OTL logfile created on: 8/8/2013 5:30:26 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\SuperUser\My Documents\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 68.03% Memory free 3.84 Gb Paging File | 3.31 Gb Available in Paging File | 86.07% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37.24 Gb Total Space | 13.61 Gb Free Space | 36.55% Space Free | Partition Type: NTFS Computer Name: SUPERUSE-8CC609 | User Name: SuperUser | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/08/07 12:59:28 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013/08/01 17:21:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SuperUser\My Documents\Downloads\OTL.com PRC - [2013/07/29 18:48:41 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2013/07/01 10:55:40 | 000,032,808 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe PRC - [2013/07/01 10:55:38 | 001,945,128 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe PRC - [2013/05/09 01:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005/04/12 01:10:22 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE PRC - [2005/04/06 18:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe PRC - [2005/04/06 18:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/08/08 11:52:34 | 002,091,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13080801\algo.dll MOD - [2013/07/16 03:47:19 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\616fa195ca93638850a119a54171dac1\System.Web.ni.dll MOD - [2013/07/16 03:47:06 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\d4faac4fd0c53f033e8ae74cc12bf9c1\System.Transactions.ni.dll MOD - [2013/07/16 03:47:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8f3e54440f3742da409131428ad1bce1\System.ServiceProcess.ni.dll MOD - [2013/07/16 03:46:52 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\b22afb5424455b579511b925aa1563c9\System.Management.ni.dll MOD - [2013/07/16 03:46:46 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8e2d5e0600e6b49123fe0960791d4668\System.EnterpriseServices.ni.dll MOD - [2013/07/16 03:45:04 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll MOD - [2013/07/16 03:42:12 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll MOD - [2013/07/16 03:42:01 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\efecb20c44117df86f2eb5f93592fdd8\System.Windows.Forms.ni.dll MOD - [2013/07/16 03:23:02 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\82a53e923936d5f62d9af4cdfe50a4f8\System.Drawing.ni.dll MOD - [2013/07/16 03:22:33 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\2ac6146a15ceb466f389e373699b3b90\System.Data.ni.dll MOD - [2013/07/16 03:20:33 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll MOD - [2013/07/16 03:20:14 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll MOD - [2013/07/16 03:19:08 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2013/07/16 03:19:06 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2013/07/16 03:19:05 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2013/07/16 03:18:54 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2013/07/16 03:18:51 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2013/07/16 03:18:51 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2013/07/16 03:18:49 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll MOD - [2013/07/16 03:18:48 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2013/07/16 03:18:46 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2013/07/16 03:18:35 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2013/07/16 03:18:30 | 005,246,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2013/07/01 10:48:20 | 003,889,152 | ---- | M] () -- C:\Program Files\MyPC Backup\MPCBIconOverlays.dll MOD - [2013/07/01 10:47:54 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll MOD - [2013/07/01 10:43:36 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll MOD - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2013/01/01 23:49:10 | 000,148,992 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2004/08/10 05:00:00 | 000,331,776 | ---- | M] () -- C:\WINDOWS\system32\encdec.dll MOD - [2004/08/10 05:00:00 | 000,268,288 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2004/08/10 05:00:00 | 000,154,112 | ---- | M] () -- C:\WINDOWS\system32\vbicodec.ax MOD - [2001/10/28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/08/07 12:59:28 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013/08/06 09:12:43 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/08/02 05:06:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/01 10:55:40 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack) SRV - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\SUPERU~1\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2013/08/07 15:11:15 | 000,012,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2013/08/04 08:21:50 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013/08/04 08:21:50 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013/08/04 08:21:50 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013/05/09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013/05/09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013/05/09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013/05/09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013/05/09 01:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/05/25 13:14:24 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE) DRV - [2011/06/02 10:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv) DRV - [2010/01/05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271) DRV - [2006/01/25 16:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/04/15 18:05:42 | 002,564,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2004/04/06 17:44:04 | 000,160,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880) DRV - [2004/04/06 17:44:02 | 000,030,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE) DRV - [2004/04/06 17:44:00 | 000,295,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cx88enc.sys -- (CX88ENC) DRV - [2004/04/06 17:43:58 | 000,009,344 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com IE - HKCU\..\URLSearchHook: {f4c28532-b9d0-4950-a2df-e83f9929242b} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{23CD4AE4-AA53-4234-A599-DCAFD1077EDD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9SE&pc=BIE9&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5m\bar\1.bin\NP5mStub.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/29 18:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/29 18:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/08/04 08:21:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/26 21:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SuperUser\Application Data\Mozilla\Extensions [2013/08/07 15:46:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/08/07 15:46:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/04/08 20:16:22 | 000,002,353 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - homepage: http://www.google.com/ CHR - Extension: No name found = C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: No name found = C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/08/03 09:32:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\SuperUser\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - Startup: C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1330296050937 (MUWebControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6A8200B-3E04-4D35-9BD1-659082C3C3C3}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\SuperUser\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/02/26 12:02:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/08/08 06:37:38 | 000,000,000 | ---D | C] -- C:\_OTL [2013/08/08 04:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup [2013/08/08 04:02:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013/08/07 18:20:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013/08/07 15:27:24 | 000,073,728 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE [2013/08/07 15:13:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/08/07 15:08:37 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2013/08/07 13:31:08 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll [2013/08/07 13:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013/08/07 13:28:41 | 000,000,000 | ---D | C] -- C:\Intel [2013/08/07 13:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\SystemRequirementsLab [2013/08/07 13:05:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Oracle [2013/08/07 13:01:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2013/08/07 13:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\Sun [2013/08/07 12:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2013/08/07 12:59:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013/08/07 12:59:52 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013/08/07 12:59:52 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013/08/07 12:59:52 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013/08/07 12:59:52 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013/08/07 12:59:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013/08/07 12:59:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013/08/07 12:59:46 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013/08/07 12:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013/08/07 12:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Sun [2013/08/07 12:39:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/08/07 12:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2013/08/07 04:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\My Documents\New Folder [2013/08/07 03:11:11 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2013/08/06 17:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Start Menu\Programs\MyPC Backup [2013/08/06 09:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/08/05 22:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/08/05 22:04:42 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013/08/05 22:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/08/04 14:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\CrystalIdea Software [2013/08/04 13:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\DriverHub [2013/08/04 13:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers [2013/08/04 08:21:43 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2013/08/04 08:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus [2013/08/04 08:21:42 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013/08/04 08:21:40 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2013/08/04 08:21:40 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2013/08/04 08:21:39 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013/08/04 08:21:37 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2013/08/04 08:21:37 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [2013/08/04 08:20:51 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013/08/04 08:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/08/04 08:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2013/08/04 07:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\AVG Secure Search [2013/08/03 14:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy [2013/08/03 14:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2013/08/03 13:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\CC Support [2013/08/03 09:25:20 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013/08/03 09:22:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2013/08/03 09:22:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2013/08/03 09:22:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2013/08/03 09:22:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2013/08/03 09:19:02 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/08/03 09:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2013/08/01 18:04:02 | 000,101,112 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2013/08/01 18:04:02 | 000,042,864 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/08/01 18:02:10 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE [2013/08/01 17:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Desktop\Old Firefox Data [2013/08/01 16:27:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2013/08/01 06:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2013/08/01 05:52:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT [2013/07/31 13:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2013/07/31 12:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013/07/30 11:40:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2013/07/29 20:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\JustCloud [2013/07/29 19:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\RealNetworks [2013/07/29 18:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks [2013/07/29 18:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks [2013/07/29 18:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2013/07/29 18:51:47 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/07/29 18:49:32 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/07/29 18:49:31 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/07/29 18:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks [2013/07/29 18:49:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/07/29 18:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2013/07/29 18:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Real [2013/07/29 17:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\Google [2013/07/29 17:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real [2013/07/29 17:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\Immunet [2013/07/29 17:28:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Administrative Tools [2013/07/29 16:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\SyncFolder [2013/07/27 17:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations [2013/07/27 17:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Visan [2013/07/27 17:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Photo Creations [2013/07/26 05:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013/07/26 05:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013/07/25 04:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic [2013/07/23 07:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013/07/22 18:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\AVG [2013/07/22 05:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\ParetoLogic [2013/07/22 05:18:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2013/07/22 04:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Application Data\TuneUp Software [2013/07/22 03:54:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files [2013/07/22 03:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SuperUser\Local Settings\Application Data\MFAData [2013/07/22 03:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData [2013/07/22 03:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Free Download Manager [2013/07/21 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ascentive [2013/07/21 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee [2013/07/21 21:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee [2013/07/21 19:25:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013/07/21 19:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer [2013/07/21 19:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013/07/21 19:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2013/07/16 03:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\HP [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/08/08 17:19:03 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/08 17:18:58 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/08 17:18:23 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/08/08 17:16:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/08/08 16:51:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/08/08 16:31:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013/08/08 16:04:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-527237240-682003330-1003UA.job [2013/08/08 14:00:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013/08/08 10:10:04 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013/08/08 04:36:15 | 000,001,562 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Sync Folder.lnk [2013/08/08 04:34:44 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/08/08 04:34:43 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\MyPC Backup.lnk [2013/08/07 20:40:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013/08/07 19:04:01 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-527237240-682003330-1003Core.job [2013/08/07 18:24:19 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk [2013/08/07 15:46:27 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\SuperUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/08/07 15:46:21 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2013/08/07 15:27:24 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER [2013/08/07 15:27:24 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE [2013/08/07 15:11:15 | 000,012,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2013/08/07 12:59:31 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013/08/07 12:59:26 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013/08/07 12:59:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013/08/07 12:59:25 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013/08/07 12:59:25 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013/08/07 12:59:24 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013/08/07 12:59:24 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013/08/07 10:39:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/08/07 03:04:53 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Pro.job [2013/08/06 17:04:25 | 000,000,415 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to THE TAMMY PROJECT-MAIN FOLDER.lnk [2013/08/05 22:04:45 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\SuperUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/08/05 22:04:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/08/04 18:58:06 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\MBR.dat [2013/08/04 16:47:45 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to aswMBR(1).exe.lnk [2013/08/04 16:24:10 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013/08/04 08:21:50 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2013/08/04 08:21:50 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2013/08/04 08:21:50 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013/08/04 08:04:12 | 000,001,031 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avast_free_antivirus_setup.exe.lnk [2013/08/04 07:53:06 | 000,001,061 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avg_remover_stf_x86_2011_1184(1).exe.lnk [2013/08/03 18:53:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013/08/03 14:29:50 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk [2013/08/03 13:53:14 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to procexp.exe.lnk [2013/08/03 13:43:50 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to VEW.exe.lnk [2013/08/03 11:14:05 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to tdsskiller.exe.lnk [2013/08/03 09:32:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013/08/03 09:25:25 | 000,000,325 | RHS- | M] () -- C:\boot.ini [2013/08/03 09:11:13 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2013/08/02 05:06:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/08/02 05:06:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/08/01 06:18:40 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/08/01 06:02:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/07/31 19:21:25 | 000,476,562 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/07/31 19:21:25 | 000,077,088 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/07/29 18:58:21 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2013/07/29 18:51:48 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2013/07/29 18:49:32 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2013/07/29 18:49:31 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2013/07/29 18:49:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013/07/27 17:05:21 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\SuperUser\Desktop\HP Printer Diagnostic Tools.url [2013/07/27 17:04:50 | 000,001,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photo Creations.lnk [2013/07/27 17:03:53 | 000,001,981 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Officejet 4620 series.lnk [2013/07/26 03:53:52 | 000,000,081 | ---- | M] () -- C:\Documents and Settings\SuperUser\Application Data\mbam.context.scan [2013/07/16 08:32:14 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll [2013/07/16 03:23:51 | 000,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/08/07 18:28:53 | 000,043,516 | ---- | C] () -- C:\Documents and Settings\SuperUser\My Documents\License.html adobe reader.html [2013/08/07 18:24:19 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk [2013/08/07 18:24:19 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk [2013/08/06 17:56:45 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Sync Folder.lnk [2013/08/06 17:55:07 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\MyPC Backup.lnk [2013/08/06 17:55:07 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\SuperUser\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/08/06 17:04:25 | 000,000,415 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to THE TAMMY PROJECT-MAIN FOLDER.lnk [2013/08/06 14:59:09 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/08/05 22:04:45 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\SuperUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk [2013/08/05 22:04:45 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/08/04 16:47:45 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to aswMBR(1).exe.lnk [2013/08/04 13:31:27 | 000,012,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013/08/04 08:21:50 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013/08/04 08:21:39 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013/08/04 08:21:39 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013/08/04 08:21:37 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013/08/04 08:04:12 | 000,001,031 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avast_free_antivirus_setup.exe.lnk [2013/08/04 07:53:06 | 000,001,061 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to avg_remover_stf_x86_2011_1184(1).exe.lnk [2013/08/03 14:29:50 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk [2013/08/03 13:53:14 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to procexp.exe.lnk [2013/08/03 13:43:50 | 000,000,910 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to VEW.exe.lnk [2013/08/03 11:14:05 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\Shortcut to tdsskiller.exe.lnk [2013/08/03 10:58:36 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\MBR.dat [2013/08/03 09:25:25 | 000,000,209 | ---- | C] () -- C:\Boot.bak [2013/08/03 09:25:20 | 000,260,272 | RHS- | C] () -- C:\cmldr [2013/08/03 09:22:43 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013/08/03 09:22:43 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013/08/03 09:22:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013/08/03 09:22:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013/08/03 09:22:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013/08/01 06:16:42 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb [2013/07/31 18:19:03 | 000,277,258 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-527237240-682003330-1003-0.dat [2013/07/31 18:19:02 | 000,277,258 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2013/07/29 19:04:26 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1085031214-527237240-682003330-1003.job [2013/07/29 18:58:21 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2013/07/29 18:37:11 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2013/07/27 17:05:21 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\SuperUser\Desktop\HP Printer Diagnostic Tools.url [2013/07/27 17:04:50 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photo Creations.lnk [2013/07/26 03:53:52 | 000,000,081 | ---- | C] () -- C:\Documents and Settings\SuperUser\Application Data\mbam.context.scan [2013/07/25 04:11:35 | 000,000,394 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Pro.job [2013/04/11 16:17:21 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini [2013/03/24 16:26:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/11/29 15:00:02 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2012/11/04 16:48:17 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2012/11/04 16:47:55 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat [2012/10/11 18:14:31 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6d.DLL [2012/03/25 02:24:26 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\SuperUser\default.pls [2012/03/25 02:24:11 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012/02/26 16:06:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/26 14:58:38 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2012/02/26 14:58:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012/02/26 12:05:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/02/26 11:11:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012/02/26 03:59:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012/02/26 03:57:37 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== ZeroAccess Check ==========[/color] [2012/02/26 11:11:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >