[Chicken mania]

Well, I'm troubleshooting a laptop which has a ton of problems and was advised to post here first. Anyways, I found out the pc didn't have any antivirus program installed, so I installed Avast. The pc also doesn't need a software firewall 'cos they also use 2wire modem, which has a hardware firewall and the pc had some net connectivity issues caused by enabling Windows firewall.

I found out the pc had some video file containing the DRP virus. 'Cos there was no antivirus software installed beforehand, so I decided to try and do a really thorough scan in case there're even more nasties lurking around.

I've already scanned this pc with:

Malware bytes(latest version)
Avast(newly installed: found only 1 virus, some DRP stuff on some video file, about financial info. The owner didn't even install an antivirus software. *sighs* )
Super Anti Spyware(found nothing but cookies, which I disregarded for now 'cos most of those cookies appear to be for news sites and business sites and so on)
Spyware Blaster(protected it against malicious cookies)
Trojan Hunter(Quick mode found nothing: running full scan mode now. Appears to have false positives so far 'cos my friends also downloaded the same .exe files and their nod32 software detected nothing wrong in them. )


I'll be initiating a Nod32 online scan and Iobit scan soon, too. What other programs can I run to scan this laptop? I know some of these programs seem superfluous but it seems each of them detects different things.

Quick explanation for some of the things found below in the log:

RPGmaker = game engine
RTP = resource packages and other add-ons for RPGmaker game engine
I doubt they've any problems available 'cos I think my aunt's son bought the commercial version.
Renpy = game engine

He also uses some Aiptek tablet and it's related to atwtusb.exe

Edited by Chicken mania, 29 May 2011 - 09:57 PM.

[Advertisements]

OTL logfile created on: 5/28/2011 9:32:17 AM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Florence\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

1.87 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 45.45% Memory free
3.74 Gb Paging File | 2.16 Gb Available in Paging File | 57.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.34 Gb Total Space | 85.45 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: FLORENCEPC | User Name: Florence | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/28 02:49:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Florence\Downloads\OTL.exe
PRC - [2011/05/23 23:00:06 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/04/28 15:35:35 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Florence\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/04/21 03:02:04 | 000,327,472 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011/03/27 19:12:18 | 000,052,736 | ---- | M] (NirSoft) -- C:\Program Files\NirSoft\BlueScreenView\BlueScreenView.exe
PRC - [2010/09/07 23:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/08/12 07:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/08/12 07:09:38 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe
PRC - [2009/08/11 10:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/07 08:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009/08/07 08:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009/08/07 06:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
PRC - [2009/08/07 04:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
PRC - [2009/08/06 05:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/06 05:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/06 05:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/04 09:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/04 09:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/07/29 11:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/29 06:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/29 05:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/07/22 12:40:40 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:24 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/07 09:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/11 09:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/02/21 00:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/02/05 11:51:12 | 000,388,768 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2009/01/13 11:10:32 | 003,161,760 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/13 12:16:02 | 000,079,136 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe


========== Modules (SafeList) ==========

MOD - [2011/05/28 02:49:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Florence\Downloads\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/07/29 05:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/08/18 01:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/12 07:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/08/11 10:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/07 08:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/08/06 05:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/04 09:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/07/30 20:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/07/29 06:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/11 09:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 00:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2009/02/05 11:51:12 | 000,388,768 | ---- | M] () [Auto | Running] -- C:\windows\System32\atwtusb.exe -- (WTService)
SRV - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/05/16 19:01:00 | 000,111,280 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010/09/07 22:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 22:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 22:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 22:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 22:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/11 02:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 02:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/20 16:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/13 23:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/07/31 08:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/25 06:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/15 06:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/14 13:13:10 | 000,015,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2009/07/14 07:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 06:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/07 23:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/06/23 08:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/20 10:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSAS&bmod=TSAS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSAS&bmod=TSAS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSAS&bmod=TSAS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.singnet.com.sg:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://shop.thefreev...n.com/home.php"
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..network.proxy.http: "proxy.singnet.com.sg"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/03 03:05:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/11 15:45:28 | 000,000,000 | ---D | M]

[2010/07/04 01:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florence\AppData\Roaming\Mozilla\Extensions
[2011/04/01 19:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions
[2010/12/03 23:28:47 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/21 20:24:08 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\[email protected]
[2011/05/28 04:52:27 | 000,000,000 | ---D | M] ("Foxit PDF Creator Toolbar") -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\[email protected]
[2011/05/28 04:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/21 20:59:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/19 04:28:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/22 19:18:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/03 03:05:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/05 01:40:58 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2011/03/23 02:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/01 16:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 16:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 16:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 16:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MacrokeyManager] C:\windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9b1d3bbb-bf08-11df-b075-00266c6b4cfd}\Shell - "" = AutoRun
O33 - MountPoints2\{9b1d3bbb-bf08-11df-b075-00266c6b4cfd}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/28 07:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearType Switch
[2011/05/28 07:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\ClearType Switch
[2011/05/28 06:50:57 | 000,000,000 | ---D | C] -- C:\windows\System32\x64
[2011/05/28 06:50:57 | 000,000,000 | ---D | C] -- C:\windows\System32\Lang
[2011/05/28 06:45:52 | 000,000,000 | ---D | C] -- C:\Intel
[2011/05/28 06:26:16 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\SystemRequirementsLab
[2011/05/28 06:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2011/05/28 06:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/05/28 03:49:42 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\SUPERAntiSpyware.com
[2011/05/28 03:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/05/28 03:49:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/05/28 03:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/28 03:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/05/27 23:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2011/05/27 23:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2011/05/27 21:55:10 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/05/27 21:15:21 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/05/27 02:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/27 02:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/23 21:47:09 | 000,000,000 | ---D | C] -- C:\perflogs
[2011/05/23 20:45:41 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2011/05/23 20:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2011/05/18 15:51:27 | 000,000,000 | ---D | C] -- C:\Users\Florence\VirtualBox VMs
[2011/05/18 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\Florence\.VirtualBox
[2011/05/09 23:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\ASCII
[2011/04/29 05:30:16 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustZIPit
[2011/04/29 05:30:12 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Free-backup.info
[2011/04/29 05:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hamster Soft
[2011/04/28 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\cYo
[2011/04/28 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Local\cYo
[2011/04/28 19:14:03 | 000,000,000 | ---D | C] -- C:\old
[2011/02/11 11:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll

========== Files - Modified Within 30 Days ==========

[2011/05/28 09:33:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/28 09:20:45 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/28 09:04:43 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005UA.job
[2011/05/28 08:20:30 | 000,016,080 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 08:20:30 | 000,016,080 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 08:13:12 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/28 08:12:42 | 1506,791,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/28 08:07:56 | 000,756,138 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/28 08:07:56 | 000,156,722 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/05/28 07:28:46 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\ClearType Switch.lnk
[2011/05/28 06:53:49 | 000,014,744 | ---- | M] () -- C:\windows\System32\results.xml
[2011/05/28 06:07:29 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/05/28 03:49:19 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/28 01:31:39 | 000,001,904 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/28 01:31:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2011/05/27 23:21:35 | 000,011,022 | ---- | M] () -- C:\Users\Florence\AppData\Local\Temp16.html
[2011/05/27 23:19:48 | 000,001,667 | ---- | M] () -- C:\Users\Florence\AppData\Local\Temp1.html
[2011/05/27 03:22:16 | 000,007,635 | ---- | M] () -- C:\Users\Florence\AppData\Local\Resmon.ResmonCfg
[2011/05/24 15:40:00 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005Core.job
[2011/05/23 21:32:39 | 222,838,264 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/05/13 18:50:34 | 000,002,420 | ---- | M] () -- C:\Users\Florence\Desktop\Google Chrome.lnk
[2011/05/09 23:54:57 | 000,442,128 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/05/09 23:29:28 | 000,084,360 | ---- | M] () -- C:\windows\gamedelete.exe
[2011/05/08 01:04:15 | 000,000,155 | ---- | M] () -- C:\Users\Florence\SecurityKISSTunnel.config
[2011/05/03 03:07:18 | 000,002,005 | ---- | M] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/29 05:30:16 | 000,001,187 | ---- | M] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\JustZIPit.lnk

========== Files Created - No Company Name ==========

[2011/05/28 07:28:46 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\ClearType Switch.lnk
[2011/05/28 06:07:29 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/05/28 03:49:19 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/27 23:21:35 | 000,011,022 | ---- | C] () -- C:\Users\Florence\AppData\Local\Temp16.html
[2011/05/27 23:19:48 | 000,001,667 | ---- | C] () -- C:\Users\Florence\AppData\Local\Temp1.html
[2011/05/20 17:54:07 | 000,778,752 | ---- | C] () -- C:\windows\System32\RGSS102E.dll
[2011/05/20 17:54:07 | 000,758,272 | ---- | C] () -- C:\windows\System32\RGSS104E.dll
[2011/05/20 17:54:06 | 000,781,312 | ---- | C] () -- C:\windows\System32\RGSS102J.dll
[2011/05/20 17:54:06 | 000,761,856 | ---- | C] () -- C:\windows\System32\RGSS104J.dll
[2011/05/20 17:54:06 | 000,685,056 | ---- | C] () -- C:\windows\System32\RGSS103J.dll
[2011/05/20 17:54:05 | 000,771,584 | ---- | C] () -- C:\windows\System32\RGSS100J.dll
[2011/05/18 17:48:42 | 000,087,040 | ---- | C] () -- C:\windows\UnGins.exe
[2011/05/18 17:46:46 | 000,473,600 | ---- | C] () -- C:\windows\System32\Harmony.dll
[2011/05/18 17:46:46 | 000,237,568 | ---- | C] () -- C:\windows\System32\Unlha32.dll
[2011/05/09 23:37:40 | 000,084,360 | ---- | C] () -- C:\windows\gamedelete.exe
[2011/04/29 05:30:16 | 000,001,187 | ---- | C] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\JustZIPit.lnk
[2011/04/28 15:35:37 | 000,000,920 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005UA.job
[2011/02/25 15:29:00 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll
[2011/02/25 15:29:00 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll
[2011/02/25 15:29:00 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll
[2011/02/25 15:12:49 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011/02/19 16:04:29 | 050,438,401 | ---- | C] () -- C:\Users\Florence\AppData\Roaming\.minecraft.7z
[2011/02/13 01:53:57 | 000,388,768 | ---- | C] () -- C:\windows\System32\atwtusb.exe
[2011/02/13 01:53:55 | 000,045,056 | ---- | C] () -- C:\windows\System32\InstallService.exe
[2011/02/13 01:53:51 | 003,161,760 | ---- | C] () -- C:\windows\System32\WTMKM.exe
[2011/02/13 01:53:51 | 000,180,224 | ---- | C] () -- C:\windows\System32\ATWTINK.DLL
[2011/02/13 01:53:51 | 000,102,048 | ---- | C] () -- C:\windows\RmTablet.exe
[2011/02/13 01:53:51 | 000,013,254 | ---- | C] () -- C:\windows\System32\Vista.ini
[2011/02/13 01:53:51 | 000,012,948 | ---- | C] () -- C:\windows\System32\XP_2000.ini
[2011/02/13 01:53:51 | 000,007,344 | ---- | C] () -- C:\windows\aiptbl.ini
[2011/02/13 01:53:51 | 000,000,593 | ---- | C] () -- C:\windows\System32\MKProfile.ini
[2011/02/11 12:10:52 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2011/02/11 12:10:50 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2011/02/11 12:10:50 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2011/02/11 11:38:44 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2011/01/02 05:15:11 | 000,007,635 | ---- | C] () -- C:\Users\Florence\AppData\Local\Resmon.ResmonCfg
[2010/11/22 03:24:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/13 15:27:51 | 000,007,168 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2010/09/13 03:20:34 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI
[2010/09/12 19:00:14 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/09/12 16:43:38 | 000,000,065 | ---- | C] () -- C:\windows\WININIT.INI
[2010/07/22 11:43:59 | 000,057,344 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2010/07/22 10:04:25 | 000,758,018 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2010/07/22 10:04:25 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2010/07/22 09:46:03 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll
[2010/07/20 17:35:45 | 000,000,412 | ---- | C] () -- C:\windows\MAXLINK.INI
[2010/04/17 09:38:31 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2010/04/17 09:27:41 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat
[2010/04/17 09:27:41 | 000,000,176 | ---- | C] () -- C:\windows\System32\drivers\RTHDAEQ0.dat
[2010/04/17 09:26:56 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/08/27 22:57:38 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 12:33:53 | 000,442,128 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,756,138 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,156,722 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat

========== LOP Check ==========

[2011/02/19 16:22:43 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\.minecraft
[2011/02/19 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\.minecraft server
[2011/05/28 06:41:42 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Audacity
[2010/07/22 10:26:39 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Aura4You
[2011/02/05 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Azureus
[2010/09/13 12:36:34 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\BITS
[2010/09/13 15:35:35 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Canneverbe Limited
[2010/08/04 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Canon
[2010/07/21 20:26:56 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\CCTV
[2011/04/28 19:18:22 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\cYo
[2011/02/25 15:02:46 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\DAEMON Tools Lite
[2010/09/13 03:20:26 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\FlashGet
[2010/09/13 03:20:24 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\FlashGetBHO
[2010/09/05 01:41:34 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Foxit
[2010/09/05 01:41:36 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Foxit Software
[2011/04/29 05:30:12 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Free-backup.info
[2010/07/22 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\GetRightToGo
[2011/02/25 15:18:55 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\gtk-2.0
[2011/02/20 01:07:12 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\JAM Software
[2011/05/25 02:52:54 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\RenPy
[2010/07/20 17:35:38 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\ScanSoft
[2011/05/28 06:26:16 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\SystemRequirementsLab
[2010/07/25 23:32:10 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Toshiba
[2010/07/22 10:50:52 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Ulead Systems
[2011/05/28 09:36:30 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\uTorrent
[2010/09/06 16:43:19 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\WildTangent
[2011/01/23 15:46:16 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:B8AF39A7DA4C2925

< End of report >

[Chicken mania]

OTL logfile created on: 5/28/2011 9:32:17 AM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Florence\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

1.87 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 45.45% Memory free
3.74 Gb Paging File | 2.16 Gb Available in Paging File | 57.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.34 Gb Total Space | 85.45 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: FLORENCEPC | User Name: Florence | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/28 02:49:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Florence\Downloads\OTL.exe
PRC - [2011/05/23 23:00:06 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/04/28 15:35:35 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Florence\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/04/21 03:02:04 | 000,327,472 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011/03/27 19:12:18 | 000,052,736 | ---- | M] (NirSoft) -- C:\Program Files\NirSoft\BlueScreenView\BlueScreenView.exe
PRC - [2010/09/07 23:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/08/12 07:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/08/12 07:09:38 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe
PRC - [2009/08/11 10:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/07 08:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009/08/07 08:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009/08/07 06:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
PRC - [2009/08/07 04:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
PRC - [2009/08/06 05:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/06 05:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/06 05:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/04 09:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/04 09:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/07/29 11:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/29 06:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/29 05:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/07/22 12:40:40 | 000,083,336 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:24 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 06:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/07 09:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/03/11 09:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/02/21 00:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/02/05 11:51:12 | 000,388,768 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2009/01/13 11:10:32 | 003,161,760 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007/11/13 12:16:02 | 000,079,136 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe


========== Modules (SafeList) ==========

MOD - [2011/05/28 02:49:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Florence\Downloads\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 23:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/07/29 05:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/08/18 01:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/12 07:09:54 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/08/11 10:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/07 08:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/08/06 05:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/04 09:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/07/30 20:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/07/29 06:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/11 09:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 00:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2009/02/05 11:51:12 | 000,388,768 | ---- | M] () [Auto | Running] -- C:\windows\System32\atwtusb.exe -- (WTService)
SRV - [2008/01/23 01:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2011/05/16 19:01:00 | 000,111,280 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010/09/07 22:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 22:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 22:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 22:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 22:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/11 02:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 02:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/20 16:26:50 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/13 23:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/07/31 08:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/25 06:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/15 06:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/14 13:13:10 | 000,015,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2009/07/14 07:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 06:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/07 23:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/06/23 08:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/06/20 10:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSAS&bmod=TSAS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSAS&bmod=TSAS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSAS&bmod=TSAS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.singnet.com.sg:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://shop.thefreev...n.com/home.php"
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..network.proxy.http: "proxy.singnet.com.sg"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/03 03:05:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/11 15:45:28 | 000,000,000 | ---D | M]

[2010/07/04 01:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florence\AppData\Roaming\Mozilla\Extensions
[2011/04/01 19:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions
[2010/12/03 23:28:47 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/21 20:24:08 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\[email protected]
[2011/05/28 04:52:27 | 000,000,000 | ---D | M] ("Foxit PDF Creator Toolbar") -- C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\cfkf11dt.default\extensions\[email protected]
[2011/05/28 04:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/21 20:59:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/19 04:28:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/22 19:18:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/03 03:05:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/05 01:40:58 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2011/03/23 02:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/01/01 16:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 16:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 16:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 16:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MacrokeyManager] C:\windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9b1d3bbb-bf08-11df-b075-00266c6b4cfd}\Shell - "" = AutoRun
O33 - MountPoints2\{9b1d3bbb-bf08-11df-b075-00266c6b4cfd}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/28 07:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearType Switch
[2011/05/28 07:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\ClearType Switch
[2011/05/28 06:50:57 | 000,000,000 | ---D | C] -- C:\windows\System32\x64
[2011/05/28 06:50:57 | 000,000,000 | ---D | C] -- C:\windows\System32\Lang
[2011/05/28 06:45:52 | 000,000,000 | ---D | C] -- C:\Intel
[2011/05/28 06:26:16 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\SystemRequirementsLab
[2011/05/28 06:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2011/05/28 06:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2011/05/28 03:49:42 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\SUPERAntiSpyware.com
[2011/05/28 03:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/05/28 03:49:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/05/28 03:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/28 03:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/05/27 23:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2011/05/27 23:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2011/05/27 21:55:10 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/05/27 21:15:21 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/05/27 02:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/27 02:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/23 21:47:09 | 000,000,000 | ---D | C] -- C:\perflogs
[2011/05/23 20:45:41 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2011/05/23 20:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2011/05/18 15:51:27 | 000,000,000 | ---D | C] -- C:\Users\Florence\VirtualBox VMs
[2011/05/18 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\Florence\.VirtualBox
[2011/05/09 23:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\ASCII
[2011/04/29 05:30:16 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustZIPit
[2011/04/29 05:30:12 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\Free-backup.info
[2011/04/29 05:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\Hamster Soft
[2011/04/28 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Roaming\cYo
[2011/04/28 19:18:22 | 000,000,000 | ---D | C] -- C:\Users\Florence\AppData\Local\cYo
[2011/04/28 19:14:03 | 000,000,000 | ---D | C] -- C:\old
[2011/02/11 11:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll

========== Files - Modified Within 30 Days ==========

[2011/05/28 09:33:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/28 09:20:45 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/28 09:04:43 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005UA.job
[2011/05/28 08:20:30 | 000,016,080 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 08:20:30 | 000,016,080 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 08:13:12 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/28 08:12:42 | 1506,791,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/28 08:07:56 | 000,756,138 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/28 08:07:56 | 000,156,722 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/05/28 07:28:46 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\ClearType Switch.lnk
[2011/05/28 06:53:49 | 000,014,744 | ---- | M] () -- C:\windows\System32\results.xml
[2011/05/28 06:07:29 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/05/28 03:49:19 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/28 01:31:39 | 000,001,904 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/28 01:31:37 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2011/05/27 23:21:35 | 000,011,022 | ---- | M] () -- C:\Users\Florence\AppData\Local\Temp16.html
[2011/05/27 23:19:48 | 000,001,667 | ---- | M] () -- C:\Users\Florence\AppData\Local\Temp1.html
[2011/05/27 03:22:16 | 000,007,635 | ---- | M] () -- C:\Users\Florence\AppData\Local\Resmon.ResmonCfg
[2011/05/24 15:40:00 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005Core.job
[2011/05/23 21:32:39 | 222,838,264 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/05/13 18:50:34 | 000,002,420 | ---- | M] () -- C:\Users\Florence\Desktop\Google Chrome.lnk
[2011/05/09 23:54:57 | 000,442,128 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/05/09 23:29:28 | 000,084,360 | ---- | M] () -- C:\windows\gamedelete.exe
[2011/05/08 01:04:15 | 000,000,155 | ---- | M] () -- C:\Users\Florence\SecurityKISSTunnel.config
[2011/05/03 03:07:18 | 000,002,005 | ---- | M] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/29 05:30:16 | 000,001,187 | ---- | M] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\JustZIPit.lnk

========== Files Created - No Company Name ==========

[2011/05/28 07:28:46 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\ClearType Switch.lnk
[2011/05/28 06:07:29 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2011/05/28 03:49:19 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/27 23:21:35 | 000,011,022 | ---- | C] () -- C:\Users\Florence\AppData\Local\Temp16.html
[2011/05/27 23:19:48 | 000,001,667 | ---- | C] () -- C:\Users\Florence\AppData\Local\Temp1.html
[2011/05/20 17:54:07 | 000,778,752 | ---- | C] () -- C:\windows\System32\RGSS102E.dll
[2011/05/20 17:54:07 | 000,758,272 | ---- | C] () -- C:\windows\System32\RGSS104E.dll
[2011/05/20 17:54:06 | 000,781,312 | ---- | C] () -- C:\windows\System32\RGSS102J.dll
[2011/05/20 17:54:06 | 000,761,856 | ---- | C] () -- C:\windows\System32\RGSS104J.dll
[2011/05/20 17:54:06 | 000,685,056 | ---- | C] () -- C:\windows\System32\RGSS103J.dll
[2011/05/20 17:54:05 | 000,771,584 | ---- | C] () -- C:\windows\System32\RGSS100J.dll
[2011/05/18 17:48:42 | 000,087,040 | ---- | C] () -- C:\windows\UnGins.exe
[2011/05/18 17:46:46 | 000,473,600 | ---- | C] () -- C:\windows\System32\Harmony.dll
[2011/05/18 17:46:46 | 000,237,568 | ---- | C] () -- C:\windows\System32\Unlha32.dll
[2011/05/09 23:37:40 | 000,084,360 | ---- | C] () -- C:\windows\gamedelete.exe
[2011/04/29 05:30:16 | 000,001,187 | ---- | C] () -- C:\Users\Florence\Application Data\Microsoft\Internet Explorer\Quick Launch\JustZIPit.lnk
[2011/04/28 15:35:37 | 000,000,920 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4038907-3774545379-3254938991-1005UA.job
[2011/02/25 15:29:00 | 000,021,840 | ---- | C] () -- C:\windows\System32\SIntfNT.dll
[2011/02/25 15:29:00 | 000,017,212 | ---- | C] () -- C:\windows\System32\SIntf32.dll
[2011/02/25 15:29:00 | 000,012,067 | ---- | C] () -- C:\windows\System32\SIntf16.dll
[2011/02/25 15:12:49 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011/02/19 16:04:29 | 050,438,401 | ---- | C] () -- C:\Users\Florence\AppData\Roaming\.minecraft.7z
[2011/02/13 01:53:57 | 000,388,768 | ---- | C] () -- C:\windows\System32\atwtusb.exe
[2011/02/13 01:53:55 | 000,045,056 | ---- | C] () -- C:\windows\System32\InstallService.exe
[2011/02/13 01:53:51 | 003,161,760 | ---- | C] () -- C:\windows\System32\WTMKM.exe
[2011/02/13 01:53:51 | 000,180,224 | ---- | C] () -- C:\windows\System32\ATWTINK.DLL
[2011/02/13 01:53:51 | 000,102,048 | ---- | C] () -- C:\windows\RmTablet.exe
[2011/02/13 01:53:51 | 000,013,254 | ---- | C] () -- C:\windows\System32\Vista.ini
[2011/02/13 01:53:51 | 000,012,948 | ---- | C] () -- C:\windows\System32\XP_2000.ini
[2011/02/13 01:53:51 | 000,007,344 | ---- | C] () -- C:\windows\aiptbl.ini
[2011/02/13 01:53:51 | 000,000,593 | ---- | C] () -- C:\windows\System32\MKProfile.ini
[2011/02/11 12:10:52 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2011/02/11 12:10:50 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2011/02/11 12:10:50 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2011/02/11 11:38:44 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2011/01/02 05:15:11 | 000,007,635 | ---- | C] () -- C:\Users\Florence\AppData\Local\Resmon.ResmonCfg
[2010/11/22 03:24:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/13 15:27:51 | 000,007,168 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2010/09/13 03:20:34 | 000,000,025 | ---- | C] () -- C:\windows\libem.INI
[2010/09/12 19:00:14 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/09/12 16:43:38 | 000,000,065 | ---- | C] () -- C:\windows\WININIT.INI
[2010/07/22 11:43:59 | 000,057,344 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2010/07/22 10:04:25 | 000,758,018 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2010/07/22 10:04:25 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2010/07/22 09:46:03 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll
[2010/07/20 17:35:45 | 000,000,412 | ---- | C] () -- C:\windows\MAXLINK.INI
[2010/04/17 09:38:31 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2010/04/17 09:27:41 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat
[2010/04/17 09:27:41 | 000,000,176 | ---- | C] () -- C:\windows\System32\drivers\RTHDAEQ0.dat
[2010/04/17 09:26:56 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/08/27 22:57:38 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 12:33:53 | 000,442,128 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,756,138 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,156,722 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat

========== LOP Check ==========

[2011/02/19 16:22:43 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\.minecraft
[2011/02/19 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\.minecraft server
[2011/05/28 06:41:42 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Audacity
[2010/07/22 10:26:39 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Aura4You
[2011/02/05 16:09:32 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Azureus
[2010/09/13 12:36:34 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\BITS
[2010/09/13 15:35:35 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Canneverbe Limited
[2010/08/04 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Canon
[2010/07/21 20:26:56 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\CCTV
[2011/04/28 19:18:22 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\cYo
[2011/02/25 15:02:46 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\DAEMON Tools Lite
[2010/09/13 03:20:26 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\FlashGet
[2010/09/13 03:20:24 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\FlashGetBHO
[2010/09/05 01:41:34 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Foxit
[2010/09/05 01:41:36 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Foxit Software
[2011/04/29 05:30:12 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Free-backup.info
[2010/07/22 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\GetRightToGo
[2011/02/25 15:18:55 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\gtk-2.0
[2011/02/20 01:07:12 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\JAM Software
[2011/05/25 02:52:54 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\RenPy
[2010/07/20 17:35:38 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\ScanSoft
[2011/05/28 06:26:16 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\SystemRequirementsLab
[2010/07/25 23:32:10 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Toshiba
[2010/07/22 10:50:52 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\Ulead Systems
[2011/05/28 09:36:30 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\uTorrent
[2010/09/06 16:43:19 | 000,000,000 | ---D | M] -- C:\Users\Florence\AppData\Roaming\WildTangent
[2011/01/23 15:46:16 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:B8AF39A7DA4C2925

< End of report >

[Chicken mania]

Curses! The nod32 scan couldn't finish running 'cos the pc had some blue screen error during that(dump file not recorded 'cos I was tinkling around with system settings and was about to reset them when it crashed). Then I got busy.

So today, I ran Kapersky Virus Removal tool instead. I might run the nod32 tool again after Kapersky finishes running.

If both Kapersky and nod32 detect nothing, then is it safe to say the system is quite free from malware and virii for now? I'm too outdated on all these issues!

Edited by Chicken mania, 29 May 2011 - 09:50 PM.