OTL logfile created on: 6/24/2011 5:21:31 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 60.83% Memory free
4.84 Gb Paging File | 3.73 Gb Available in Paging File | 77.08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 175.62 Gb Free Space | 58.91% Space Free | Partition Type: NTFS
Computer Name: XPHOME32 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/24 05:18:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe
PRC - [2011/06/23 04:54:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/10/07 13:48:44 | 000,376,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Home Server\WHSConnector.exe
PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2002/12/31 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/24 05:18:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (seclogon32)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/06/15 22:40:26 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/21 16:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/04/24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/10/07 13:48:44 | 000,376,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Home Server\WHSConnector.exe -- (WHSConnector)
SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - [2011/06/24 05:04:18 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E80CE79-4645-4665-887D-87183F6E153B}\MpKsl297154d4.sys -- (MpKsl297154d4)
DRV - [2011/06/24 05:03:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E80CE79-4645-4665-887D-87183F6E153B}\MpKsleb1937b2.sys -- (MpKsleb1937b2)
DRV - [2011/06/24 04:30:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E80CE79-4645-4665-887D-87183F6E153B}\MpKsl54fc1841.sys -- (MpKsl54fc1841)
DRV - [2011/06/24 03:45:35 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E80CE79-4645-4665-887D-87183F6E153B}\MpKslf31f446a.sys -- (MpKslf31f446a)
DRV - [2011/06/24 03:42:01 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7E80CE79-4645-4665-887D-87183F6E153B}\MpKsl6b145c28.sys -- (MpKsl6b145c28)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/11 00:05:07 | 000,459,616 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/22 06:29:46 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/06 18:26:54 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/05/10 10:44:48 | 000,022,328 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\DVDSYS32_100507.sys -- (MSI_DVD_010507)
DRV - [2010/05/10 10:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/05/10 10:44:36 | 000,016,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\VGASYS32_100507.sys -- (MSI_VGASYS_010507)
DRV - [2010/04/24 01:10:54 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2010/04/24 01:10:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2010/04/24 01:10:50 | 000,211,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2010/04/24 01:10:44 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009/10/30 07:49:56 | 000,176,768 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/10/07 13:44:10 | 000,045,056 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2009/08/19 17:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/09/23 13:15:00 | 000,038,400 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004/10/27 16:05:10 | 000,022,144 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM851X.SYS -- (ADM851X)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 22:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2002/09/24 00:37:00 | 000,080,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2001/11/02 14:33:18 | 000,328,320 | ---- | M] (ForteMedia, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FM801.SYS -- (wdm_fm801) FM801 PCI Audio (WDM)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)
DRV - [2000/04/23 09:10:04 | 000,011,089 | ---- | M] (ForteMedia, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FMJOY.SYS -- (gameport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/22 09:04:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 04:54:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/23 04:54:33 | 000,000,000 | ---D | M]
[2010/09/21 15:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2011/06/23 17:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions
[2011/03/21 17:51:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/21 17:51:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/26 05:28:41 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/11/19 03:57:49 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/03/21 17:51:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\x0zv5d6u.default\extensions\[email protected]
[2011/06/23 17:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/12 00:30:29 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/22 09:04:13 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2010/07/27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010/07/28 19:14:08 | 000,022,016 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
O1 HOSTS File: ([2011/06/22 12:53:35 | 000,000,888 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.95.59.212 search.yahoo.com
O1 - Hosts: 184.95.59.212 www.bing.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (f4760ef4) - {4CB5B014-2002-14F6-49A9-7E5348C13956} - C:\WINDOWS\system32\kd139432.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit2.dll (Conduit Ltd.)
O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBit2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1271874400571 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1271874502400 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...ine/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/21 12:26:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9bf39930-5e03-11df-97f1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9bf39930-5e03-11df-97f1-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9bf39930-5e03-11df-97f1-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL docs\client_restore_instructions.htm
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2059/05/08 10:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Macromedia
[2059/05/07 20:11:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Atheros_L1e
[2059/05/07 20:11:18 | 000,038,400 | R--- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\l1e51x86.sys
[2011/06/24 03:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2011/06/24 01:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
[2011/06/22 09:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\AVG10
[2011/06/22 09:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/06/22 09:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/06/22 09:02:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/06/21 23:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Plants vs Zombies
[2011/06/21 23:22:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/21 23:09:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/06/21 23:09:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/06/21 23:09:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/06/21 23:09:33 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/06/21 23:09:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/21 23:09:12 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/06/21 23:08:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/20 07:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/06/20 07:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2011/06/20 06:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/06/20 06:22:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/06/20 04:48:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/06/20 04:48:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/20 03:06:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/20 03:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/19 21:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/06/19 21:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/06/16 03:33:02 | 000,000,000 | ---D | C] -- C:\055c2202582ee53e67941b0037b5
[2011/06/16 03:28:29 | 000,000,000 | ---D | C] -- C:\84b59dde66da6f5be04cc12c7f
[2011/06/16 03:11:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/12 00:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2011/06/12 00:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/06/12 00:30:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/06/09 15:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Eminem - Bad Meets Evil - [bleep] The Sequel [2011]
[2011/06/08 21:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\InstallShield Installation Information
[2011/06/08 21:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\dw
[2011/06/08 13:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\DOSBox-0.63
[2011/06/08 12:44:06 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\url.dll
[2011/06/08 12:44:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\rnaph.dll
[2011/06/08 12:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\wb
[2011/06/08 02:09:11 | 000,000,000 | ---D | C] -- C:\WARCRAFT
[2011/06/08 01:47:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2011/06/08 01:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2011/06/07 19:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Black Isle
[2011/06/07 12:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2011/06/04 07:19:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\solcache
[2011/06/04 07:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sierra
[2011/06/04 07:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra On-Line
[2011/06/04 07:19:18 | 000,000,000 | ---D | C] -- C:\SIERRA
[2011/06/04 07:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo
[2011/06/02 13:25:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\My Digital Editions
[2011/06/02 13:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
[2011/06/02 13:22:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Apple Computer
[2011/06/02 13:22:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\My Barnes & Noble eBooks
[2011/06/02 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Barnes & Noble
[2011/05/31 23:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Comical
[2011/05/31 23:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Comical
[2011/05/29 02:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Media Player Classic
[2011/05/28 04:38:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\go
[2011/05/28 04:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/05/27 23:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\spiral
[2004/12/10 14:52:21 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[2004/12/10 14:52:15 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2059/05/07 19:56:16 | 000,028,545 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2011/06/24 05:15:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-651377827-1417001333-1004UA.job
[2011/06/24 05:09:37 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/24 05:00:49 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/24 04:53:16 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/24 04:48:40 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/24 04:47:17 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/24 04:29:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/24 03:47:52 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/06/23 18:15:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-651377827-1417001333-1004Core.job
[2011/06/23 17:57:05 | 119,647,142 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/22 12:53:35 | 000,000,888 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/22 09:04:16 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/06/22 08:59:57 | 008,843,529 | ---- | M] () -- C:\WINDOWS\System32\TMQQHJA
[2011/06/22 03:04:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/21 23:18:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 19:37:48 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/21 19:31:20 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011/06/20 06:24:27 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/06/20 06:17:16 | 000,012,182 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\nnrkxa3212pn2yo44twiuj27ui6iqwd
[2011/06/20 06:17:15 | 000,012,182 | -HS- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\nnrkxa3212pn2yo44twiuj27ui6iqwd
[2011/06/19 23:21:31 | 001,301,838 | ---- | M] () -- C:\Documents and Settings\User\Desktop\spiral_2011-06-19_23-21-30.png
[2011/06/18 03:46:48 | 000,520,762 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/18 03:46:48 | 000,094,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/16 17:06:28 | 000,016,404 | ---- | M] () -- C:\Documents and Settings\User\Desktop\VB_order.htm
[2011/06/15 15:12:14 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/14 19:41:20 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/14 19:41:16 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Google Chrome.lnk
[2011/06/13 00:01:32 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\2125154774
[2011/06/13 00:00:01 | 000,001,428 | ---- | M] () -- C:\Documents and Settings\User\Desktop\ Mabinogi .lnk
[2011/06/11 15:51:55 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\548559a6
[2011/06/11 13:11:45 | 000,186,880 | ---- | M] () -- C:\WINDOWS\System32\kd139432.dll
[2011/06/08 21:35:04 | 3760,025,756 | ---- | M] () -- C:\Documents and Settings\User\Desktop\dw.nrg
[2011/06/08 13:02:47 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\User\Desktop\DOSBox.lnk
[2011/06/08 13:02:04 | 001,049,705 | ---- | M] () -- C:\Documents and Settings\User\Desktop\DOSBox-0.63-install.exe
[2011/06/08 12:59:24 | 005,455,020 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Warcraft.zip
[2011/06/08 12:50:37 | 000,006,984 | ---- | M] () -- C:\Documents and Settings\User\Desktop\BG2v2.0.23037.zip
[2011/06/08 12:33:19 | 000,000,064 | ---- | M] () -- C:\Documents and Settings\User\default.pls
[2011/06/08 09:57:55 | 000,000,386 | ---- | M] () -- C:\WINDOWS\SIERRA.INI
[2011/06/08 09:57:39 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\netMarket!.URL
[2011/06/08 01:47:45 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2011/06/07 19:18:57 | 000,002,131 | ---- | M] () -- C:\Documents and Settings\User\Desktop\vba.ini
[2011/06/04 13:10:48 | 000,066,936 | -HS- | M] () -- C:\WINDOWS\hrinfo_0.drv
[2011/05/31 10:41:03 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/28 01:45:15 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Spiral Knights.lnk
[2011/05/27 21:08:27 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2059/05/07 19:56:18 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2059/05/07 19:56:07 | 000,028,545 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2059/05/07 19:56:05 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/06/23 17:57:05 | 119,647,142 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/23 17:02:34 | 000,000,252 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/23 17:02:16 | 000,000,252 | -H-- | C] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/22 09:04:16 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/06/22 08:55:57 | 008,843,529 | ---- | C] () -- C:\WINDOWS\System32\TMQQHJA
[2011/06/21 23:18:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/21 23:09:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/21 23:09:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/21 23:09:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/21 23:09:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/21 23:09:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/21 22:52:13 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\1.gif
[2011/06/21 22:52:11 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\ct_start
[2011/06/21 19:31:20 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011/06/20 06:33:25 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/20 06:22:52 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/06/20 05:15:25 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/06/20 04:58:12 | 000,012,182 | -HS- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\nnrkxa3212pn2yo44twiuj27ui6iqwd
[2011/06/20 04:51:24 | 000,012,182 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\nnrkxa3212pn2yo44twiuj27ui6iqwd
[2011/06/20 04:51:24 | 000,001,164 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\nnrkxa3212pn2yo44twiuj27ui6iqwd
[2011/06/19 23:21:30 | 001,301,838 | ---- | C] () -- C:\Documents and Settings\User\Desktop\spiral_2011-06-19_23-21-30.png
[2011/06/19 21:23:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/16 17:06:28 | 000,016,404 | ---- | C] () -- C:\Documents and Settings\User\Desktop\VB_order.htm
[2011/06/12 00:30:04 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/06/11 15:22:11 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\548559a6
[2011/06/11 13:11:45 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\kd139432.dll
[2011/06/11 13:11:44 | 000,000,098 | ---- | C] () -- C:\WINDOWS\System32\2125154774
[2011/06/08 21:27:47 | 3760,025,756 | ---- | C] () -- C:\Documents and Settings\User\Desktop\dw.nrg
[2011/06/08 13:02:47 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\User\Desktop\DOSBox.lnk
[2011/06/08 13:01:56 | 001,049,705 | ---- | C] () -- C:\Documents and Settings\User\Desktop\DOSBox-0.63-install.exe
[2011/06/08 12:50:47 | 000,006,984 | ---- | C] () -- C:\Documents and Settings\User\Desktop\BG2v2.0.23037.zip
[2011/06/08 10:43:23 | 005,455,020 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Warcraft.zip
[2011/06/08 09:57:39 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\netMarket!.URL
[2011/06/08 01:47:45 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2011/06/08 01:41:42 | 087,054,576 | ---- | C] () -- C:\Documents and Settings\User\Desktop\WarCraft Orcs & Humans.img
[2011/06/07 16:06:52 | 000,002,131 | ---- | C] () -- C:\Documents and Settings\User\Desktop\vba.ini
[2011/06/04 13:10:48 | 000,066,936 | -HS- | C] () -- C:\WINDOWS\hrinfo_0.drv
[2011/06/04 07:19:00 | 000,000,386 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2011/05/28 01:45:15 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Spiral Knights.lnk
[2011/05/28 01:45:15 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Spiral Knights.lnk
[2011/05/27 23:19:54 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2011/05/18 20:37:06 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys
[2011/05/18 20:37:06 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys
[2010/12/23 18:57:12 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010/12/12 13:41:44 | 000,000,331 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2010/10/31 23:42:32 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/09 11:10:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/10/09 05:50:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/08 15:00:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/09/21 15:00:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/20 18:09:28 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/20 18:09:24 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/20 18:09:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/13 16:06:03 | 000,001,127 | ---- | C] () -- C:\WINDOWS\soundcfg.ini
[2010/09/13 16:05:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ftdll32.dll
[2010/07/10 05:38:00 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/04/21 15:50:38 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/04/21 15:50:31 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2010/04/21 12:28:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/04/21 12:24:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/04/21 12:17:53 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/21 12:16:45 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/08 21:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/12 08:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 12:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 12:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/04/09 12:32:32 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2007/04/09 12:24:30 | 000,046,273 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2007/04/09 12:19:18 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2005/06/16 10:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2004/12/10 14:52:31 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/12/10 14:52:24 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2004/12/10 14:52:24 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2004/12/10 14:52:23 | 000,217,272 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2004/12/10 14:52:23 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2004/12/10 14:52:23 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2004/12/10 14:52:22 | 000,048,128 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2004/12/10 14:52:21 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2002/12/31 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/12/31 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/12/31 08:00:00 | 000,520,762 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/12/31 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/12/31 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/12/31 08:00:00 | 000,094,032 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/12/31 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/12/31 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/12/31 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/12/31 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/12/31 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2002/12/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/24 00:37:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2002/09/24 00:37:00 | 000,000,122 | ---- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
========== Files - Unicode (All) ==========
[2011/03/10 12:32:14 | 000,000,000 | ---D | M](C:\Documents and Settings\User\My Documents\?? ???) -- C:\Documents and Settings\User\My Documents\넥슨 플러그
[2010/09/23 03:54:23 | 000,000,000 | ---D | C](C:\Documents and Settings\User\My Documents\?? ???) -- C:\Documents and Settings\User\My Documents\넥슨 플러그
< End of report >