Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer starting up strange, virus suspected

Started by idacalumpang , Nov 14 2010 05:17 PM

  • Please log in to reply

#1
idacalumpang
Posted 14 November 2010 - 05:17 PM

idacalumpang

    Member

  • Member
  • PipPip
  • 34 posts
Hello,
i hope someone can help. my computer is acting a little strange lately.

first of all, every time i start up, i hear the error sound and then a message saying that it cannot find drive c:/Programs. then when i click ok, it starts up normally but then the Toshiba folder opens up automatically. it seems harmless enough but its really annoying.

second, when i try to open the 'ipconfig' in run, the command prompt just shuts down and i can't access it.

third, sometimes Norton antivirus starts installing itself automatically without asking permission first. I'm currently using avast and don't have norton previously installed.

everything else seems to be working normal. but im quite certain theres a virus lurking around.


heres the OTL scan:

OTL logfile created on: 11/18/2010 9:37:35 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ida\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 168.00 Mb Available Physical Memory | 17.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.55 Gb Total Space | 20.67 Gb Free Space | 14.60% Space Free | Partition Type: NTFS

Computer Name: ISLA | User Name: Ida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/15 06:38:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ida\Desktop\OTL.exe
PRC - [2010/11/02 05:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Ida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/09/21 11:33:36 | 000,083,440 | ---- | M] (Google) -- C:\Documents and Settings\Ida\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2010/09/07 23:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/01 14:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/10/11 01:16:06 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe
PRC - [2009/05/29 21:35:54 | 000,646,144 | ---- | M] (Util's Haven.) -- C:\Program Files\Note Mania\notemania.exe
PRC - [2009/04/07 03:43:46 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/04/03 09:32:50 | 000,073,728 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
PRC - [2009/04/02 09:48:08 | 000,210,232 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2009/03/18 21:49:28 | 000,827,392 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PRC - [2009/03/18 02:36:00 | 000,283,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2009/03/06 18:26:38 | 000,479,320 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2009/03/06 18:26:06 | 000,495,700 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2009/01/31 22:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\hidfind.exe
PRC - [2009/01/14 02:01:14 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009/01/08 02:23:32 | 000,357,704 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009/01/07 10:11:08 | 002,360,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/10/11 14:17:50 | 000,132,456 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008/08/23 01:26:38 | 000,523,320 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe
PRC - [2008/07/25 02:24:24 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008/07/02 06:03:06 | 000,038,200 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2008/05/22 05:07:00 | 000,111,984 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2008/04/14 20:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/28 11:43:40 | 002,097,488 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007/04/14 09:16:16 | 000,311,296 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
PRC - [2007/04/10 09:07:02 | 000,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2007/01/26 09:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2007/01/26 09:45:42 | 000,468,600 | ---- | M] (TOSHIBA Corporation) -- C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe
PRC - [2005/06/07 01:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
PRC - [2005/01/18 07:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (SafeList) ==========

MOD - [2010/11/15 06:38:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ida\Desktop\OTL.exe
MOD - [2010/08/24 00:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/03/14 06:05:14 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/10/11 01:16:06 | 000,081,920 | R--- | M] () [Auto | Running] -- C:\WINDOWS\system32\SupportAppXL\cdrom_mon.exe -- (Autorun CDROM Monitor)
SRV - [2009/03/06 18:26:06 | 000,495,700 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2008/10/11 14:17:50 | 000,132,456 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/08/23 01:26:38 | 000,523,320 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2008/05/22 05:07:00 | 000,111,984 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/01/26 09:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2005/11/14 16:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/01/18 07:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/07 22:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 22:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 22:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 22:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 22:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 22:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/07/28 15:20:17 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/12/29 20:10:00 | 000,177,152 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/10/22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\37563062.sys -- (37563062)
DRV - [2009/10/10 16:50:46 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/10/10 16:50:16 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/10/10 16:49:20 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\37563061.sys -- (37563061)
DRV - [2009/08/24 20:12:50 | 000,213,040 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/03/27 01:37:44 | 000,048,176 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cec_uvc.sys -- (cecnuvc)
DRV - [2009/03/27 01:09:20 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2009/03/13 08:25:12 | 005,051,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/03/13 06:55:32 | 000,164,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/03/13 06:09:54 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/02/14 09:00:02 | 001,503,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/02/12 08:11:50 | 000,329,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/01/31 08:13:20 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2009/01/16 05:01:56 | 000,042,880 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2008/10/07 08:56:38 | 000,137,984 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/08/28 09:01:56 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/08/23 04:50:34 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2008/08/22 01:35:24 | 000,028,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV - [2008/08/06 11:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/25 05:40:58 | 000,017,192 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2008/04/14 20:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/26 04:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/04 16:40:04 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (qcusbser)
DRV - [2008/02/16 04:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/11/30 00:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/09/05 01:14:06 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV - [2007/03/27 03:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/02/23 06:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/02/20 03:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2006/10/24 07:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/01/05 06:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/01/07 20:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/01/30 05:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2001/12/19 11:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\VCdRom.sys -- (vcdrom)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSHB&bmod=TSHB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSHB&bmod=TSHB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gmail.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2009/09/28 10:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Mozilla\Extensions
[2009/09/28 10:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010/09/22 10:50:29 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TAccessibility] C:\Program Files\TOSHIBA\Accessibility\TAccessibility.exe ()
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [1544741396] C:\Program Files\Toshiba Registration\Registration.exe (DataLode, Inc.)
O4 - HKCU..\Run: [INFOSTORE SEAGENT] C:\Program Files\Selensis\InfoStore 3.0\English\Seagent.exe (Selensis Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [NSSInstallation] C:\Program Files\DivX\Symantec\scstubinstaller.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\Ida\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Ida\Start Menu\Programs\Startup\Start Note Mania.lnk = C:\Program Files\Note Mania\notemania.exe (Util's Haven.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ida\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ida\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/07 02:11:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0e67deb5-9aa4-11df-9d1b-00235afb2473}\Shell\AutoRun\command - "" = D:\WDSetup.exe -- File not found
O33 - MountPoints2\{4b73bf55-c9be-11df-a569-00235afb2473}\Shell - "" = AutoRun
O33 - MountPoints2\{4b73bf55-c9be-11df-a569-00235afb2473}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4b73bf55-c9be-11df-a569-00235afb2473}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- File not found
O33 - MountPoints2\{820c38f1-8f20-11df-a51b-002258fc9247}\Shell\AutoRun\command - "" = D:\.\ShowModem.exe -- File not found
O33 - MountPoints2\{85514b78-a99c-11df-bca0-00235afb2473}\Shell - "" = AutoRun
O33 - MountPoints2\{85514b78-a99c-11df-bca0-00235afb2473}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/15 06:38:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ida\Desktop\OTL.exe
[2010/11/12 13:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Desktop\sync rizal 08.10
[2010/11/11 17:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Desktop\From Joy New
[2010/11/11 16:20:31 | 000,000,000 | ---D | C] -- C:\InfoStore Libraries
[2010/11/11 16:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Selensis
[2010/11/11 15:39:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Selensis
[2010/11/11 15:37:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Local Settings\Application Data\Selensis
[2010/11/09 08:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/09 08:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/11/08 13:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Desktop\Iligan Footage
[2010/11/06 00:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Desktop\Legaspi, Albay 10.10
[2010/11/05 09:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\My Documents\CV
[2010/11/04 10:03:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ida\My Documents\My Dropbox
[2010/11/04 10:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ida\Application Data\Dropbox

========== Files - Modified Within 30 Days ==========

[2010/11/18 09:25:01 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-93911533-2325277191-3695095351-1005UA.job
[2010/11/18 09:16:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/18 09:15:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/18 09:15:11 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/17 11:55:12 | 000,179,200 | ---- | M] () -- C:\Documents and Settings\Ida\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/15 06:38:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ida\Desktop\OTL.exe
[2010/11/14 20:25:01 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-93911533-2325277191-3695095351-1005Core.job
[2010/11/12 17:47:34 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Ida\Desktop\Legaspi Shoot.xls
[2010/11/12 09:03:41 | 001,704,790 | ---- | M] () -- C:\Documents and Settings\Ida\Desktop\anna mom.jpg
[2010/11/12 09:03:35 | 000,061,130 | ---- | M] () -- C:\Documents and Settings\Ida\Desktop\anna dad.jpg
[2010/11/10 15:15:37 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Ida\Desktop\Iligan Shotlist.xls
[2010/11/10 08:23:40 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\Wealth Course Day1.doc
[2010/11/10 08:11:22 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\Business Investor Triangle.doc
[2010/11/09 07:49:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/09 02:04:11 | 017,609,862 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\calling cards sheet portrait.psd
[2010/11/09 01:32:08 | 001,738,862 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\calling card- new portrait.psd
[2010/11/07 20:23:29 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Ida\Desktop\Sky Dive script outline.doc
[2010/11/05 21:46:53 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/04 09:29:31 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2010/11/01 17:09:18 | 000,058,880 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\Finances 2010.xls
[2010/11/01 17:00:05 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\Metrobank Statement.xls
[2010/10/26 22:50:48 | 002,259,560 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\nyx card portrait.psd
[2010/10/25 15:25:02 | 002,213,306 | ---- | M] () -- C:\Documents and Settings\Ida\My Documents\nyx card landscape.psd

========== Files Created - No Company Name ==========

[2010/11/12 17:47:35 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Ida\Desktop\Legaspi Shoot.xls
[2010/11/12 09:03:45 | 001,704,790 | ---- | C] () -- C:\Documents and Settings\Ida\Desktop\anna mom.jpg
[2010/11/12 09:03:38 | 000,061,130 | ---- | C] () -- C:\Documents and Settings\Ida\Desktop\anna dad.jpg
[2010/11/10 08:12:34 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\Wealth Course Day1.doc
[2010/11/10 08:04:28 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\Business Investor Triangle.doc
[2010/11/09 01:28:40 | 001,738,862 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\calling card- new portrait.psd
[2010/11/09 01:27:49 | 017,609,862 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\calling cards sheet portrait.psd
[2010/11/07 07:20:42 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Ida\Desktop\Sky Dive script outline.doc
[2010/10/25 15:24:57 | 002,213,306 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\nyx card landscape.psd
[2010/10/25 11:39:27 | 002,259,560 | ---- | C] () -- C:\Documents and Settings\Ida\My Documents\nyx card portrait.psd
[2010/09/17 17:50:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ida\Application Data\bibstats
[2010/07/28 16:22:39 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Ida\Local Settings\Application Data\fusioncache.dat
[2010/07/28 15:20:17 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/01/17 23:09:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2009/09/26 23:36:40 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/09/19 16:44:58 | 000,179,200 | ---- | C] () -- C:\Documents and Settings\Ida\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/19 15:08:51 | 000,000,013 | RHS- | C] () -- C:\WINDOWS\System32\drivers\fbd.sys
[2009/09/19 15:08:44 | 000,000,004 | RHS- | C] () -- C:\WINDOWS\System32\drivers\taishop.sys
[2009/07/14 20:01:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/07/14 19:54:07 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2009/04/07 07:24:07 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/04/07 03:54:02 | 000,000,348 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009/04/07 03:33:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2009/04/07 03:23:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2009/04/07 03:03:17 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/04/07 02:09:03 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/04/06 19:06:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/03 02:54:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2009/04/03 01:35:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2009/04/01 02:13:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2009/03/14 06:05:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll

========== LOP Check ==========

[2010/09/24 12:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/12/20 16:46:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/28 15:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/11/11 16:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Selensis
[2010/07/28 16:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/01/03 10:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/19 19:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA
[2009/04/07 03:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista32
[2009/04/07 03:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vista64
[2009/04/07 03:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XP
[2010/04/08 11:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/04 22:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/05 16:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\AnvSoft
[2010/11/11 10:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Any Video Converter
[2010/01/02 17:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Canon
[2009/12/30 14:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\com.adobe.example.avatarAirApplication.199ED43C2CFEB351CD0244628B93195D7C58F98C.1
[2010/04/21 13:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/28 15:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\DAEMON Tools Pro
[2010/11/11 05:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Dropbox
[2010/06/08 16:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Facebook
[2010/09/17 22:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\FileZilla
[2010/04/21 14:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\gtk-2.0
[2009/12/05 09:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\NetMedia Providers
[2010/11/16 10:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\noteMaNIA
[2009/09/21 01:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\OpenOffice.org
[2010/10/03 12:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Opera
[2009/12/05 09:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Publish Providers
[2009/09/28 10:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Songbird2
[2010/07/28 16:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\Sony
[2010/03/29 00:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\tidysongs15.27F6A35B76E5883BF9E6FEE514586561E60595CA.1
[2009/04/07 03:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\toshiba
[2009/04/07 02:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\WinBatch
[2010/03/24 14:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ida\Application Data\YouSendIt

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB1B13D8

< End of report >

Edited by idacalumpang, 17 November 2010 - 07:48 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP