OTL logfile created on: 9/6/2011 12:53:44 AM - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Kelvin\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy 1.96 Gb Total Physical Memory | 0.33 Gb Available Physical Memory | 16.66% Memory free 3.92 Gb Paging File | 2.25 Gb Available in Paging File | 57.37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 187.69 Gb Total Space | 76.75 Gb Free Space | 40.89% Space Free | Partition Type: NTFS Drive D: | 30.25 Gb Total Space | 29.59 Gb Free Space | 97.84% Space Free | Partition Type: NTFS Drive F: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: KELVINATORS-PC | User Name: Kelvin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/09/06 00:50:22 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Kelvin\Downloads\OTL.exe PRC - [2011/09/06 00:42:12 | 000,583,136 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe PRC - [2011/09/05 23:27:09 | 015,338,952 | ---- | M] (Microsoft Corporation) -- C:\Users\Kelvin\Downloads\windows-kb890830-v3.22.exe PRC - [2011/09/05 13:36:18 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011/07/30 10:05:10 | 000,083,912 | ---- | M] (Microsoft Corporation) -- c:\3e9a66c43f9b615bb816729f8dfba4\mrtstub.exe PRC - [2011/07/04 12:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/07/04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/06/22 08:47:34 | 000,884,304 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 13:17:21 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe PRC - [2010/11/20 13:17:17 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe PRC - [2010/11/20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010/03/25 17:32:02 | 000,445,496 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\SASrv.exe PRC - [2009/09/29 17:23:20 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2009/09/29 17:22:46 | 005,064,560 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2009/07/14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2009/07/14 02:14:37 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/06/15 12:14:30 | 001,692,672 | ---- | M] (PANTERASoft) -- C:\Program Files\HDD Health\hddhealth.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/06/22 08:47:34 | 000,884,304 | ---- | M] () -- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe MOD - [2008/12/20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll MOD - [2008/12/20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (Lavasoft Ad-Aware Service) SRV - [2011/09/06 00:42:12 | 000,583,136 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC) SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011/07/04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/03/08 14:07:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010/03/25 17:32:02 | 000,445,496 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\SASrv.exe -- (SAService) SRV - [2009/09/22 19:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009/08/14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009/07/14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/09/06 00:42:16 | 000,105,800 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\windows\System32\drivers\WRkrn.sys -- (WRkrn) DRV - [2011/08/28 11:34:41 | 000,054,800 | ---- | M] () [Kernel | System | Running] -- C:\windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2011/08/23 19:31:01 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011/07/04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/07/04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/07/04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/07/04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/07/04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/07/04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/04/26 01:00:20 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/04/24 01:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2010/04/24 01:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2010/04/24 01:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2010/04/24 01:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2010/04/22 05:08:22 | 000,218,744 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2010/03/31 07:49:52 | 000,517,688 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2010/01/20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2009/10/16 18:37:28 | 000,172,160 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi) DRV - [2009/09/10 14:31:48 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009/07/28 22:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0) DRV - [2009/07/24 14:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd) DRV - [2009/07/16 13:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R) DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2009/06/18 10:15:22 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/06/18 10:15:22 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/06/18 10:15:22 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/06/18 10:15:22 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/06/18 10:14:52 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/ IE - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-IE IE - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.ie/" FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/04 12:14:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/12 00:22:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kelvin\AppData\Roaming\Mozilla\Extensions [2011/09/05 22:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kelvin\AppData\Roaming\Mozilla\Firefox\Profiles\cxdrwi0b.default\extensions [2011/09/04 21:11:44 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\Kelvin\AppData\Roaming\Mozilla\Firefox\Profiles\cxdrwi0b.default\extensions\ffox@bandoo.com [2011/09/05 22:34:46 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Kelvin\AppData\Roaming\Mozilla\Firefox\Profiles\cxdrwi0b.default\extensions\ffxtlbr@babylon.com [2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Kelvin\AppData\Roaming\Mozilla\Firefox\Profiles\cxdrwi0b.default\searchplugins\startsear.xml () (No name found) -- C:\USERS\KELVIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CXDRWI0B.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI O1 HOSTS File: ([2011/08/18 21:19:27 | 000,434,097 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14938 more lines... O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{393E1CE2-A8CA-4E32-A66D-2E9CD9D5A7A3}: NameServer = 83.136.47.249 193.120.14.101 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009/11/18 15:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2009/03/20 18:20:32 | 000,027,750 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ] O32 - AutoRun File - [2009/11/17 15:01:12 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\windows\System32\lsdelete.exe () O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-2098614033-271334484-3226454627-1000..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-2098614033-271334484-3226454627-1000\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/09/06 00:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere [2011/09/06 00:42:16 | 000,121,184 | ---- | C] (Webroot) -- C:\windows\System32\WRusr.dll [2011/09/06 00:42:16 | 000,105,800 | ---- | C] (Webroot) -- C:\windows\System32\drivers\WRkrn.sys [2011/09/06 00:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot [2011/09/06 00:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData [2011/09/05 23:59:36 | 000,000,000 | ---D | C] -- C:\3e9a66c43f9b615bb816729f8dfba4 [2011/09/05 23:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/09/05 22:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Health [2011/09/05 22:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Health [2011/09/05 22:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2011/09/05 22:34:33 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\Babylon [2011/09/05 22:34:33 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\Babylon [2011/09/05 22:28:06 | 000,000,000 | ---D | C] -- C:\perflogs [2011/09/05 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\MigWiz [2011/09/05 20:35:26 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\Birdstep Technology [2011/09/05 20:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband [2011/09/05 20:28:36 | 000,180,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\System32\drivers\ewusbnet.sys [2011/09/05 20:28:36 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\System32\drivers\ewusbmdm.sys [2011/09/05 20:28:36 | 000,101,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\System32\drivers\ewusbdev.sys [2011/09/05 20:28:36 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\windows\System32\drivers\ewdcsc.sys [2011/09/05 20:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\3 Mobile Broadband [2011/09/05 16:50:00 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\ElevatedDiagnostics [2011/09/05 15:34:38 | 000,082,696 | ---- | C] (Microsoft Corporation.) -- C:\windows\System32\lmdimon8.dll [2011/09/05 15:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Applications [2011/09/05 15:09:51 | 000,000,000 | ---D | C] -- C:\windows\pss [2011/09/05 14:08:05 | 000,000,000 | ---D | C] -- C:\windows\temp [2011/09/05 14:06:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/09/05 13:47:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2011/09/05 13:47:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2011/09/05 13:47:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2011/09/05 13:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011/09/05 13:38:52 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\windows\System32\igxpun.exe [2011/09/05 13:38:33 | 000,000,000 | ---D | C] -- C:\Drivers [2011/09/05 13:28:29 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\SUPERAntiSpyware.com [2011/09/05 13:28:06 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2011/09/05 13:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011/09/05 13:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011/09/05 13:22:49 | 000,065,808 | ---- | C] (trend_company_name) -- C:\windows\System32\drivers\tmrkb.sys [2011/09/05 13:22:48 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys [2011/09/05 11:38:23 | 000,000,000 | ---D | C] -- C:\windows\ERDNT [2011/09/05 11:37:54 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/09/05 11:19:23 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\{4E03C9D3-464E-45F3-9824-4D574B0E56EE} [2011/09/05 11:19:02 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\{A7DF3735-FD62-4E05-8F50-8E9B5C1319D0} [2011/09/04 15:41:07 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\Tracing [2011/09/04 15:40:53 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Local\VirtualStore [2011/09/04 14:34:12 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/09/04 14:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/09/04 14:34:06 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/09/04 14:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/09/04 13:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair [2011/09/04 13:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair [2011/09/04 13:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{3D289CAC-AD9F-45d9-9D36-524EB7B6C958} [2011/09/04 12:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND [2011/09/03 15:33:10 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\CheckPoint [2011/09/03 15:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2011/09/03 15:31:24 | 000,000,000 | ---D | C] -- C:\windows\System32\ZoneLabs [2011/09/03 15:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2011/09/03 15:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 [2011/09/03 15:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster [2011/09/03 15:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter [2011/09/03 15:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4 [2011/09/03 15:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos [2011/09/03 00:37:48 | 000,000,000 | ---D | C] -- C:\BIOS [2011/09/02 16:33:44 | 000,000,000 | ---D | C] -- C:\windows\System32\directx [2011/09/02 16:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2011/09/02 15:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2011/09/02 14:48:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011/09/02 14:30:05 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_43.dll [2011/09/02 14:30:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_4.dll [2011/09/02 14:30:03 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_6.dll [2011/09/02 14:30:02 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_42.dll [2011/09/02 14:30:02 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_3.dll [2011/09/02 14:30:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_7.dll [2011/09/02 13:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011/09/02 00:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software [2011/09/02 00:09:59 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\AVS4YOU [2011/09/02 00:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia [2011/09/02 00:07:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2011/09/02 00:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU [2011/09/01 16:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011/09/01 16:39:38 | 000,019,544 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys [2011/09/01 16:39:37 | 000,309,848 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2011/09/01 16:39:25 | 000,025,432 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys [2011/09/01 16:39:24 | 000,043,608 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2011/09/01 16:39:21 | 000,441,176 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2011/09/01 16:39:19 | 000,054,104 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2011/09/01 16:38:41 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe [2011/09/01 16:38:41 | 000,040,112 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr [2011/08/29 16:26:46 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\EasyCapture [2011/08/28 13:11:43 | 002,532,480 | ---- | C] (Silicon Motion Corporation) -- C:\windows\System32\drivers\SMIexp.sys [2011/08/28 13:11:41 | 000,937,984 | ---- | C] (SiliconMotion) -- C:\windows\System32\RemoveSM37X.exe [2011/08/28 13:11:41 | 000,172,160 | ---- | C] (SMI) -- C:\windows\System32\drivers\SMIksdrv.sys [2011/08/28 12:59:52 | 000,445,496 | ---- | C] (Conexant Systems, Inc.) -- C:\windows\System32\SASrv.exe [2011/08/28 12:57:36 | 000,000,000 | ---D | C] -- C:\Intel [2011/08/24 17:33:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2011/08/20 16:37:18 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\Documents\Downloads [2011/08/20 14:07:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2011/08/20 14:04:51 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\AVG [2011/08/20 12:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast [2011/08/20 12:44:03 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfeavfk.sys [2011/08/20 12:44:03 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfesmfk.sys [2011/08/20 12:44:03 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mfebopk.sys [2011/08/20 12:38:07 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\windows\System32\drivers\mferkdk.sys [2011/08/20 12:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Drivers [2011/08/20 12:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo EasyCapture [2011/08/20 12:11:16 | 000,000,000 | ---D | C] -- C:\Driver [2011/08/18 22:33:16 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\Yahoo! [2011/08/18 21:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/08/18 21:20:05 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\windows\System32\drivers\Lbd.sys [2011/08/18 21:20:04 | 000,000,000 | ---D | C] -- C:\windows\System32\DRVSTORE [2011/08/18 21:19:57 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys [2011/08/15 17:19:18 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\Update [2011/08/15 17:19:10 | 000,000,000 | ---D | C] -- C:\Users\Kelvin\AppData\Roaming\PCDr [2011/08/14 13:18:18 | 000,000,000 | ---D | C] -- C:\Acronyms [2011/08/11 10:25:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/08/11 10:25:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/08/11 10:25:41 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2011/08/11 10:25:41 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/08/11 10:25:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2011/08/10 19:59:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcjt32.dll [2011/08/10 19:59:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbctrac.dll [2011/08/10 19:59:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccp32.dll [2011/08/10 19:59:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccu32.dll [2011/08/10 19:59:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccr32.dll [2011/08/10 19:55:27 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2011/08/10 19:55:26 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2011/08/10 19:48:40 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe [2011/08/10 19:48:40 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll [2011/08/10 19:48:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll [2011/08/10 19:48:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/10 19:48:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/10 19:48:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll [2011/08/10 19:48:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll [2011/08/10 19:48:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/10 19:48:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll [2011/08/10 19:48:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll [2011/08/10 19:48:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2011/08/10 19:48:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll [2011/08/10 19:48:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll [2011/08/08 20:15:40 | 000,000,000 | ---D | C] -- C:\windows\en [2011/08/07 11:52:43 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2011/04/10 20:36:04 | 000,120,320 | ---- | C] ( ) -- C:\windows\System32\lagarith.dll [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/09/06 01:31:29 | 000,007,601 | ---- | M] () -- C:\Users\Kelvin\AppData\Local\resmon.resmoncfg [2011/09/06 01:15:53 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/06 01:15:53 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/06 00:42:16 | 000,121,184 | ---- | M] (Webroot) -- C:\windows\System32\WRusr.dll [2011/09/06 00:42:16 | 000,105,800 | ---- | M] (Webroot) -- C:\windows\System32\drivers\WRkrn.sys [2011/09/05 22:08:12 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/09/05 22:08:08 | 1579,622,400 | -HS- | M] () -- C:\hiberfil.sys [2011/09/05 20:52:11 | 000,628,904 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/09/05 20:52:11 | 000,110,798 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/09/05 20:29:26 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\3Connect.lnk [2011/09/05 20:29:26 | 000,001,979 | ---- | M] () -- C:\Users\Kelvin\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk [2011/09/05 20:28:14 | 000,071,262 | ---- | M] () -- C:\windows\Huawei ModemsUninstall.exe [2011/09/05 16:51:00 | 000,021,504 | ---- | M] () -- C:\windows\System32\umstartup.etl [2011/09/05 16:39:03 | 000,000,384 | ---- | M] () -- C:\windows\tasks\ErrorEND.job [2011/09/05 16:35:24 | 000,000,020 | ---- | M] () -- C:\windows\Lø@ [2011/09/05 13:36:18 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2011/09/05 13:23:26 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys [2011/09/05 13:23:26 | 000,065,808 | ---- | M] (trend_company_name) -- C:\windows\System32\drivers\tmrkb.sys [2011/09/05 12:23:59 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2011/09/05 11:32:25 | 000,002,272 | ---- | M] () -- C:\Users\Kelvin\Documents\cc_20110905_113155.reg [2011/09/04 12:18:44 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt [2011/09/03 00:20:55 | 000,093,628 | ---- | M] () -- C:\Users\Kelvin\Documents\cc_20110903_002049.reg [2011/09/01 16:02:02 | 000,660,847 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavifw.avm [2011/08/28 21:22:13 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat [2011/08/28 21:22:13 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat [2011/08/28 14:01:56 | 000,014,744 | ---- | M] () -- C:\windows\System32\results.xml [2011/08/28 11:34:41 | 001,024,000 | ---- | M] (Lenovo) -- C:\windows\System32\CamOpEx.dll [2011/08/28 11:34:41 | 000,054,800 | ---- | M] () -- C:\windows\System32\drivers\funfrm.sys [2011/08/20 12:11:28 | 003,727,720 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3dx9_35.dll [2011/08/20 12:11:28 | 000,876,032 | ---- | M] (Abysmal Software) -- C:\windows\System32\DevIL.dll [2011/08/20 12:11:28 | 000,241,664 | ---- | M] () -- C:\windows\System32\3DImageRenderer.dll [2011/08/20 12:11:28 | 000,077,824 | ---- | M] (Abysmal Software) -- C:\windows\System32\ILU.dll [2011/08/20 12:11:28 | 000,032,768 | ---- | M] (Abysmal Software) -- C:\windows\System32\ILUT.dll [2011/08/18 21:19:56 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys [2011/08/18 21:19:27 | 000,434,097 | R--- | M] () -- C:\windows\System32\drivers\etc\hosts [2011/08/18 20:33:28 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif [2011/08/14 12:14:52 | 000,007,864 | ---- | M] () -- C:\Users\Kelvin\Documents\cc_20110625_115408.reg [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/09/05 20:29:26 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\3Connect.lnk [2011/09/05 20:29:26 | 000,001,979 | ---- | C] () -- C:\Users\Kelvin\Application Data\Microsoft\Internet Explorer\Quick Launch\3Connect.lnk [2011/09/05 16:35:23 | 000,000,020 | ---- | C] () -- C:\windows\Lø@ [2011/09/05 15:57:42 | 000,000,384 | ---- | C] () -- C:\windows\tasks\ErrorEND.job [2011/09/05 13:47:32 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2011/09/05 13:47:32 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2011/09/05 13:47:32 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2011/09/05 13:47:32 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2011/09/05 13:47:32 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2011/09/05 13:44:14 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011/09/05 12:23:59 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2011/09/05 11:31:58 | 000,002,272 | ---- | C] () -- C:\Users\Kelvin\Documents\cc_20110905_113155.reg [2011/09/03 00:20:52 | 000,093,628 | ---- | C] () -- C:\Users\Kelvin\Documents\cc_20110903_002049.reg [2011/09/01 16:49:00 | 000,660,847 | ---- | C] () -- C:\windows\System32\drivers\AVG\iavifw.avm [2011/08/28 13:11:43 | 000,217,088 | ---- | C] () -- C:\windows\System32\370prop.ax [2011/08/28 13:11:43 | 000,163,840 | ---- | C] () -- C:\windows\System32\SM37XCoInst.dll [2011/08/28 13:11:41 | 000,002,070 | ---- | C] () -- C:\windows\Sensor.set [2011/08/23 19:00:56 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe [2011/08/18 21:39:04 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat [2011/08/18 21:39:04 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat [2011/08/13 23:25:55 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif [2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll [2011/06/07 23:27:21 | 000,001,660 | ---- | C] () -- C:\windows\System32\ASOROSet.bin [2011/06/06 12:32:47 | 000,007,601 | ---- | C] () -- C:\Users\Kelvin\AppData\Local\resmon.resmoncfg [2011/05/01 13:58:12 | 000,077,824 | ---- | C] () -- C:\windows\System32\freeisys.dll [2011/05/01 13:58:11 | 000,270,848 | ---- | C] () -- C:\windows\unwise.exe [2011/05/01 01:30:51 | 000,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll [2011/05/01 01:23:28 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll [2011/05/01 01:23:28 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll [2011/05/01 01:23:28 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll [2011/04/27 23:08:32 | 000,071,262 | ---- | C] () -- C:\windows\Huawei ModemsUninstall.exe [2011/03/11 22:48:46 | 000,012,088 | -HS- | C] () -- C:\ProgramData\3923678252 [2011/03/11 22:48:46 | 000,012,080 | -HS- | C] () -- C:\Users\Kelvin\AppData\Local\3923678252 [2011/02/25 20:06:47 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml [2010/09/18 06:42:36 | 002,110,728 | ---- | C] () -- C:\windows\System32\Apblend.dll [2010/09/18 06:42:36 | 001,410,312 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll [2010/09/18 06:42:36 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll [2010/09/18 06:42:36 | 000,660,744 | ---- | C] () -- C:\windows\System32\EncIcons.dll [2010/09/18 06:42:36 | 000,513,288 | ---- | C] () -- C:\windows\System32\SimpleExt.dll [2010/09/18 06:42:23 | 000,241,664 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll [2010/09/18 06:41:52 | 000,054,800 | ---- | C] () -- C:\windows\System32\drivers\funfrm.sys [2010/09/18 06:39:53 | 000,140,288 | ---- | C] () -- C:\windows\System32\igfxtvcx.dll [2010/09/18 06:35:32 | 000,016,648 | R--- | C] () -- C:\windows\System32\LogAPI.dll [2010/09/18 06:33:44 | 000,982,220 | ---- | C] () -- C:\windows\System32\igkrng500.bin [2010/09/18 06:33:43 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin [2010/09/18 06:33:43 | 000,092,216 | ---- | C] () -- C:\windows\System32\igfcg500m.bin [2009/11/06 14:51:42 | 000,439,300 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 05:33:53 | 000,280,856 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,628,904 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,110,798 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0B4227B4 < End of report >