6E} - File not found
O2 - BHO: (9038a49d) - {4FE71EB1-ABFF-2F24-D9E8-4486EEA07B0B} - File not found
O2 - BHO: (9038a49d) - {55A4386B-4416-7997-F508-6FC4D4698DE9} - File not found
O2 - BHO: (9038a49d) - {5A9E3583-CCED-6399-208A-9FD779A41B3F} - File not found
O2 - BHO: (9038a49d) - {62D157FA-41A0-DFBD-A8F3-8A0F95F474CB} - File not found
O2 - BHO: (9038a49d) - {78F61A3D-555F-B09E-6771-F4F9F0EB8A68} - File not found
O2 - BHO: (9038a49d) - {7B67CD06-B188-CFB8-F477-8C1FDD70C163} - File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110510093531.dll (McAfee, Inc.)
O2 - BHO: (9038a49d) - {84039343-35C3-35FF-07A3-47DFBEA02BE9} - File not found
O2 - BHO: (9038a49d) - {9A6FD9F6-0A41-5FE5-BC77-40AB0559A3A4} - File not found
O2 - BHO: (9038a49d) - {A7BB4091-1EFC-5506-7F2C-5637A698B08D} - File not found
O2 - BHO: (9038a49d) - {A95853E1-AB48-56ED-4078-57934431D949} - File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (9038a49d) - {C143ADDA-F737-0D7D-A5F0-055761312496} - File not found
O2 - BHO: (9038a49d) - {CC56A329-74EC-D7CF-A8E5-D11851E614B6} - File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (9038a49d) - {D32672DB-35DF-E9B3-9F28-7FD1465DAA3A} - File not found
O2 - BHO: (9038a49d) - {E6E30EEC-06CA-A086-F3C3-E8E90AEC6AAE} - File not found
O2 - BHO: (9038a49d) - {EB5ABD62-DCB2-E20C-E150-EDC5E191A56F} - File not found
O2 - BHO: (9038a49d) - {EDB140D4-1C82-73B2-9437-ABE65FA33BF9} - File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (9038a49d) - {FD9B3A24-9AF6-4734-1585-D76DB6AF7D54} - File not found
O2 - BHO: (9038a49d) - {FDDC906C-93FB-3803-77D3-64F5E8CBDDA3} - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Maggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/08 08:29:00 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 08:56:50 | 000,000,036 | RH-- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 14:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/23 19:38:09 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{D1971D68-C373-4BCE-AC1F-349F95E0A414}
[2011/06/22 20:22:39 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{AAC1826C-F730-4DFC-8331-ED0A9C3BEB84}
[2011/06/21 18:12:19 | 000,000,000 | ---D | C] -- C:\FRST
[2011/06/20 20:01:10 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Roaming\Malwarebytes
[2011/06/20 20:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/20 20:00:44 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/20 20:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/20 20:00:40 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/20 20:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/19 17:45:52 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
[2011/06/18 12:18:34 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
[2011/06/16 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{2D29B456-7087-401A-A080-CDB1BC456888}
[2011/06/15 19:06:14 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
[2011/06/15 18:45:57 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 18:45:57 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 18:45:55 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 18:45:55 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 18:45:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 18:45:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 18:45:55 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 18:45:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 18:45:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 18:45:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 18:45:53 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 18:45:53 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 18:45:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 18:45:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/14 21:18:30 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
[2011/06/14 21:14:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/14 21:14:50 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/14 21:14:47 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/14 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
[2011/06/13 19:30:59 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
[2011/06/11 13:01:05 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{10D8344D-CF61-44F8-944F-6AF87802F211}
[2011/06/10 20:52:46 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
[2011/06/09 08:46:10 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
[2011/06/08 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{802B60C2-F180-45B6-A8B9-90CF959711C3}
[2011/06/07 16:29:45 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
[2011/06/06 10:44:35 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
[2011/06/05 13:15:48 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{E70C13BE-7165-4C91-891B-FC6B43D07225}
[2011/06/03 13:37:42 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
[2011/06/02 10:59:45 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{082A7A57-0E47-4865-952C-09D87C05C052}
[2011/06/01 09:22:12 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
[2011/05/30 13:52:56 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
[2011/05/29 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
[2011/05/28 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
[2011/05/27 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}

========== Files - Modified Within 30 Days ==========

[2011/06/24 15:05:21 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 15:05:21 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 15:05:14 | 004,804,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 15:05:14 | 001,562,040 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/24 15:05:14 | 000,005,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 15:00:12 | 000,000,583 | ---- | M] () -- C:\Users\Maggie\Desktop\OTL - Shortcut.lnk
[2011/06/24 14:57:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/24 14:57:31 | 3061,202,944 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/23 18:42:34 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/18 22:44:28 | 000,000,062 | ---- | M] () -- C:\ProgramData\30cbf3cf
[2011/06/15 19:01:23 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\SyncBack Maggies files back up.job
[2011/06/15 18:39:27 | 000,414,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/06/24 15:00:12 | 000,000,583 | ---- | C] () -- C:\Users\Maggie\Desktop\OTL - Shortcut.lnk
[2011/06/20 20:00:45 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 13:57:19 | 000,000,062 | ---- | C] () -- C:\ProgramData\30cbf3cf
[2011/05/16 18:12:24 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/05/16 18:12:24 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2140.DAT
[2011/02/25 21:36:20 | 000,005,350 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/24 20:50:41 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/02/24 20:50:41 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/10/15 22:12:42 | 000,005,632 | ---- | C] () -- C:\Users\Maggie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/27 15:22:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/25 20:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/08/25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/08/25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/06/15 11:33:07 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/04/29 21:34:35 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/29 21:34:35 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 24 June 2011 - 02:43 PM

This round we remove some clutters and update Java.

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • Please open OTL.
    • Copy the text in code box and paste it to Custom Scans/Fixes section:

      :otl
      O2 - BHO: (no name) - {012F16E6-AF3F-4D7E-A3A4-D63565927AEc} - File not found
      O2 - BHO: (9038a49d) - {092171C9-7F9A-4CB6-06D4-2CCE1528E8AE} - File not found
      O2 - BHO: (9038a49d) - {14D612EB-202B-D081-FBE3-E001C6AA5097} - File not found
      O2 - BHO: (9038a49d) - {1B1D8E44-A64C-1785-02CF-6E71F81E2886} - File not found
      O2 - BHO: (9038a49d) - {24FE8755-CBFB-24CD-FB0F-78010357BD19} - File not found
      O2 - BHO: (9038a49d) - {272A074B-85B0-9CE5-A201-C157C7D3C906} - File not found
      O2 - BHO: (9038a49d) - {4215C874-0DAC-0FC0-188D-322BB4275916} - File not found
      O2 - BHO: (9038a49d) - {4338E498-5302-1E22-E29E-C1FF41B90B96} - File not found
      O2 - BHO: (9038a49d) - {47D6E786-08EB-B9C7-03AE-452C20384496} - File not found
      O2 - BHO: (9038a49d) - {490AE62A-5079-C90A-B4B1-F03E1F4EBB3A} - File not found
      O2 - BHO: (9038a49d) - {4B30AE5F-F242-48D4-CE07-AEB6D4473A6E} - File not found
      O2 - BHO: (9038a49d) - {4FE71EB1-ABFF-2F24-D9E8-4486EEA07B0B} - File not found
      O2 - BHO: (9038a49d) - {55A4386B-4416-7997-F508-6FC4D4698DE9} - File not found
      O2 - BHO: (9038a49d) - {5A9E3583-CCED-6399-208A-9FD779A41B3F} - File not found
      O2 - BHO: (9038a49d) - {62D157FA-41A0-DFBD-A8F3-8A0F95F474CB} - File not found
      O2 - BHO: (9038a49d) - {78F61A3D-555F-B09E-6771-F4F9F0EB8A68} - File not found
      O2 - BHO: (9038a49d) - {7B67CD06-B188-CFB8-F477-8C1FDD70C163} - File not found
      O2 - BHO: (9038a49d) - {84039343-35C3-35FF-07A3-47DFBEA02BE9} - File not found
      O2 - BHO: (9038a49d) - {9A6FD9F6-0A41-5FE5-BC77-40AB0559A3A4} - File not found
      O2 - BHO: (9038a49d) - {A7BB4091-1EFC-5506-7F2C-5637A698B08D} - File not found
      O2 - BHO: (9038a49d) - {A95853E1-AB48-56ED-4078-57934431D949} - File not found
      O2 - BHO: (9038a49d) - {C143ADDA-F737-0D7D-A5F0-055761312496} - File not found
      O2 - BHO: (9038a49d) - {CC56A329-74EC-D7CF-A8E5-D11851E614B6} - File not found
      O2 - BHO: (9038a49d) - {D32672DB-35DF-E9B3-9F28-7FD1465DAA3A} - File not found
      O2 - BHO: (9038a49d) - {E6E30EEC-06CA-A086-F3C3-E8E90AEC6AAE} - File not found
      O2 - BHO: (9038a49d) - {EB5ABD62-DCB2-E20C-E150-EDC5E191A56F} - File not found
      O2 - BHO: (9038a49d) - {EDB140D4-1C82-73B2-9437-ABE65FA33BF9} - File not found
      O2 - BHO: (9038a49d) - {FD9B3A24-9AF6-4734-1585-D76DB6AF7D54} - File not found
      O2 - BHO: (9038a49d) - {FDDC906C-93FB-3803-77D3-64F5E8CBDDA3} - File not found
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKU\S-1-5-21-3962024906-1393773455-1145986324-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
      O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
      O4 - Startup: C:\Users\Maggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
      [2011/06/18 22:44:28 | 000,000,062 | ---- | M] () -- C:\ProgramData\30cbf3cf
      [2011/06/14 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{13004D22-008B-4F33-A6F7-80AB1BB30EA3}
      [2011/06/13 19:30:59 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{8C94E8D9-185B-4178-9743-C5F517D0ADE4}
      [2011/06/11 13:01:05 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{10D8344D-CF61-44F8-944F-6AF87802F211}
      [2011/06/10 20:52:46 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE}
      [2011/06/09 08:46:10 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF}
      [2011/06/08 11:26:52 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{802B60C2-F180-45B6-A8B9-90CF959711C3}
      [2011/06/07 16:29:45 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF}
      [2011/06/06 10:44:35 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{2C2ED162-1FC2-48D1-893B-A37DF42563BB}
      [2011/06/05 13:15:48 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{E70C13BE-7165-4C91-891B-FC6B43D07225}
      [2011/06/03 13:37:42 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE}
      [2011/06/02 10:59:45 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{082A7A57-0E47-4865-952C-09D87C05C052}
      [2011/06/01 09:22:12 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5}
      [2011/05/30 13:52:56 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467}
      [2011/05/29 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9}
      [2011/05/28 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{222FE754-DC17-42E4-AF7E-06DFF0505F1C}
      [2011/05/27 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E}
      [2011/06/14 21:18:30 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED}
      [2011/06/19 17:45:52 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD}
      [2011/06/18 12:18:34 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C}
      [2011/06/16 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{2D29B456-7087-401A-A080-CDB1BC456888}
      [2011/06/15 19:06:14 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC}
      [2011/06/23 19:38:09 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{D1971D68-C373-4BCE-AC1F-349F95E0A414}
      [2011/06/22 20:22:39 | 000,000,000 | ---D | C] -- C:\Users\Maggie\AppData\Local\{AAC1826C-F730-4DFC-8331-ED0A9C3BEB84}
      
    • Click Run Fix button.
    • If the fix needed a reboot please do it.
    • After finished a log will open. Copy and paste the log to your reply.
  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    • Please follow these steps to remove older version Java components and update:[list]
    • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
    • Look for "JDK 6 Update 26 (JDK or JRE)".
    • Click the "Download JRE" button to the right.
    • Select your Platform: "Windows".
    • Select your Language: "Multi-language".
    • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
    • Click Continue and the page will refresh.
    • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
  • Tell me also how is your computer running.


#11 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 24 June 2011 - 07:36 PM

I deleted FRST and it's folder. I ran OTL and inserted the fix text as requested. That all worked fine (log of results is below). I followed the instructions on Java as best as possible (uninstalled old versions fine, but the JRE 6.0.26 executable didn't ask about language, nor did it ask about installing a Toolbar, but it installed without error). At the end of installation it said auto-update is on. However, when I checked Firefox via Add-Ons, it still pointed to the Java 6.0.21 Console, and didn't seem to have the new 6.0.26 Console available. I manually updated the add-on and now Firefox shows the 6.0.26 Console and the old one has been disabled).

OTL seems to have removed a Dell program that put up a sort of 'quick launch' menu at start-up... allowed you to quick launch Dell's update tool, system services tool, etc. I don't think it was Malware (came pre-installed on the system), but it's not a big deal that it's been removed (or at least disabled).

Overall, the computer seems to be running well (performance OK and no unexpected behavior in the last couple of days), although we've been trying to use it less to avoid making any problems worse until things are fixed, and the system is once again secure. I had been getting a 'computer is not fully protected' message frequently from McAfee, but I manually updated McAfee yesterday, and since then haven't see that pop-up.

Thank you very much for your continued assistance.

Here's the log from OTL:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012F16E6-AF3F-4D7E-A3A4-D63565927AEc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012F16E6-AF3F-4D7E-A3A4-D63565927AEc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{092171C9-7F9A-4CB6-06D4-2CCE1528E8AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{092171C9-7F9A-4CB6-06D4-2CCE1528E8AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14D612EB-202B-D081-FBE3-E001C6AA5097}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14D612EB-202B-D081-FBE3-E001C6AA5097}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B1D8E44-A64C-1785-02CF-6E71F81E2886}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B1D8E44-A64C-1785-02CF-6E71F81E2886}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24FE8755-CBFB-24CD-FB0F-78010357BD19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24FE8755-CBFB-24CD-FB0F-78010357BD19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{272A074B-85B0-9CE5-A201-C157C7D3C906}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{272A074B-85B0-9CE5-A201-C157C7D3C906}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4215C874-0DAC-0FC0-188D-322BB4275916}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4215C874-0DAC-0FC0-188D-322BB4275916}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4338E498-5302-1E22-E29E-C1FF41B90B96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4338E498-5302-1E22-E29E-C1FF41B90B96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47D6E786-08EB-B9C7-03AE-452C20384496}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47D6E786-08EB-B9C7-03AE-452C20384496}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{490AE62A-5079-C90A-B4B1-F03E1F4EBB3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{490AE62A-5079-C90A-B4B1-F03E1F4EBB3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B30AE5F-F242-48D4-CE07-AEB6D4473A6E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B30AE5F-F242-48D4-CE07-AEB6D4473A6E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4FE71EB1-ABFF-2F24-D9E8-4486EEA07B0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FE71EB1-ABFF-2F24-D9E8-4486EEA07B0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55A4386B-4416-7997-F508-6FC4D4698DE9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55A4386B-4416-7997-F508-6FC4D4698DE9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A9E3583-CCED-6399-208A-9FD779A41B3F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A9E3583-CCED-6399-208A-9FD779A41B3F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62D157FA-41A0-DFBD-A8F3-8A0F95F474CB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62D157FA-41A0-DFBD-A8F3-8A0F95F474CB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F61A3D-555F-B09E-6771-F4F9F0EB8A68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78F61A3D-555F-B09E-6771-F4F9F0EB8A68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B67CD06-B188-CFB8-F477-8C1FDD70C163}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B67CD06-B188-CFB8-F477-8C1FDD70C163}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84039343-35C3-35FF-07A3-47DFBEA02BE9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84039343-35C3-35FF-07A3-47DFBEA02BE9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A6FD9F6-0A41-5FE5-BC77-40AB0559A3A4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A6FD9F6-0A41-5FE5-BC77-40AB0559A3A4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7BB4091-1EFC-5506-7F2C-5637A698B08D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7BB4091-1EFC-5506-7F2C-5637A698B08D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A95853E1-AB48-56ED-4078-57934431D949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A95853E1-AB48-56ED-4078-57934431D949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C143ADDA-F737-0D7D-A5F0-055761312496}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C143ADDA-F737-0D7D-A5F0-055761312496}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC56A329-74EC-D7CF-A8E5-D11851E614B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC56A329-74EC-D7CF-A8E5-D11851E614B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D32672DB-35DF-E9B3-9F28-7FD1465DAA3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D32672DB-35DF-E9B3-9F28-7FD1465DAA3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E30EEC-06CA-A086-F3C3-E8E90AEC6AAE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6E30EEC-06CA-A086-F3C3-E8E90AEC6AAE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5ABD62-DCB2-E20C-E150-EDC5E191A56F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB5ABD62-DCB2-E20C-E150-EDC5E191A56F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDB140D4-1C82-73B2-9437-ABE65FA33BF9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDB140D4-1C82-73B2-9437-ABE65FA33BF9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD9B3A24-9AF6-4734-1585-D76DB6AF7D54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD9B3A24-9AF6-4734-1585-D76DB6AF7D54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDDC906C-93FB-3803-77D3-64F5E8CBDDA3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDDC906C-93FB-3803-77D3-64F5E8CBDDA3}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3962024906-1393773455-1145986324-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot.
C:\Users\Maggie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
C:\ProgramData\30cbf3cf moved successfully.
C:\Users\Maggie\AppData\Local\{13004D22-008B-4F33-A6F7-80AB1BB30EA3} folder moved successfully.
C:\Users\Maggie\AppData\Local\{8C94E8D9-185B-4178-9743-C5F517D0ADE4} folder moved successfully.
C:\Users\Maggie\AppData\Local\{10D8344D-CF61-44F8-944F-6AF87802F211} folder moved successfully.
C:\Users\Maggie\AppData\Local\{90B81AFD-52C4-49B0-B8A1-99186BA90FFE} folder moved successfully.
C:\Users\Maggie\AppData\Local\{B6D1ED31-0EB8-432D-B7DF-D595C3136EBF} folder moved successfully.
C:\Users\Maggie\AppData\Local\{802B60C2-F180-45B6-A8B9-90CF959711C3} folder moved successfully.
C:\Users\Maggie\AppData\Local\{8CB470D8-6157-4AAA-9C96-8275C3C7FFFF} folder moved successfully.
C:\Users\Maggie\AppData\Local\{2C2ED162-1FC2-48D1-893B-A37DF42563BB} folder moved successfully.
C:\Users\Maggie\AppData\Local\{E70C13BE-7165-4C91-891B-FC6B43D07225} folder moved successfully.
C:\Users\Maggie\AppData\Local\{959B236E-7ED0-4EE6-90BE-9C5FD18913AE} folder moved successfully.
C:\Users\Maggie\AppData\Local\{082A7A57-0E47-4865-952C-09D87C05C052} folder moved successfully.
C:\Users\Maggie\AppData\Local\{6AA8AF44-77A7-46B4-AC2D-8B20CA0D6EB5} folder moved successfully.
C:\Users\Maggie\AppData\Local\{99F5B22B-98C5-4C1F-A57F-2E60D64E7467} folder moved successfully.
C:\Users\Maggie\AppData\Local\{FFE9D65B-EA10-454E-95ED-B83C761BB3C9} folder moved successfully.
C:\Users\Maggie\AppData\Local\{222FE754-DC17-42E4-AF7E-06DFF0505F1C} folder moved successfully.
C:\Users\Maggie\AppData\Local\{7819A7E0-C5A5-4AE9-8D05-CFBCE945044E} folder moved successfully.
C:\Users\Maggie\AppData\Local\{DF6816B6-32FE-4FA5-9F9F-39C651E67EED} folder moved successfully.
C:\Users\Maggie\AppData\Local\{9B1BDF66-40B2-4F8C-8F6F-02D50172EEAD} folder moved successfully.
C:\Users\Maggie\AppData\Local\{C426A642-7A1C-42AB-A39F-ED6EB3650A7C} folder moved successfully.
C:\Users\Maggie\AppData\Local\{2D29B456-7087-401A-A080-CDB1BC456888} folder moved successfully.
C:\Users\Maggie\AppData\Local\{19EC7D6D-17D7-4EC0-8DA0-DD2BC37729AC} folder moved successfully.
C:\Users\Maggie\AppData\Local\{D1971D68-C373-4BCE-AC1F-349F95E0A414} folder moved successfully.
C:\Users\Maggie\AppData\Local\{AAC1826C-F730-4DFC-8331-ED0A9C3BEB84} folder moved successfully.

OTL by OldTimer - Version 3.2.24.1 log created on 06242011_172316

Files\Folders moved on Reboot...
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found!

Registry entries deleted on Reboot...

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 25 June 2011 - 12:11 AM

Thanks for the detailed feedback.

OTL seems to have removed a Dell program that put up a sort of 'quick launch' menu at start-up... allowed you to quick launch Dell's update tool, system services tool, etc. I don't think it was Malware (came pre-installed on the system), but it's not a big deal that it's been removed (or at least disabled).

Yes, OTL had listed the short-cut as a leftover, a short-cut with missing the exe it should launch. I guess if it was still working this should be a bug with OTL not being able to list the file it points at. Anyway if you want we can try to restore the shortcut from OTL moved folder or you can install Dell utility from CD. But I personally don't use that feature.

What do you think?

#13 WKeith

WKeith
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 25 June 2011 - 04:34 PM

I checked with my daughter, she doesn't use the Dell utility either, so thanks for the offer to help restore, but I think she can do without it. Is there anything else we should be looking at/doing? Thanks!

#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 25 June 2011 - 05:52 PM

Everything looks good and you are good to go. :thumbup2:

  • You may delete any tool or log we used from your computer.
  • This small application you may want to keep and use to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/

    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
    • Go to Start => Right-click "Computer" and select "Properties".
    • In the left pane select "System Protection".
    • Press "Configure".
    • Select "Delete". Then press "Continue" close and "OK".
    • Select your drive (drive C) and press "Create".
      Fill in a name for the restore point and press "Create".
      After finished press "Close".
    Recommendations:
    • I recommend using Site Advisor for safe surfing. It is a free extension both for Internet Explorer and Firefox. When you search a site it gives you an indication of how safe a site is.
    • I recommend installing this small application for safe surfing: Javacools© SpywareBlaster
      SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
    • Download and install it.
    • Update it manually by clicking on Updates in the left pane and then Check for Updates.
    • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
    • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.

If you don't have any question I wish you and your daughter happy surfing.:)

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:07 PM

Posted 02 July 2011 - 10:09 AM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users