Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Search engine redirection

Started by leo4444 , Jul 06 2011 01:20 PM

  • Please log in to reply

#1
leo4444
Posted 06 July 2011 - 01:20 PM

leo4444

    New Member

  • Member
  • Pip
  • 1 posts
My search redirects me about 30% of the time. My friend also said he was getting emails from me and it was malaware that i did not send, I changed my password and it stoped though but my search engine still redirects me. I tried malaware-bytes but nothing and same with Avast.

OTL logfile created on: 7/6/2011 12:06:14 PM - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.00 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 55.18% Memory free
10.00 Gb Paging File | 7.32 Gb Available in Paging File | 73.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 32.73 Gb Free Space | 7.03% Space Free | Partition Type: NTFS
Drive E: | 5.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 178.37 Gb Total Space | 6.48 Gb Free Space | 3.63% Space Free | Partition Type: NTFS
Drive G: | 7.91 Gb Total Space | 0.55 Gb Free Space | 6.97% Space Free | Partition Type: FAT32

Computer Name: LEO4444-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/06 12:04:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2011/06/28 04:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/06/28 04:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/24 21:28:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/10 05:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/02/12 14:40:39 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/11/21 14:36:19 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2010/11/16 19:13:57 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe


========== Modules (SafeList) ==========

MOD - [2011/07/06 12:04:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/01/26 15:55:36 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/29 10:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/06/29 12:28:07 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/28 04:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/26 22:41:56 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/03/22 12:42:52 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/02/12 14:40:39 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/21 18:43:27 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- c:\Program Files (x86)\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe -- (DAUpdaterSvc)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$BWDATOOLSET) SQL Server (BWDATOOLSET)
SRV - [2010/09/07 23:53:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/05/10 04:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/03/30 11:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/26 21:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/26 16:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 15:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/08/13 20:39:17 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/06/04 20:15:24 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/23 13:01:21 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/04/23 13:01:20 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/02/17 11:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 11:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/07/13 17:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/02/27 01:48:46 | 000,089,488 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2008/01/19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV - [2011/04/04 11:57:35 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2010/01/29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2008/02/15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys -- (FLASHSYS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 BC 72 42 64 D3 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@muzzylane.com/SandstonePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\muzzylane.com/SandstonePocket: C:\Program Files (x86)\Muzzy Lane Software\Sandstone Player\npSandstonePocket.dll (Muzzy Lane Software Inc)
FF - HKLM\Software\MozillaPlugins\muzzylane.com/SandstoneUpdatePlayable: C:\Program Files (x86)\Muzzy Lane Software\Sandstone Player\npSandstoneUpdatePlayable.dll (Muzzy Lane Software Inc)
FF - HKLM\Software\MozillaPlugins\muzzylane.com/SandstoneVersionCheck: C:\Program Files (x86)\Muzzy Lane Software\Sandstone Player\npSandstoneVersionCheck.dll (Muzzy Lane Software Inc)
FF:64bit: - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF:64bit: - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/05/16 12:42:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/03 15:03:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\Administrator\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} [2010/08/13 20:59:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/21 14:36:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{431324A1-2ECC-44EC-8C90-42796AC33D47}: C:\Users\Administrator\AppData\Local\{431324A1-2ECC-44EC-8C90-42796AC33D47} [2011/04/04 11:07:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/23 20:09:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/24 21:28:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 11:10:52 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/05/16 12:42:49 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/03 15:03:43 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\Administrator\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66} [2010/08/13 20:59:19 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/21 14:36:29 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{431324A1-2ECC-44EC-8C90-42796AC33D47}: C:\Users\Administrator\AppData\Local\{431324A1-2ECC-44EC-8C90-42796AC33D47} [2011/04/04 11:07:56 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/23 20:09:01 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/24 21:28:09 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 11:10:52 | 000,000,000 | ---D | M]

[2010/06/24 12:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2010/06/24 12:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/12/05 12:55:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6gs14v1t.default\extensions
[2010/12/05 12:55:05 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6gs14v1t.default\extensions\vshare@toolbar
[2011/06/25 12:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions
[2010/06/24 00:22:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/02 09:52:41 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2011/06/25 12:57:37 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/06/25 12:57:38 | 000,000,000 | ---D | M] (Free i-Dressup Community Toolbar) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\{ff19b72a-36ed-4066-8865-a580ae938cce}
[2011/05/07 11:06:13 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\[email protected]
[2011/04/30 11:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\nostmp
[2010/12/05 12:55:05 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\vshare@toolbar
[2010/08/28 15:43:51 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k2cc6f4s.default\extensions\vshareus@toolbar
[2011/05/19 15:01:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/24 21:28:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/09/13 22:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll
[2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npViewpoint.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/04/27 01:28:41 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchaudio.xml

O1 HOSTS File: ([2011/04/22 15:29:27 | 000,000,732 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/24 17:12:41 | 000,000,000 | ---D | M] - E:\autorun -- [ CDFS ]
O32 - AutoRun File - [2007/07/19 07:53:44 | 000,000,058 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek) - E:\AutoRunCD.exe -- [ CDFS ]
O33 - MountPoints2\{4d846359-2da4-11df-8d66-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4d846359-2da4-11df-8d66-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRunCD.exe -- [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek)
O33 - MountPoints2\{d4ad2038-0323-11e0-897a-0022682e2e7c}\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: cttuiles - (C:\Windows\system32\MigAunas.dll) - File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/06 12:04:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011/07/06 11:21:24 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2011/07/06 00:16:03 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/07/05 17:15:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ArmA 2 OA
[2011/07/05 15:23:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/07/05 00:43:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ArmA 2
[2011/07/05 00:43:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ArmA 2
[2011/07/04 01:21:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ArmA 2 Other Profiles
[2011/07/04 01:15:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ArmA 2 Free
[2011/07/04 01:11:56 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2011/07/04 01:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2011/07/04 01:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2011/07/02 20:02:19 | 000,000,000 | ---D | C] -- C:\AMD
[2011/07/02 11:04:52 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011/07/02 10:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/02 10:59:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/07/02 10:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/07/02 10:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/07/02 10:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/07/02 10:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/02 10:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/07/02 10:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/02 10:56:37 | 000,000,000 | ---D | C] -- C:\ATI
[2011/07/02 10:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2011/07/02 10:33:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/07/01 11:17:53 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011/06/28 20:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/28 20:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/26 22:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Specialbit
[2011/06/26 22:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BOONTY
[2011/06/26 22:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BOONTY Shared
[2011/06/26 22:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BoontyGames
[2011/06/26 22:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BoontyGames
[2011/06/26 22:38:08 | 000,000,000 | ---D | C] -- C:\Boonty
[2011/06/25 00:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/06/25 00:51:31 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/06/25 00:51:31 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/06/25 00:51:31 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/06/25 00:51:31 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/06/25 00:51:31 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/06/25 00:51:29 | 001,560,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011/06/25 00:51:29 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2011/06/25 00:51:29 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2011/06/25 00:51:29 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2011/06/25 00:51:29 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2011/06/25 00:51:29 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011/06/25 00:51:28 | 002,405,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011/06/25 00:51:28 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2011/06/25 00:51:26 | 003,114,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011/06/25 00:51:26 | 001,805,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011/06/25 00:51:26 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/06/25 00:51:26 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/06/25 00:51:26 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2011/06/25 00:51:26 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/06/25 00:51:26 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/06/25 00:51:25 | 001,483,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2011/06/25 00:51:25 | 001,245,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011/06/25 00:51:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/06/25 00:51:25 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/06/25 00:51:25 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011/06/25 00:51:24 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011/06/25 00:51:24 | 002,238,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011/06/25 00:51:24 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/06/25 00:51:24 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2011/06/25 00:51:24 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011/06/25 00:51:24 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011/06/25 00:51:24 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011/06/25 00:51:24 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/06/25 00:51:24 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011/06/25 00:51:24 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011/06/25 00:51:24 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011/06/25 00:51:22 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/06/25 00:51:22 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011/06/25 00:51:22 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011/06/25 00:51:22 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011/06/25 00:51:22 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011/06/25 00:51:22 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011/06/25 00:51:22 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011/06/25 00:51:22 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011/06/25 00:51:22 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011/06/25 00:51:22 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011/06/25 00:51:22 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011/06/25 00:51:22 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011/06/25 00:51:22 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011/06/25 00:51:22 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2011/06/25 00:51:22 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2011/06/25 00:51:19 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011/06/23 20:45:57 | 001,427,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642090.dll
[2011/06/20 15:54:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\cpu temp
[2011/06/20 15:21:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2011/06/17 19:05:10 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/06/17 19:05:10 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 19:05:10 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/06/17 19:05:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/17 19:05:10 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/17 19:05:10 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/06/17 19:05:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/17 19:05:10 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/06/17 19:05:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/06/17 19:05:10 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/06/17 19:05:10 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/06/17 19:05:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/06/17 19:05:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 19:05:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/06/17 19:05:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/06/17 19:05:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/06/17 19:05:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/06/17 19:05:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/06/17 19:05:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/06/17 19:05:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/06/17 19:05:10 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/06/17 19:05:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/17 19:05:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/06/17 19:05:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/06/17 19:05:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/06/17 19:05:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/06/17 19:05:10 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/06/17 19:05:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/06/17 19:05:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/06/17 19:05:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/06/17 19:05:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/06/17 19:05:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 19:05:10 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/06/17 19:05:10 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/06/17 19:05:10 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/06/17 19:05:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/06/17 19:05:10 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/06/17 19:05:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/06/17 19:05:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/17 19:05:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/17 19:05:09 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/06/17 19:05:09 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/17 19:05:09 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/06/17 19:05:09 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/17 19:05:09 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/17 19:05:09 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/17 19:05:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/06/17 19:05:09 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/06/17 19:05:09 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/17 19:05:09 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/06/17 19:05:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/06/17 19:05:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/17 19:05:09 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/06/17 19:05:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/06/17 19:05:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/06/17 19:05:09 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/06/17 19:05:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/06/17 19:05:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/06/17 19:05:09 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/06/17 19:05:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/06/17 19:05:09 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/17 19:05:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/06/17 19:05:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/06/17 19:05:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/06/17 19:05:09 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/06/17 19:05:09 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/17 19:05:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/06/17 19:05:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/06/17 19:05:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/06/17 19:05:09 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/06/17 19:05:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/06/17 19:05:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/06/17 19:05:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/06/17 19:05:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/06/17 19:05:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/06/17 19:05:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/17 19:05:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/06/17 19:05:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/17 18:54:13 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/06/17 18:54:10 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/06/17 18:54:10 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/06/17 18:53:27 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/17 18:53:26 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/17 18:53:26 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/17 18:53:03 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/16 16:00:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\WMTools Downloaded Files
[2011/06/16 15:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2011/06/16 15:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\YouTube Downloader
[2011/06/16 15:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2011/06/16 15:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader
[2011/06/16 15:38:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{798F2F3B-E417-49F4-91B8-8924B26ED530}
[2011/06/14 13:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
[2011/06/14 13:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\KingsIsle Entertainment
[2011/06/13 02:14:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Administrator\AppData\Roaming\pcouffin.sys
[2011/06/13 02:14:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\PcSetup
[2011/06/12 12:34:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ConvertXToDVD
[2011/06/12 12:33:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Vso
[2006/10/27 23:00:48 | 000,463,152 | ---- | C] (Microsoft Corporation) -- C:\Users\Administrator\AppData\Roaming\setup.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/06 12:04:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2011/07/06 11:52:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/06 11:52:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/06 11:45:41 | 000,007,891 | ---- | M] () -- C:\Users\Administrator\Desktop\DxDiag.rar
[2011/07/06 11:42:23 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 11:42:23 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/06 10:51:00 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/07/06 10:49:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/06 10:49:55 | 4025,884,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/06 00:16:03 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/07/05 15:48:28 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/07/05 15:48:28 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/07/03 19:43:31 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/07/03 19:43:31 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/07/02 20:24:33 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/07/02 13:48:08 | 000,001,440 | ---- | M] () -- C:\Users\Administrator\Desktop\Eastern Front Launcher.lnk
[2011/07/02 11:09:29 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/07/02 10:42:10 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011/07/01 11:28:10 | 000,001,082 | ---- | M] () -- C:\Users\Administrator\Desktop\MSI Afterburner.lnk
[2011/06/30 12:02:24 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/06/28 20:37:45 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/27 00:46:09 | 000,934,624 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2011/06/27 00:46:09 | 000,222,906 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2011/06/27 00:46:08 | 000,886,102 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/27 00:46:08 | 000,200,186 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/27 00:46:08 | 000,006,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/25 00:37:38 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011/06/25 00:37:38 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011/06/24 21:29:44 | 000,001,859 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/23 21:17:06 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/06/17 19:16:12 | 000,001,433 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/17 19:14:15 | 000,415,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/17 19:05:10 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/06/17 19:05:10 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 19:05:10 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/06/17 19:05:10 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/17 19:05:10 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/17 19:05:10 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/06/17 19:05:10 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/17 19:05:10 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/06/17 19:05:10 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/06/17 19:05:10 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/06/17 19:05:10 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/06/17 19:05:10 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/06/17 19:05:10 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 19:05:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/06/17 19:05:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/06/17 19:05:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/06/17 19:05:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/06/17 19:05:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/06/17 19:05:10 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/06/17 19:05:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/06/17 19:05:10 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/06/17 19:05:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/17 19:05:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/06/17 19:05:10 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/06/17 19:05:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/06/17 19:05:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/06/17 19:05:10 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/06/17 19:05:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/06/17 19:05:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/06/17 19:05:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/06/17 19:05:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/06/17 19:05:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/17 19:05:10 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 19:05:10 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/06/17 19:05:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/06/17 19:05:10 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/06/17 19:05:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/06/17 19:05:10 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/06/17 19:05:10 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/06/17 19:05:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/17 19:05:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/17 19:05:09 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/06/17 19:05:09 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/17 19:05:09 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/06/17 19:05:09 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/17 19:05:09 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/17 19:05:09 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/17 19:05:09 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/06/17 19:05:09 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/06/17 19:05:09 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/17 19:05:09 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/06/17 19:05:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/06/17 19:05:09 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/17 19:05:09 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/06/17 19:05:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/06/17 19:05:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/06/17 19:05:09 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/06/17 19:05:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/06/17 19:05:09 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/06/17 19:05:09 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/06/17 19:05:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/06/17 19:05:09 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/17 19:05:09 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/06/17 19:05:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/06/17 19:05:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/06/17 19:05:09 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/06/17 19:05:09 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/17 19:05:09 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/06/17 19:05:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/06/17 19:05:09 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/06/17 19:05:09 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/06/17 19:05:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/06/17 19:05:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/06/17 19:05:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/06/17 19:05:09 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/06/17 19:05:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/06/17 19:05:09 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/06/17 19:05:09 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/17 19:05:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/06/17 19:05:09 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/16 16:01:41 | 000,007,168 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/16 15:59:29 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/06/16 15:43:05 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2011/06/14 13:40:36 | 001,483,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2011/06/14 13:04:06 | 000,000,817 | ---- | M] () -- C:\Users\Public\Desktop\Play Wizard1.lnk
[2011/06/13 19:04:16 | 001,560,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011/06/13 02:14:28 | 000,099,384 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\inst.exe
[2011/06/13 02:14:28 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Administrator\AppData\Roaming\pcouffin.sys
[2011/06/13 02:14:28 | 000,007,859 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.cat
[2011/06/13 02:14:28 | 000,001,167 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.inf
[2011/06/12 22:47:45 | 000,000,049 | ---- | M] () -- C:\Windows\disney.ini
[2011/06/12 12:34:15 | 000,001,057 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
[2011/06/10 17:35:30 | 000,603,472 | ---- | M] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2011/06/07 17:09:32 | 002,405,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/06 11:45:41 | 000,007,891 | ---- | C] () -- C:\Users\Administrator\Desktop\DxDiag.rar
[2011/07/06 10:51:00 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/07/02 11:09:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/02 10:42:10 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011/07/01 11:28:10 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll
[2011/06/28 20:37:45 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/17 19:05:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/06/17 19:05:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/06/16 15:56:13 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2011/06/16 15:43:05 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2011/06/14 13:04:06 | 000,000,817 | ---- | C] () -- C:\Users\Public\Desktop\Play Wizard1.lnk
[2011/06/13 02:14:28 | 000,099,384 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\inst.exe
[2011/06/13 02:14:28 | 000,007,859 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.cat
[2011/06/13 02:14:28 | 000,001,167 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\pcouffin.inf
[2011/06/12 22:41:30 | 000,000,049 | ---- | C] () -- C:\Windows\disney.ini
[2011/06/12 12:33:20 | 000,001,057 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/04/25 20:02:47 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/25 20:02:47 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/04 11:07:58 | 000,000,120 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Fqadiyovuzikagup.dat
[2011/04/04 11:07:58 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Yrevucor.bin
[2011/03/11 04:33:52 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010/12/20 19:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/20 18:18:37 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/16 02:47:16 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2010/11/15 23:31:51 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/11/02 20:12:59 | 002,506,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_new_5-9-08.exe
[2010/10/04 11:52:39 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010/09/11 15:14:07 | 000,007,168 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 01:58:55 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/08/13 01:58:55 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/08/13 01:58:36 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/08/13 01:58:00 | 000,033,019 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2010/06/24 09:11:21 | 000,001,424 | ---- | C] () -- C:\Windows\checkip.dat
[2010/04/16 11:45:40 | 000,000,101 | ---- | C] () -- C:\Users\Administrator\AppData\Local\fusioncache.dat
[2010/04/02 09:14:39 | 001,672,266 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/23 20:32:10 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010/02/11 21:41:01 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/23 22:43:28 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/01/23 22:43:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/22 01:39:28 | 000,270,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/01/22 01:39:27 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/01/22 01:39:27 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/10/30 20:22:06 | 000,000,022 | ---- | C] () -- C:\Windows\kodakpcd.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:24:58 | 000,034,699 | ---- | C] () -- C:\Windows\SysWow64\hlp.dat
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/15 10:42:13 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/09 11:17:01 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/03/29 20:46:01 | 000,000,254 | ---- | C] () -- C:\Windows\RomeTW.ini
[2009/03/06 19:42:11 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/03/04 17:00:12 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2009/03/03 22:04:16 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/03/03 16:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:148B621E
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:B1F714C1
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:20A5B16A
@Alternate Data Stream - 1285 bytes -> C:\Users\Administrator\AppData\Local\I9nGwUGW0:23GgljeIAGerhIwlXdRZv
@Alternate Data Stream - 1248 bytes -> C:\ProgramData\Microsoft:GyWlepTdBW1hbzgizvaTHMkP
@Alternate Data Stream - 1190 bytes -> C:\ProgramData\Microsoft:pTyev8Uz2tDr04BxYHyIEjVBaDY
@Alternate Data Stream - 1175 bytes -> C:\Program Files (x86)\Common Files\System:nDO8IqbGwHo5LJppT2dIW9
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A1160BCE
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:404800E7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:20C69EEE
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:512B5648
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:09B199F1

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP