Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot remove Searchqu toolbar.. System Restore won't run


  • Please log in to reply

#1
sauhund

sauhund

    New Member

  • Member
  • Pip
  • 1 posts
My normal toolbar has been replaced with an unwanted toolbar called searchqu. Every time I opened the browser or use the searchbar, I would get an alert from Malwarebytes stating it has successfully blocked access to a potentially malicious website 202.232.22.60. I tried to use system restore to return settings to several different points before I had this problem, but the utility always stalls , reboots , then says restore was unsuccessful. I am afraid that this is an infection that will worsen over time. I also tried to several different virus, malware and spyware scans. MBAM,Avast,PCHealth,Combofix, Eusing Registry Fix and more... I even ran them in safe mode. I ran Hijackthis, but don't know what to do with it. OTL showed me some Folders that had searchqu in their names, so I deleted those. I no longer get the alert from MBAM. But now when I try to open Firefox, I get a message that Firefox is already running. I uninstalled and reinstalled Firefox, but I still cant use that browser. I am able to use Google Chrome and IE, but IE still tells me that Searchqu is my default I thought I would ask you for help before I mess up something trying to fix it on my own. I hope I'm not too late. Can you please help me regain the use of System Restore and clean up whatever's bugging my computer? I'd like to get Firefox working again, too. Thanks.
Here is the latest OTL Log:

OTL logfile created on: 6/11/2011 7:56:36 PM - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Rick Ross\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.56% Memory free
3.35 Gb Paging File | 2.65 Gb Available in Paging File | 79.20% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 183.91 Gb Total Space | 44.96 Gb Free Space | 24.45% Space Free | Partition Type: NTFS
Drive M: | 74.51 Gb Total Space | 25.98 Gb Free Space | 34.87% Space Free | Partition Type: FAT32

Computer Name: STUDIO1 | User Name: Rick Ross | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/10 09:26:00 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/06/01 23:29:29 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Ross\My Documents\Downloads\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 05:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/14 12:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2010/01/07 14:08:22 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe
PRC - [2010/01/07 14:08:16 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe
PRC - [2008/10/21 11:40:32 | 000,140,584 | ---- | M] (AOL LLC) -- c:\Program Files\AOL Toolbar\aoltbServer.exe
PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2005/02/14 12:05:21 | 000,086,016 | ---- | M] (M-Audio) -- C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe
PRC - [2005/01/14 16:18:48 | 001,839,104 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
PRC - [2005/01/14 15:26:56 | 000,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
PRC - [2005/01/14 15:21:32 | 000,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
PRC - [2005/01/06 15:52:58 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2005/01/06 15:52:56 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/01/06 15:52:56 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/01/06 15:52:54 | 000,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2004/10/15 13:54:14 | 000,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
PRC - [2004/10/15 13:54:12 | 000,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
PRC - [2004/07/28 17:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/04/15 15:45:22 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
PRC - [2004/03/23 12:15:40 | 000,073,852 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
PRC - [2003/08/27 11:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2003/08/22 09:22:28 | 000,045,056 | ---- | M] (Chicony) -- C:\Program Files\Sony\sHotKey\SHOTKEY.exe
PRC - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
PRC - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
PRC - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe


========== Modules (SafeList) ==========

MOD - [2011/06/01 23:29:29 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Ross\My Documents\Downloads\OTL.exe
MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/07/26 08:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Bonjour Service)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/07 14:08:22 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxeacoms.exe -- (lxea_device)
SRV - [2010/01/07 14:08:16 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV - [2009/09/03 11:53:00 | 000,048,368 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2008/07/26 08:27:42 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005/02/14 12:05:21 | 000,086,016 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe -- (QuattroInstallerService)
SRV - [2005/01/14 16:18:48 | 001,839,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2005/01/14 15:26:56 | 000,745,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2005/01/14 15:21:32 | 000,057,344 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2005/01/14 15:20:14 | 000,188,416 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2005/01/06 15:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/01/06 15:52:56 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/01/06 15:52:56 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/01/06 15:52:54 | 000,278,528 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2004/10/15 13:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Auto | Running] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
SRV - [2004/06/29 09:29:30 | 000,184,373 | ---- | M] () [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe -- (AOLService)
SRV - [2004/04/15 15:45:22 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe -- (SonicStageMonitoring)
SRV - [2004/03/23 12:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)
SRV - [2003/08/27 11:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/08/13 12:23:00 | 000,106,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe -- (Sony TVTA Manager)
SRV - [2003/08/13 12:10:04 | 000,118,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe -- (Sony TV Tuner Controller)
SRV - [2003/08/13 12:07:22 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe -- (Sony TV Tuner Manager)
SRV - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 05:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 04:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/07/26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/04/13 11:45:36 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2007/03/22 13:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 13:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2005/06/13 11:50:38 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005/05/19 15:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2005/05/04 10:13:39 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)
DRV - [2005/02/14 12:05:21 | 000,041,856 | ---- | M] (Nemesis) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MA763001.sys -- (ma763001)
DRV - [2005/02/14 12:05:21 | 000,022,368 | ---- | M] (Doug Fetter Software Wizardry) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbns4x4.sys -- (USBNS4X4)
DRV - [2005/02/14 12:05:21 | 000,009,216 | ---- | M] (Nemesis) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m763001b.sys -- (m763001b)
DRV - [2005/02/14 12:05:21 | 000,006,656 | ---- | M] (Nemesis) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m763001d.sys -- (m763001d)
DRV - [2005/01/22 18:41:01 | 000,022,304 | ---- | M] (Doug Fetter Software Wizardry) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbmn2x2.sys -- (USBMN2X2)
DRV - [2005/01/22 18:41:01 | 000,014,272 | ---- | M] (MIDIMAN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb22ldr.sys -- (USB22LDR)
DRV - [2004/09/29 05:22:22 | 000,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/05 21:20:34 | 000,788,736 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrt.sys -- (smrt)
DRV - [2004/07/29 13:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/04/13 15:57:00 | 000,160,640 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2004/04/13 15:56:00 | 000,682,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/04/13 15:54:00 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 15:10:40 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/11/10 12:31:38 | 000,036,232 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMD033.sys -- (NETMDUSB)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/07/25 11:00:00 | 000,053,412 | ---- | M] (GEAR Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)
DRV - [2001/07/13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS -- (SBKUPNT)
DRV - [2000/12/05 16:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/03/29 18:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/03/26 20:15:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/06/02 18:16:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/11 19:51:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/18 10:52:26 | 000,000,000 | ---D | M]

[2011/05/28 18:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rick Ross\Application Data\Mozilla\Extensions
[2009/10/29 15:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rick Ross\Application Data\Mozilla\Extensions\[email protected]
[2011/06/11 19:51:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/21 11:02:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/06/07 10:51:15 | 000,283,952 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2010/03/31 10:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\PDFNetC.dll
[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ScorchPDFWrapper.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/10 11:12:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [sHotKey] C:\Program Files\SONY\sHotKey\sHotKey.exe (Chicony)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - Reg Error: Value error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.micros...cs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.../kavwebscan.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} http://musicstore.co...ALStreaming.cab (MALPlaybackCtrl Class)
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} http://esupport.aol....oach_core_1.cab (AOL Content Update)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...0/uploader2.cab (UploadListView Class)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com...kup/qdiagcc.cab (QDiagAOLCCUpdateObj Class)
O16 - DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} http://us.dl1.yimg.c...ntr_current.cab (WXcom Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1140818082843 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Rick Ross\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rick Ross\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/09/28 13:06:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/11 16:48:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Rick Ross\Recent
[2011/06/11 13:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/11 12:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Health Optimizer Free Edition
[2011/06/11 12:21:02 | 000,951,104 | ---- | C] (Teebo Software Solutions) -- C:\WINDOWS\System32\tssOfficeMenu1d.ocx
[2011/06/11 12:21:02 | 000,865,088 | ---- | C] (Teebo Software Solutions) -- C:\WINDOWS\System32\ExplorerBarXP2_vba.ocx
[2011/06/11 12:21:02 | 000,851,968 | ---- | C] (Teebo Software Solutions) -- C:\WINDOWS\System32\ExplorerBarXP2Demo.ocx
[2011/06/11 12:21:02 | 000,491,520 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalSGrid6.ocx
[2011/06/11 12:21:02 | 000,312,128 | ---- | C] (Teebo Software Solutions) -- C:\WINDOWS\System32\tssPopupNotify.ocx
[2011/06/11 12:21:02 | 000,143,360 | ---- | C] (DISA-SCOTT) -- C:\WINDOWS\System32\LVbuttons.ocx
[2011/06/11 12:21:02 | 000,094,208 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalIml6.ocx
[2011/06/11 12:21:02 | 000,065,536 | ---- | C] (Marco Bellinaso) -- C:\WINDOWS\System32\MBSplit.ocx
[2011/06/11 12:21:01 | 000,865,080 | ---- | C] (Teebo Software Solutions) -- C:\WINDOWS\System32\ExplorerBarXP2.ocx
[2011/06/11 12:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\PC Health Optimizer Free Edition
[2011/06/11 11:11:26 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/06/11 11:11:26 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/06/11 11:11:24 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/06/11 11:11:18 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/06/11 11:11:18 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/06/11 11:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/06/11 11:11:06 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/06/11 11:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/06/11 11:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/06/11 11:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Ross\Application Data\PC Tools
[2011/06/11 01:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Ross\Application Data\SUPERAntiSpyware.com
[2011/06/11 01:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/06/11 01:50:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/11 01:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/11 01:32:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/08 15:02:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/08 14:57:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/06/08 14:57:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/06/08 14:57:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/06/08 14:57:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/06/08 14:54:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/01 22:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FreeRIP3
[2011/06/01 22:57:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rick Ross\Recent(3)
[2011/06/01 16:00:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Rick Ross\Recent(2)
[2011/06/01 10:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/31 20:48:08 | 000,000,000 | ---D | C] -- C:\+to ipod
[2011/05/28 19:01:12 | 000,000,000 | ---D | C] -- C:\MOVIES
[2011/05/28 18:24:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Ross\Local Settings\Application Data\Ilivid Player
[2011/05/28 18:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2011/05/28 18:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Ross\Local Settings\Application Data\PackageAware
[2011/05/26 20:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/05/23 19:25:10 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/18 11:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Ross\Application Data\Sibelius Software
[2011/05/18 10:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sibelius Software
[2010/05/29 13:56:48 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll
[2010/05/29 13:48:02 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll
[2010/05/29 13:48:02 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll
[2010/05/29 13:48:02 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll
[2010/05/29 13:48:01 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll
[2010/05/29 13:48:00 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll
[2010/05/29 13:48:00 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll
[2010/05/29 13:47:59 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll
[2010/05/29 13:47:57 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeaih.exe
[2010/05/29 13:47:56 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll
[2010/05/29 13:47:54 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe
[2010/05/29 13:47:53 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll
[2010/05/29 13:47:53 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll
[2010/05/29 13:47:52 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe
[2008/02/04 11:11:15 | 000,021,866 | ---- | C] (In-System Design, Inc.) -- C:\Program Files\Common Files\tppupd2k.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[16 C:\Documents and Settings\Rick Ross\My Documents\*.tmp files -> C:\Documents and Settings\Rick Ross\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/11 19:51:30 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/11 19:51:30 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/11 19:43:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/11 19:42:35 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 19:42:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/11 19:14:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/11 18:37:02 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2011/06/11 17:09:51 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A04A00E0-C5DA-4502-A5D0-ABBF91C9B966}.job
[2011/06/11 16:32:09 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/06/11 12:21:05 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\PC Health Optimizer Free Edition.lnk
[2011/06/11 11:11:41 | 000,682,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/11 11:11:13 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/06/11 11:07:57 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\sdsetup_revwire207.exe
[2011/06/11 01:50:09 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 14:14:28 | 000,264,432 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\W-9 RickRoss.pdf
[2011/06/10 13:03:16 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/10 12:03:08 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\PrimoDVD 2.1 (English).lnk
[2011/06/10 11:45:03 | 000,066,507 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena061711.pdf
[2011/06/10 11:43:38 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\Microsoft Office Excel 2003.lnk
[2011/06/10 11:12:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/09 14:15:16 | 000,001,848 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/06/08 15:42:09 | 000,000,450 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\Shortcut to ComboFix.lnk
[2011/06/08 15:02:08 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/06/08 14:38:37 | 000,080,024 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\PC082011.pdf
[2011/06/08 14:11:18 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\Microsoft Office Word 2003.lnk
[2011/06/02 18:16:54 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/06/02 18:16:51 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/02 09:21:51 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Rick Ross\defogger_reenable
[2011/06/01 15:49:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/01 14:26:23 | 000,000,460 | RHS- | M] () -- C:\Documents and Settings\Rick Ross\ntuser.pol
[2011/06/01 11:32:20 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2011/06/01 10:53:28 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 10:47:02 | 000,001,598 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\System Restore.lnk
[2011/06/01 10:22:09 | 000,019,689 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\morebeercart.pdf
[2011/06/01 10:14:21 | 000,066,507 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena060311.pdf
[2011/05/31 09:48:42 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 22:00:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/30 15:30:46 | 000,002,553 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Desktop\CD Label Creator.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/26 11:54:35 | 000,019,921 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\LV0511.pdf
[2011/05/26 10:28:57 | 000,271,360 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\outlook.pst
[2011/05/21 14:59:36 | 000,372,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/17 20:35:20 | 000,219,795 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans5.jpg
[2011/05/17 20:34:50 | 000,293,403 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans4.jpg
[2011/05/17 20:34:27 | 000,282,985 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans3.jpg
[2011/05/17 20:22:12 | 000,293,206 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans1.jpg
[2011/05/17 20:18:38 | 000,289,764 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans2.jpg
[2011/05/16 14:04:46 | 000,066,505 | ---- | M] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena052011.pdf
[2011/05/14 13:58:16 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\Rick Ross\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[16 C:\Documents and Settings\Rick Ross\My Documents\*.tmp files -> C:\Documents and Settings\Rick Ross\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/11 19:51:30 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/11 19:51:30 | 000,000,765 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/11 19:51:30 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/11 12:21:05 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Desktop\PC Health Optimizer Free Edition.lnk
[2011/06/11 12:21:02 | 000,515,584 | ---- | C] () -- C:\WINDOWS\System32\RetinaTSpinEditXControl1.ocx
[2011/06/11 12:21:01 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\vbalSGrid6.oca
[2011/06/11 12:21:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ExplorerBarXP2.oca
[2011/06/11 12:21:01 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\tssOfficeMenu1d.oca
[2011/06/11 12:21:01 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\lvbuttons.oca
[2011/06/11 12:21:01 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\tssPopupNotify.oca
[2011/06/11 12:21:01 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\vbaliml6.oca
[2011/06/11 12:21:01 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\hmfax.oca
[2011/06/11 11:11:28 | 000,682,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/11 11:11:13 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2011/06/11 11:08:13 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Desktop\sdsetup_revwire207.exe
[2011/06/11 01:50:09 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/10 14:14:28 | 000,264,432 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\W-9 RickRoss.pdf
[2011/06/10 11:44:51 | 000,066,507 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena061711.pdf
[2011/06/08 15:42:09 | 000,000,450 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Desktop\Shortcut to ComboFix.lnk
[2011/06/08 15:02:08 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2011/06/08 15:02:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/06/08 14:57:29 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/08 14:57:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/08 14:57:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/08 14:57:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/08 14:57:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/08 14:35:58 | 000,080,024 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\PC082011.pdf
[2011/06/02 09:21:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rick Ross\defogger_reenable
[2011/06/01 10:14:10 | 000,066,507 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena060311.pdf
[2011/05/26 11:54:33 | 000,019,921 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\LV0511.pdf
[2011/05/25 11:57:25 | 000,019,689 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\morebeercart.pdf
[2011/05/17 20:35:20 | 000,219,795 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans5.jpg
[2011/05/17 20:34:50 | 000,293,403 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans4.jpg
[2011/05/17 20:34:26 | 000,282,985 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans3.jpg
[2011/05/17 20:22:10 | 000,293,206 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans1.jpg
[2011/05/17 20:18:37 | 000,289,764 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\optrans2.jpg
[2011/05/16 14:04:44 | 000,066,505 | ---- | C] () -- C:\Documents and Settings\Rick Ross\My Documents\Escena052011.pdf
[2011/01/21 13:52:38 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/09/08 12:31:22 | 000,077,216 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/06 10:43:12 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2010/05/29 13:57:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxeavs.dll
[2010/05/29 13:56:28 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxeagcfg.dll
[2010/05/29 13:56:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxeacuir.dll
[2010/05/29 13:56:23 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxeacui.dll
[2010/05/29 13:48:18 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxearwrd.ini
[2010/05/29 13:48:03 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\LXEAinst.dll
[2010/05/29 13:47:58 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxeainsb.dll
[2010/05/29 13:47:58 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxeainsr.dll
[2010/05/29 13:47:58 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxeajswr.dll
[2010/05/29 13:47:57 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxeains.dll
[2010/05/29 13:47:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxeagrd.dll
[2010/05/29 13:47:55 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxeacub.dll
[2010/05/29 13:47:55 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxeacur.dll
[2010/05/29 13:47:54 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxeacu.dll
[2010/05/29 13:43:45 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEAsmr.dll
[2010/05/29 13:43:44 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEAsm.dll
[2010/04/11 01:05:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/03 20:20:06 | 000,038,472 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Application Data\Comma Separated Values (Windows).ADR
[2009/02/12 15:36:19 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/01/04 14:58:43 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Application Data\WavCodec.wff
[2008/10/09 12:27:56 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS
[2008/10/09 12:27:56 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\DEVLOAD.EXE
[2008/10/09 12:27:17 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/07/05 00:11:38 | 000,000,198 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/19 00:13:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/05/05 11:20:52 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/03/24 14:41:24 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2008/01/31 12:28:02 | 000,000,422 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2007/12/18 21:03:10 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/02 12:45:56 | 000,000,074 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2007/09/14 10:03:07 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/13 14:03:39 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/06/02 14:45:42 | 000,001,334 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/22 15:40:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Application Data\dm.ini
[2007/04/03 09:40:45 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/05/04 14:07:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/04/15 15:45:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/03/22 14:19:06 | 000,000,431 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2006/03/12 18:16:09 | 000,000,031 | ---- | C] () -- C:\WINDOWS\FP3D.INI
[2005/11/22 21:00:00 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/10/19 13:26:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/08/30 12:24:57 | 000,000,258 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/08/15 13:14:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/08/12 14:57:09 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/03 14:49:22 | 003,423,744 | ---- | C] () -- C:\WINDOWS\System32\libfilefmt-1.1.0.dll
[2005/07/03 14:49:22 | 000,706,048 | ---- | C] () -- C:\WINDOWS\System32\libmcl-3.1.1.dll
[2005/07/03 14:49:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\libavi-dd-1.2.0.dll
[2005/05/15 10:46:33 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2005/05/11 14:13:46 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/05/04 10:13:39 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2005/03/12 13:29:10 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2005/03/12 12:50:13 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/02/03 23:35:39 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Application Data\wklnhst.dat
[2005/01/29 14:24:04 | 000,007,156 | ---- | C] () -- C:\Program Files\FACTOR.NFO
[2005/01/29 14:24:04 | 000,006,416 | ---- | C] () -- C:\Program Files\FAC_PT63.EXE
[2005/01/29 14:24:04 | 000,000,553 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2005/01/28 18:06:38 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/01/26 18:53:22 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2005/01/25 12:08:40 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe
[2005/01/22 18:46:46 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/01/22 15:05:26 | 000,006,925 | R--- | C] () -- C:\WINDOWS\System32\LANGMONI.DLL
[2005/01/22 14:57:12 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2005/01/21 17:31:13 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/01/21 14:40:02 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Rick Ross\Local Settings\Application Data\fusioncache.dat
[2005/01/21 14:14:29 | 000,009,192 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/01/21 14:13:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/21 14:00:52 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/01/21 13:57:55 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/21 13:57:55 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/21 13:57:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/21 13:57:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/21 13:57:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/21 13:57:55 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/09/28 14:41:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/28 14:00:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2004/09/28 14:00:39 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/09/28 13:45:37 | 000,111,552 | ---- | C] () -- C:\WINDOWS\setup.exe
[2004/09/28 13:33:39 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat
[2004/09/28 13:11:23 | 000,000,904 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/28 13:07:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/09/28 13:03:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/09/28 12:55:15 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2004/09/28 12:55:06 | 000,000,790 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/09/28 12:55:03 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf(2).dll
[2004/09/28 12:54:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/09/28 12:54:39 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(4).dll
[2004/09/28 12:54:39 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2004/09/28 12:54:39 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz(3).dll
[2004/09/28 12:54:39 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit(2).dll
[2004/09/28 12:54:38 | 000,546,948 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/09/28 12:54:38 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/09/28 12:54:38 | 000,107,302 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/09/28 12:54:38 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/09/28 12:54:38 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/09/28 12:54:37 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/09/28 12:54:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/09/28 12:54:35 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2004/09/28 12:54:34 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/09/28 12:54:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/09/28 12:54:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/09/28 12:54:27 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum(2).dll
[2004/09/28 12:54:27 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/09/28 06:00:43 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/09/28 06:00:07 | 000,372,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/07/30 14:36:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2003/07/23 08:53:30 | 000,373,967 | ---- | C] () -- C:\WINDOWS\ml-uninstall-v10.exe
[2003/03/27 17:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/03/27 15:18:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\akrip.dll
[2003/03/19 19:14:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pagesync.dll
[2003/01/30 19:55:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/06 11:55:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\ml-WA3Shutdown.exe
[2002/07/23 13:21:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2002/07/23 13:21:04 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2002/07/23 13:20:42 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2002/07/23 13:20:38 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2002/06/12 13:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2002/04/02 17:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe
[2002/04/02 17:08:32 | 000,036,868 | ---- | C] () -- C:\WINDOWS\ml-winamp-shutdown.exe
[2002/03/18 13:37:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\mwmp3enc.dll
[2002/02/15 17:12:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ASPIshim.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2005/02/14 12:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2011/01/21 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/10 11:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2006/11/21 14:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\billeo
[2007/04/16 10:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2009/09/10 13:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cadsoft
[2008/10/05 13:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2011/03/26 15:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CraigsPal
[2009/04/29 13:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2005/05/03 19:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2010/09/06 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2010/06/28 18:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark S300-S400 Series
[2009/02/06 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/01/31 10:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/03/23 13:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/07/26 12:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2005/03/12 12:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2005/03/12 12:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2011/06/11 11:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/23 16:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/05/10 09:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/03/12 16:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\X10 Settings
[2006/10/10 18:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAMAHA
[2009/03/11 19:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/05/08 12:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/21 19:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/07 10:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2005/02/14 13:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Ableton
[2011/06/01 22:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Amazon
[2007/03/20 16:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Anvil Studio
[2010/04/10 11:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Ashampoo
[2010/09/26 10:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\AskToolbar
[2005/07/30 09:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Avant Browser
[2008/08/08 15:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Cakewalk
[2009/12/19 17:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Canon
[2009/04/12 10:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Carnival Software
[2009/04/02 11:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\DNA
[2009/03/23 13:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\DriverCure
[2010/06/27 20:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Facebook
[2008/09/09 14:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Flickr
[2005/03/25 16:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\InterVideo
[2005/02/10 17:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Leadertech
[2005/11/30 12:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\NCH Swift Sound
[2007/04/16 10:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Paltalk
[2008/01/15 17:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\QQ Games Plugin
[2005/11/30 12:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\RecordPad
[2005/03/12 12:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\ScanSoft
[2007/12/25 10:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Sereniti
[2007/09/17 13:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Simple Star
[2010/06/04 15:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\SmartDraw
[2005/02/03 23:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Template
[2005/04/27 10:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Ulead Systems
[2007/01/20 11:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Viewpoint
[2008/01/31 10:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Windows Live Writer
[2010/09/06 10:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Ross\Application Data\Xilisoft
[2011/06/11 18:37:02 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2011/06/11 19:35:08 | 000,006,684 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/06/11 17:09:51 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A04A00E0-C5DA-4502-A5D0-ABBF91C9B966}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Edited by sauhund, 11 June 2011 - 09:18 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP