OTL logfile created on: 8/7/2013 11:52:21 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\SuperUser\My Documents\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 0.74 Gb Available Physical Memory | 37.07% Memory free 3.84 Gb Paging File | 2.47 Gb Available in Paging File | 64.29% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.24 Gb Total Space | 14.72 Gb Free Space | 39.52% Space Free | Partition Type: NTFS Computer Name: SUPERUSE-8CC609 | User Name: SuperUser | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/08/07 11:51:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SuperUser\My Documents\Downloads\OTL(2).exe PRC - [2013/08/07 03:29:43 | 002,285,232 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe PRC - [2013/08/06 09:12:44 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/07/29 18:48:41 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2013/07/29 08:47:08 | 001,616,048 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe PRC - [2013/07/17 08:15:40 | 034,740,512 | ---- | M] (DriverHub) -- C:\Program Files\DriverHub\DriverHub.exe PRC - [2013/07/01 10:55:40 | 000,032,808 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe PRC - [2013/07/01 10:55:38 | 001,945,128 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe PRC - [2013/05/09 01:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/08/22 13:44:58 | 000,228,152 | ---- | M] (Khrona LLC) -- C:\Program Files\Norton PC Checkup 3.0\AwesomiumProcess PRC - [2012/08/22 13:44:58 | 000,125,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup 3.0\PCCU.exe PRC - [2012/08/22 13:44:30 | 000,132,056 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe PRC - [2012/05/13 17:42:10 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\MyFunCards_5m\bar\1.bin\5mbrmon.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005/04/06 18:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2005/04/06 18:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/08/07 03:29:44 | 000,145,072 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\SiteSafety.dll MOD - [2013/08/07 03:29:43 | 002,285,232 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe MOD - [2013/08/07 02:51:28 | 002,091,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13080700\algo.dll MOD - [2013/08/06 09:12:43 | 003,534,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/08/02 11:33:00 | 001,859,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\ce22f267e17c7749c6a0dd2aa3403484\System.Web.Services.ni.dll MOD - [2013/08/02 11:32:26 | 017,996,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll MOD - [2013/08/02 11:31:26 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\b1b57351a88c0c9c46bd9424347336ea\System.Management.ni.dll MOD - [2013/08/02 11:31:13 | 001,072,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll MOD - [2013/08/01 16:50:28 | 000,194,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\ac4bd5fece3ee7b1632817a509bcd909\System.ComponentModel.DataAnnotations.ni.dll MOD - [2013/08/01 16:13:49 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll MOD - [2013/08/01 16:13:43 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll MOD - [2013/08/01 16:13:40 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll MOD - [2013/08/01 16:13:26 | 000,391,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll MOD - [2013/08/01 16:13:23 | 001,781,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04326608ac9ad05c2a1e8bd46a068a91\System.Xaml.ni.dll MOD - [2013/08/01 16:11:34 | 000,194,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\04226f317855c555a957f4c2d0dc240d\CustomMarshalers.ni.dll MOD - [2013/07/31 19:29:17 | 017,671,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b72152b4330e2f009a868aa16c47acb4\PresentationFramework.ni.dll MOD - [2013/07/31 19:29:02 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll MOD - [2013/07/31 19:28:39 | 011,106,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\ed36e9ff00f2fb0f33f1c08b20a7afc0\PresentationCore.ni.dll MOD - [2013/07/31 19:28:29 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll MOD - [2013/07/31 19:28:10 | 003,798,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll MOD - [2013/07/31 19:28:03 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll MOD - [2013/07/31 19:27:50 | 000,690,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll MOD - [2013/07/31 19:27:48 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll MOD - [2013/07/31 19:27:47 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll MOD - [2013/07/31 19:27:45 | 000,327,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\65bd29660d00ac08c14edad26ce38e2c\PresentationFramework.Royale.ni.dll MOD - [2013/07/31 19:27:38 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll MOD - [2013/07/31 19:27:25 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll MOD - [2013/07/31 19:27:05 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll MOD - [2013/07/16 03:47:19 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\616fa195ca93638850a119a54171dac1\System.Web.ni.dll MOD - [2013/07/16 03:47:06 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\d4faac4fd0c53f033e8ae74cc12bf9c1\System.Transactions.ni.dll MOD - [2013/07/16 03:47:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8f3e54440f3742da409131428ad1bce1\System.ServiceProcess.ni.dll MOD - [2013/07/16 03:46:52 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\b22afb5424455b579511b925aa1563c9\System.Management.ni.dll MOD - [2013/07/16 03:46:46 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8e2d5e0600e6b49123fe0960791d4668\System.EnterpriseServices.ni.dll MOD - [2013/07/16 03:45:04 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll MOD - [2013/07/16 03:42:12 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll MOD - [2013/07/16 03:42:01 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll MOD - [2013/07/16 03:23:02 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll MOD - [2013/07/16 03:22:33 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\2ac6146a15ceb466f389e373699b3b90\System.Data.ni.dll MOD - [2013/07/16 03:20:33 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll MOD - [2013/07/16 03:20:14 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll MOD - [2013/07/16 03:19:08 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2013/07/16 03:19:06 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2013/07/16 03:19:05 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2013/07/16 03:18:54 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2013/07/16 03:18:51 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2013/07/16 03:18:51 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2013/07/16 03:18:49 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll MOD - [2013/07/16 03:18:48 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2013/07/16 03:18:46 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2013/07/16 03:18:35 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2013/07/16 03:18:30 | 005,246,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2013/07/01 10:48:20 | 003,889,152 | ---- | M] () -- C:\Program Files\MyPC Backup\MPCBIconOverlays.dll MOD - [2013/07/01 10:47:54 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll MOD - [2013/07/01 10:43:36 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll MOD - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2013/01/01 23:49:10 | 000,148,992 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax MOD - [2012/08/22 13:44:58 | 000,117,048 | ---- | M] () -- C:\Program Files\Norton PC Checkup 3.0\en-US.dll MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2004/08/10 05:00:00 | 000,331,776 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll MOD - [2004/08/10 05:00:00 | 000,268,288 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2004/08/10 05:00:00 | 000,154,112 | ---- | M] () -- C:\WINDOWS\system32\vbicodec.ax MOD - [2001/10/28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\MYFUNC~2\bar\1.bin\5mbarsvc.exe -- (MyFunCards_5mService) SRV - [2013/08/06 09:12:43 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/08/02 05:06:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/29 08:47:08 | 001,616,048 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe -- (vToolbarUpdater15.4.0) SRV - [2013/07/01 10:55:40 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack) SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/08/22 13:44:30 | 000,132,056 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\SUPERU~1\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2013/08/07 05:11:22 | 000,012,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2013/08/07 03:29:44 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2013/08/04 08:21:50 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/08/04 08:21:50 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013/08/04 08:21:50 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013/05/09 01:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/05/25 13:14:24 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE) DRV - [2010/01/05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271) DRV - [2006/01/25 16:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/04/15 18:05:42 | 002,564,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2004/04/06 17:44:04 | 000,160,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880) DRV - [2004/04/06 17:44:02 | 000,030,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE) DRV - [2004/04/06 17:44:00 | 000,295,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88enc.sys -- (CX88ENC) DRV - [2004/04/06 17:43:58 | 000,009,344 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZUxdm458YYus&ptnrS=ZUxdm458YYus&si=CP3FwLfF_q8CFQ5rhwodgBPSSg&ptb=98DA856D-7C4F-4974-8F0A-5F2FECC621ED&ind=2013072206&n=77fd0b4e&psa=&st=sb&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKCU\..\URLSearchHook: {f4c28532-b9d0-4950-a2df-e83f9929242b} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110014&tt=050412_30b&babsrc=SP_ss&mntrId=5470cdc3000000000000f8d11114b2c5 IE - HKCU\..\SearchScopes\{23CD4AE4-AA53-4234-A599-DCAFD1077EDD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9SE&pc=BIE9&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{A1F4AD43-2BEC-4B23-B795-B2B3DEEBAABE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3247201 IE - HKCU\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZUxdm458YYus&ptnrS=ZUxdm458YYus&si=CP3FwLfF_q8CFQ5rhwodgBPSSg&ptb=98DA856D-7C4F-4974-8F0A-5F2FECC621ED&ind=2013072206&n=77fd0b4e&psa=&st=sb&searchfor={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3268934&CUI=UN41109532603224965 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb203?a=6PQOKjonX5&search={searchTerms}&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "http://mysearch.avg.com/?cid={9AFEEC1B-9AB8-4F9C-8C9F-8201E8CCC8FD}&mid=741f111a24c747d3acd3d1589e300f4a-e9c96cc6f7aa219ee07b87199a7d6de3bd0067fc&lang=en&ds=AVG&pr=pr&d=2013-08-07 03:29:57&v=15.4.0.5&pid=safeguard&sg=0&sap=hp" FF - prefs.js..extensions.enabledAddons: 588a2804-b11d-4809-963b-a886d1e8684e%40416c8902-1140-4f75-9037-bf86b99379db.com:0.91.29 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - prefs.js..keyword.enabled: false FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5m\bar\1.bin\NP5mStub.dll (MindSpark) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\5mffxtbr@MyFunCards_5m.com: C:\Program Files\MyFunCards_5m\bar\1.bin [2013/08/04 16:13:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5 [2013/08/07 03:30:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/29 18:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/29 18:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/08/04 08:21:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/06 09:12:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/26 21:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Extensions [2013/08/06 08:56:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Firefox\Profiles\qoxpyhtf.default-1375402388921\extensions [2013/08/01 17:17:04 | 000,000,000 | ---D | M] ("Safe Saver") -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Firefox\Profiles\qoxpyhtf.default-1375402388921\extensions\588a2804-b11d-4809-963b-a886d1e8684e@416c8902-1140-4f75-9037-bf86b99379db.com [2013/08/01 17:17:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Firefox\Profiles\qoxpyhtf.default-1375402388921\extensions\588a2804-b11d-4809-963b-a886d1e8684e@416c8902-1140-4f75-9037-bf86b99379db.com\chrome\content\extensionCode [2013/08/06 08:56:58 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Firefox\Profiles\qoxpyhtf.default-1375402388921\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/08/06 09:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/08/06 09:12:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/04/08 20:16:22 | 000,002,353 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml O1 HOSTS File: ([2013/08/03 09:32:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found. O2 - BHO: (no name) - {c4b22c87-45ef-4f43-89f2-40db2078864e} - No CLSID value found. O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found. O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [MyFunCards Search Scope Monitor] C:\Program Files\MyFunCards_5m\bar\1.bin\5mSrchMn.exe (MindSpark) O4 - HKLM..\Run: [MyFunCards_5m Browser Plugin Loader] C:\Program Files\MyFunCards_5m\bar\1.bin\5mbrmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe () O4 - HKCU..\Run: [DriverHub] C:\Program Files\DriverHub\DriverHub.exe (DriverHub) O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\SuperUser\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - Startup: C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1330296050937 (MUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6A8200B-3E04-4D35-9BD1-659082C3C3C3}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/02/26 12:02:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/08/07 05:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2013/08/07 04:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\My Documents\New Folder [2013/08/07 04:16:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/08/07 03:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar [2013/08/07 03:11:11 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2013/08/06 17:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Start Menu\Programs\MyPC Backup [2013/08/06 09:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/08/05 22:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/08/05 22:04:42 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013/08/05 22:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/08/04 14:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\CrystalIdea Software [2013/08/04 13:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\DriverHub [2013/08/04 13:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverHub [2013/08/04 13:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\DriverHub [2013/08/04 13:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers [2013/08/04 08:21:43 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2013/08/04 08:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus [2013/08/04 08:21:42 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013/08/04 08:21:40 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2013/08/04 08:21:40 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2013/08/04 08:21:39 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013/08/04 08:21:37 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2013/08/04 08:21:37 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [2013/08/04 08:20:51 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013/08/04 08:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/08/04 08:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2013/08/04 07:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\AVG Secure Search [2013/08/03 14:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy [2013/08/03 14:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2013/08/03 13:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support [2013/08/03 09:25:20 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013/08/03 09:22:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2013/08/03 09:22:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2013/08/03 09:22:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2013/08/03 09:22:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2013/08/03 09:19:02 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/08/03 09:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2013/08/02 06:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton PC Checkup 3.0 [2013/08/02 06:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton PC Checkup 3.0 [2013/08/01 18:04:02 | 000,101,112 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2013/08/01 18:04:02 | 000,042,864 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/08/01 18:02:10 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE [2013/08/01 17:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Desktop\Old Firefox Data [2013/08/01 16:27:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2013/08/01 06:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2013/08/01 05:52:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT [2013/08/01 04:33:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Systweak [2013/08/01 04:33:42 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe [2013/07/31 13:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2013/07/31 12:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013/07/31 11:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Safe Saver [2013/07/31 09:03:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\PCCUStubInstaller [2013/07/30 11:40:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2013/07/29 20:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\JustCloud [2013/07/29 19:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\RealNetworks [2013/07/29 18:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks [2013/07/29 18:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks [2013/07/29 18:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2013/07/29 18:51:47 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/07/29 18:49:32 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/07/29 18:49:31 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/07/29 18:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks [2013/07/29 18:49:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/07/29 18:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2013/07/29 18:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Real [2013/07/29 17:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google [2013/07/29 17:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real [2013/07/29 17:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Immunet [2013/07/29 17:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Administrative Tools [2013/07/29 16:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\SyncFolder [2013/07/29 16:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup [2013/07/27 17:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations [2013/07/27 17:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Visan [2013/07/27 17:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Photo Creations [2013/07/26 05:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013/07/26 05:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013/07/25 05:21:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\SpeedyPC Software [2013/07/25 05:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software [2013/07/25 04:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic [2013/07/23 07:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013/07/22 18:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\AVG [2013/07/22 05:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\DriverCure [2013/07/22 05:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\ParetoLogic [2013/07/22 05:18:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2013/07/22 04:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\AVG SafeGuard toolbar [2013/07/22 04:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\TuneUp Software [2013/07/22 04:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\AVG SafeGuard toolbar [2013/07/22 04:03:15 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013/07/22 04:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar [2013/07/22 04:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search [2013/07/22 03:54:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files [2013/07/22 03:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\MFAData [2013/07/22 03:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData [2013/07/22 03:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Incredibar.com [2013/07/22 03:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Free Download Manager [2013/07/21 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ascentive [2013/07/21 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee [2013/07/21 21:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee [2013/07/21 19:25:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013/07/21 19:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer [2013/07/21 19:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013/07/21 19:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2013/07/16 03:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\HP [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/08/07 11:51:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/08/07 10:39:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/08/07 10:10:01 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/08/07 10:04:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-527237240-682003330-1003UA.job [2013/08/07 06:16:59 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\PC Checkup 3 Weekly Scan.job [2013/08/07 05:16:08 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/07 05:16:07 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/07 05:15:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/08/07 05:11:22 | 000,012,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2013/08/07 05:06:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/08/07 03:30:04 | 000,003,723 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml [2013/08/07 03:29:44 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013/08/07 03:04:53 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Pro.job [2013/08/06 20:40:03 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/08/06 19:04:01 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-527237240-682003330-1003Core.job [2013/08/06 17:56:45 | 000,001,562 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Sync Folder.lnk [2013/08/06 17:55:07 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\MyPC Backup.lnk [2013/08/06 17:55:07 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/08/06 17:42:55 | 000,002,211 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DriverHub.lnk [2013/08/06 17:04:25 | 000,000,415 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to THE TAMMY PROJECT-MAIN FOLDER.lnk [2013/08/06 16:31:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013/08/06 14:00:16 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013/08/05 22:04:45 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\SuperUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/08/05 22:04:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/08/04 18:58:06 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\MBR.dat [2013/08/04 16:47:45 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to aswMBR(1).exe.lnk [2013/08/04 16:24:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013/08/04 08:21:50 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013/08/04 08:21:50 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013/08/04 08:21:50 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013/08/04 08:04:12 | 000,001,031 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avast_free_antivirus_setup.exe.lnk [2013/08/04 07:53:06 | 000,001,061 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avg_remover_stf_x86_2011_1184(1).exe.lnk [2013/08/03 18:53:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/08/03 14:29:50 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk [2013/08/03 13:53:14 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to procexp.exe.lnk [2013/08/03 13:43:50 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to VEW.exe.lnk [2013/08/03 11:14:05 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to tdsskiller.exe.lnk [2013/08/03 09:32:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013/08/03 09:25:25 | 000,000,325 | RHS- | M] () -- C:\boot.ini [2013/08/03 09:11:13 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2013/08/02 06:16:40 | 000,000,948 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup 3.0.lnk [2013/08/02 05:06:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/08/02 05:06:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/08/01 06:18:40 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/08/01 06:02:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/07/31 19:21:25 | 000,476,562 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/07/31 19:21:25 | 000,077,088 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/07/29 18:58:21 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2013/07/29 18:51:48 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/07/29 18:49:32 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/07/29 18:49:31 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/07/29 18:49:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/07/27 17:05:21 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\HP Printer Diagnostic Tools.url [2013/07/27 17:04:50 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photo Creations.lnk [2013/07/27 17:03:53 | 000,001,981 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Officejet 4620 series.lnk [2013/07/26 03:53:52 | 000,000,081 | ---- | M] () -- C:\Documents and Settings\SuperUser\Application Data\mbam.context.scan [2013/07/24 16:25:48 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER [2013/07/16 03:23:51 | 000,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/08/06 17:56:45 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Sync Folder.lnk [2013/08/06 17:55:07 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\MyPC Backup.lnk [2013/08/06 17:55:07 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/08/06 17:04:25 | 000,000,415 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to THE TAMMY PROJECT-MAIN FOLDER.lnk [2013/08/06 14:59:09 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/05 22:04:45 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\SuperUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/08/05 22:04:45 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/08/04 16:47:45 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to aswMBR(1).exe.lnk [2013/08/04 13:31:27 | 000,012,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2013/08/04 13:30:58 | 000,002,211 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DriverHub.lnk [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013/08/04 08:21:39 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/08/04 08:21:39 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013/08/04 08:21:37 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/08/04 08:04:12 | 000,001,031 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avast_free_antivirus_setup.exe.lnk [2013/08/04 07:53:06 | 000,001,061 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avg_remover_stf_x86_2011_1184(1).exe.lnk [2013/08/03 14:29:50 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk [2013/08/03 13:53:14 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to procexp.exe.lnk [2013/08/03 13:43:50 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to VEW.exe.lnk [2013/08/03 11:14:05 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to tdsskiller.exe.lnk [2013/08/03 10:58:36 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\MBR.dat [2013/08/03 09:25:25 | 000,000,209 | ---- | C] () -- C:\Boot.bak [2013/08/03 09:25:20 | 000,260,272 | RHS- | C] () -- C:\cmldr [2013/08/03 09:22:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013/08/03 09:22:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013/08/03 09:22:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013/08/03 09:22:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013/08/03 09:22:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013/08/02 06:16:40 | 000,000,948 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup 3.0.lnk [2013/08/02 06:16:37 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\PC Checkup 3 Weekly Scan.job [2013/08/01 06:16:42 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb [2013/07/31 18:19:03 | 000,277,258 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-527237240-682003330-1003-0.dat [2013/07/31 18:19:02 | 000,277,258 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2013/07/29 19:04:26 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/07/29 18:58:21 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2013/07/29 18:37:11 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2013/07/27 17:05:21 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\HP Printer Diagnostic Tools.url [2013/07/27 17:04:50 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photo Creations.lnk [2013/07/26 03:53:52 | 000,000,081 | ---- | C] () -- C:\Documents and Settings\SuperUser\Application Data\mbam.context.scan [2013/07/25 04:11:35 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Pro.job [2013/07/22 04:02:57 | 000,003,723 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml [2013/04/11 16:17:21 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini [2013/03/24 16:26:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/11/29 15:00:02 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2012/11/04 16:48:17 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2012/11/04 16:47:55 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat [2012/11/04 16:44:29 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll [2012/10/11 18:14:31 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6d.DLL [2012/03/25 02:24:26 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\SuperUser\default.pls [2012/03/25 02:24:11 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012/02/26 16:06:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/26 14:58:38 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2012/02/26 14:58:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012/02/26 12:05:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/02/26 11:11:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012/02/26 03:59:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012/02/26 03:57:37 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== ZeroAccess Check ==========[/color] [2012/02/26 11:11:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >