Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

EAccessViolation with Realtek HD sound manager


  • Please log in to reply

#1
dougcb68

dougcb68

    New Member

  • Member
  • Pip
  • 9 posts
Hi-

Thanks in advance for any help you can offer. I got to this forum via the message: http://www.geekstogo...sound-manager/.

Hardware: Toshiba Tecra A9-S9018X running Windows XP, Service Pack 3.

The first indication that there was a problem was when I attempted to use Skype and the speaker would not function, although the microphone works properly. Further experimentation revealed that the speaker is not functioning in any software, including system sounds.

A further symptom is that at boot time I get a message window with Realtek HD Audio Manager in the title bar and the message EAccessViolation in the window body. This message also appears if I try to open Realtek HD Sound Effect Manager in the Control Panel.

This problem may be related to some music conversion software I downloaded:
http://software-file...p.exe?e=1310340
http://download.allm...4.2.1-Setup.exe
http://www.tunecab.c...tunecab.com.exe


Remediation efforts:
-I did a system Restore to 3 days earlier
-I went to the Toshiba web site and reloaded the Realtek HD sound manager drivers
-Searched the web for EAccessViolation and found the topic referenced above.

Thanks again for your help.

OTL Log:


OTL logfile created on: 7/10/2011 10:49:03 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Saba\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.71 Mb Total Physical Memory | 66.49 Mb Available Physical Memory | 6.55% Memory free
2.38 Gb Paging File | 1.61 Gb Available in Paging File | 67.45% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 123.80 Gb Total Space | 9.61 Gb Free Space | 7.76% Space Free | Partition Type: NTFS
Drive D: | 5.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.84 Gb Total Space | 1.82 Gb Free Space | 98.91% Space Free | Partition Type: FAT
Drive F: | 19.79 Gb Total Space | 3.59 Gb Free Space | 18.15% Space Free | Partition Type: EXT3
Drive L: | 19.79 Gb Total Space | 3.59 Gb Free Space | 18.15% Space Free | Partition Type: EXT3
Drive W: | 123.80 Gb Total Space | 9.61 Gb Free Space | 7.76% Space Free | Partition Type: NTFS
Drive X: | 123.80 Gb Total Space | 9.61 Gb Free Space | 7.76% Space Free | Partition Type: NTFS
Drive Z: | 123.80 Gb Total Space | 9.61 Gb Free Space | 7.76% Space Free | Partition Type: NTFS

Computer Name: RANDOLPH | User Name: Saba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/10 22:46:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saba\My Documents\Downloads\OTL.exe
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/06/24 01:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Saba\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/06/02 12:51:46 | 002,596,680 | ---- | M] (Mister Group) -- C:\Program Files\System Explorer\SystemExplorer.exe
PRC - [2011/03/31 14:05:16 | 000,243,712 | ---- | M] (SMServer) -- C:\WINDOWS\system32\snmvtsvc.exe
PRC - [2010/02/20 13:59:52 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2009/11/23 16:53:50 | 000,189,952 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\Asistente Infinitum\IsaMonitor.exe
PRC - [2009/10/18 21:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/07/30 21:39:12 | 001,216,648 | ---- | M] (Ext2Fsd Group (www.ext2fsd.com)) -- C:\Program Files\Ext2Fsd\Ext2Mgr.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2007/06/01 13:51:34 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/06/01 13:49:20 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/06/01 13:45:00 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/04/24 06:31:10 | 000,529,976 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe
PRC - [2007/04/13 21:16:16 | 000,311,296 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe
PRC - [2007/02/26 00:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\TOSHIBA\IVP\ISM\pinger.exe
PRC - [2007/01/09 18:23:04 | 000,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2006/10/25 11:54:24 | 003,174,912 | ---- | M] (Kirby Software) -- C:\Program Files\Kirby Alarm Pro\kirbyalarmpro.exe
PRC - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006/07/26 19:03:28 | 000,315,392 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2006/07/26 19:03:20 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2006/07/05 15:14:30 | 000,258,048 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\00THotkey.exe
PRC - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2006/05/05 20:39:54 | 000,046,592 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2006/04/26 20:35:02 | 000,090,112 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMERzCtl.exe
PRC - [2006/04/10 21:14:52 | 000,622,592 | ---- | M] (TOSHIBA Corp.) -- C:\WINDOWS\system32\TFNF5.exe
PRC - [2006/03/20 17:37:00 | 005,689,344 | ---- | M] (Gabest) -- C:\Program Files\mplayerc.exe
PRC - [2005/12/14 15:00:32 | 000,126,976 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMESRV31.exe
PRC - [2005/11/29 23:45:36 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
PRC - [2005/05/17 14:42:02 | 000,049,152 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Wireless Hotkey\TosHKCW.exe
PRC - [2005/02/18 16:50:52 | 000,065,536 | ---- | M] () -- C:\Program Files\Timer Wizard\Timer Wizard.exe
PRC - [2005/01/17 19:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2005/01/14 11:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
PRC - [2004/12/30 03:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2004/12/24 23:15:26 | 000,081,920 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMEEJME.exe


========== Modules (SafeList) ==========

MOD - [2011/07/10 22:46:30 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saba\My Documents\Downloads\OTL.exe
MOD - [2011/07/04 06:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/31 15:55:16 | 000,745,472 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\GSService.exe -- (GSService)
SRV - [2011/03/31 14:05:16 | 000,243,712 | ---- | M] (SMServer) [On_Demand | Running] -- C:\WINDOWS\System32\snmvtsvc.exe -- (SMServer)
SRV - [2010/06/25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/02/20 13:59:52 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2009/11/23 16:53:50 | 000,189,952 | ---- | M] (Fine Point Technologies, Inc.) [Auto | Running] -- C:\Program Files\Asistente Infinitum\IsaMonitor.exe -- (IsaMonitor)
SRV - [2009/11/13 11:16:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/04/24 06:31:10 | 000,529,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2007/02/26 00:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/12/14 15:00:32 | 000,126,976 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2005/01/17 19:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2005/01/14 11:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/01 00:20:46 | 000,023,608 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TucbAudio.sys -- (TucbAudio)
DRV - [2010/06/25 12:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/09/28 04:02:44 | 000,014,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/07/26 18:22:34 | 000,651,264 | ---- | M] (www.ext2fsd.com) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ext2fsd.sys -- (Ext2Fsd)
DRV - [2009/01/08 19:00:54 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DsAudioDevice_310.sys -- (DsAudioDevice_310)
DRV - [2008/08/12 22:08:14 | 000,016,896 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VirtualAudio.sys -- (wsvad_driver)
DRV - [2007/06/21 07:43:26 | 002,208,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/05/29 18:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/04/27 13:19:00 | 000,021,120 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV - [2007/04/23 18:12:28 | 004,402,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/03/26 15:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/03/09 18:23:18 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV - [2007/02/22 18:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/02/21 21:20:36 | 000,435,072 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TEchoCan.sys -- (TEchoCan)
DRV - [2007/02/19 15:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2007/02/15 19:44:06 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS -- (TVALZ)
DRV - [2007/01/24 17:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/01/23 06:13:26 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/23 19:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/05/05 21:00:02 | 000,013,568 | ---- | M] (UPEK Inc.) [File_System | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir)
DRV - [2006/05/05 20:59:52 | 000,033,024 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2)
DRV - [2006/05/05 20:33:04 | 000,003,456 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Protector Suite QL\smihlp.sys -- (smihlp)
DRV - [2005/10/18 13:48:38 | 000,154,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2004/07/16 16:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004/06/16 14:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2004/05/08 23:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/04/13 19:03:46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2003/01/29 17:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2001/12/03 12:55:14 | 000,155,264 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/12/03 12:55:12 | 000,026,560 | ---- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)
DRV - [1999/06/30 02:49:10 | 000,023,200 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppsio2.sys -- (ppsio2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://prodigy.msn.com/
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - C:\Program Files\Meep\1.5.4\MeepBar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...GO&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Saba\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Saba\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/05 08:30:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 07:10:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Meep\FF\ [2010/04/05 18:40:46 | 000,000,000 | ---D | M]

[2009/11/02 15:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Saba\Application Data\Mozilla\Extensions
[2011/07/10 12:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\extensions
[2010/03/18 00:04:34 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\extensions\[email protected](2).com
[2011/07/10 21:20:52 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\extensions\[email protected]
[2010/10/19 22:34:38 | 000,002,397 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\searchplugins\askcom.xml
[2011/07/10 12:24:34 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\searchplugins\bing-zugo.xml
[2010/01/06 09:27:09 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\searchplugins\geocommons-finder-data.xml
[2010/01/06 09:27:20 | 000,002,328 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\searchplugins\geocommons-maker-maps.xml
[2010/01/06 09:27:16 | 000,002,332 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Mozilla\Firefox\Profiles\9hnjnh3r.default\searchplugins\geocommons.xml
[2011/06/19 11:04:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/19 10:17:38 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/04/16 16:15:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/17 04:40:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/17 07:09:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/19 11:04:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\SABA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\9HNJNH3R.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
[2011/07/05 08:30:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/03 19:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 05:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 03:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 03:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 03:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/10/12 15:42:43 | 000,000,261 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 178.33.143.4 bancomer.com.mx
O1 - Hosts: 178.33.143.4 bbva.com.mx
O1 - Hosts: 178.33.143.4 bancomer.com
O1 - Hosts: 178.33.143.4 www.bancomer.com.mx
O1 - Hosts: 178.33.143.4 www.bbva.com.mx
O1 - Hosts: 178.33.143.4 www.bancomer.com
O1 - Hosts: 178.33.143.4 www.bbvanet.com.mx
O1 - Hosts: 178.33.143.4 bbvanet.com.mx
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Meep Media Downloader) - {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - C:\Program Files\Meep\1.5.4\MeepBar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Meep Media Downloader) - {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - C:\Program Files\Meep\1.5.4\MeepBar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [Ext2 Volume Manager] C:\Program Files\Ext2Fsd\Ext2Mgr.exe (Ext2Fsd Group (www.ext2fsd.com))
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [PdxRegCl] File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe ()
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RegisterDropHandler] C:\Program Files\TextBridge Pro 9.0\Bin\RegisterDropHandler.exe ()
O4 - HKLM..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TOSDCR] C:\WINDOWS\System32\TOSDCR.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [SystemExplorerAutoStart] C:\Program Files\System Explorer\SystemExplorer.exe (Mister Group)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\TextBridge Pro 9.0\Bin\RegisterDropHandler.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\subst.bat ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Timer Wizard.lnk = C:\Program Files\Timer Wizard\Timer Wizard.exe ()
O4 - Startup: C:\Documents and Settings\Saba\Start Menu\Programs\Startup\Kirby Alarm Pro.lnk = C:\Program Files\Kirby Alarm Pro\kirbyalarmpro.exe (Kirby Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - psqlpwd.dll - C:\WINDOWS\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\TosBtNP: DllName - TosBtNP.dll - C:\WINDOWS\System32\TosBtNP.dll (TOSHIBA CORPORATION)
O24 - Desktop WallPaper: C:\Documents and Settings\Saba\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Saba\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/10 14:25:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/11/09 23:14:54 | 000,000,000 | ---D | M] - C:\Automatically Add to iTunes -- [ NTFS ]
O32 - AutoRun File - [2009/08/07 12:52:34 | 000,430,592 | R--- | M] () - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009/08/07 12:52:34 | 000,067,646 | R--- | M] () - D:\Autorun.ico -- [ UDF ]
O32 - AutoRun File - [2009/08/07 12:52:34 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{08d86f1a-cf1f-11de-a08a-001f3b9a5f45}\Shell - "" = AutoRun
O33 - MountPoints2\{08d86f1a-cf1f-11de-a08a-001f3b9a5f45}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{08d86f1a-cf1f-11de-a08a-001f3b9a5f45}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{ff710995-d3d3-11df-a0e8-001f3b9a5f45}\Shell\AutoRun\command - "" = driver\usb\WONTBEENCODED2.EXE
O33 - MountPoints2\{ff710995-d3d3-11df-a0e8-001f3b9a5f45}\Shell\open\command - "" = driver\usb\WONTBEENCODED2.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/10 22:16:54 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\Saba\My Documents\My Safe
[2011/07/10 22:13:37 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2011/07/10 22:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/07/10 22:12:25 | 000,000,000 | ---D | C] -- C:\temp.realtek
[2011/07/10 21:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/07/10 21:41:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\Local Settings\Application Data\PC_Drivers_Headquarters
[2011/07/10 21:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/07/10 21:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/07/10 21:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2011/07/10 21:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneCab
[2011/07/10 12:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRIP3
[2011/07/10 11:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\Application Data\OverDrive
[2011/07/10 11:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\My Documents\My Media
[2011/07/10 11:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\OverDrive Media Console
[2011/07/09 22:40:57 | 000,243,712 | ---- | C] (SMServer) -- C:\WINDOWS\System32\snmvtsvc.exe
[2011/07/09 22:40:56 | 000,023,608 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\TucbAudio.sys
[2011/07/09 22:40:56 | 000,023,608 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\TucbAudio.sys
[2011/07/09 22:40:56 | 000,014,392 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\TucbVideo.dll
[2011/07/09 22:40:56 | 000,005,688 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\TucbVideo.sys
[2011/07/09 22:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\TuneCab
[2011/07/06 14:26:54 | 000,000,000 | ---D | C] -- C:\podcastsave
[2011/06/20 09:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\Start Menu\Programs\Google Chrome
[2011/06/19 18:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/19 10:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/06/14 15:10:04 | 005,689,344 | ---- | C] (Gabest) -- C:\Program Files\mplayerc.exe
[2011/06/13 20:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\.FBReader
[2011/06/13 20:01:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saba\Start Menu\Programs\FBReader for Windows
[2011/06/13 20:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\FBReader
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 22:50:00 | 000,000,568 | ---- | M] () -- C:\WINDOWS\tasks\vtigerCRM WorkFlow.job
[2011/07/10 22:50:00 | 000,000,562 | ---- | M] () -- C:\WINDOWS\tasks\vtigerCRM Notification Scheduler.job
[2011/07/10 22:42:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/10 22:17:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/10 22:16:45 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/10 22:16:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 22:16:37 | 1064,079,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 21:55:04 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3524702006-698442611-3979294448-1005UA.job
[2011/07/10 21:39:37 | 000,002,209 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2011/07/10 21:10:29 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/10 08:55:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3524702006-698442611-3979294448-1005Core.job
[2011/07/10 07:23:46 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\mplayerc.exe.lnk
[2011/07/10 07:23:05 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\Saba\Desktop\mplayerc.exe.lnk
[2011/07/10 06:00:01 | 000,000,696 | ---- | M] () -- C:\WINDOWS\tasks\vtigerCRM Email Reminder.job
[2011/07/10 05:00:00 | 000,000,596 | ---- | M] () -- C:\WINDOWS\tasks\vtigerCRM Recurring Invoice.job
[2011/07/09 22:41:08 | 000,001,557 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneCab.lnk
[2011/07/09 22:41:08 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneCab CDRipper.lnk
[2011/07/09 22:41:08 | 000,001,539 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneCab.lnk
[2011/07/09 22:41:08 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Buy TuneCab Now.lnk
[2011/07/05 10:11:00 | 000,001,561 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\JOSM.lnk
[2011/07/04 06:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/04 06:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/04 06:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/04 06:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/04 06:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/04 06:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/04 06:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/04 06:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/04 06:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/04 06:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/07/02 10:56:53 | 000,002,266 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/02 10:56:52 | 000,002,288 | ---- | M] () -- C:\Documents and Settings\Saba\Desktop\Google Chrome.lnk
[2011/07/02 10:37:27 | 000,476,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/02 10:37:27 | 000,085,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/26 09:01:47 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\Jasc Paint Shop Pro 9.lnk
[2011/06/19 18:22:52 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/17 07:35:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 14:41:58 | 000,002,365 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\inSSIDer 2.0.lnk
[2011/06/15 14:40:02 | 000,425,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 22:14:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/07/10 21:39:37 | 000,002,209 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2011/07/10 21:31:39 | 1064,079,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/10 07:23:46 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\mplayerc.exe.lnk
[2011/07/10 07:23:05 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Saba\Desktop\mplayerc.exe.lnk
[2011/07/09 22:41:08 | 000,001,557 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneCab.lnk
[2011/07/09 22:41:08 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneCab CDRipper.lnk
[2011/07/09 22:41:08 | 000,001,539 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneCab.lnk
[2011/07/09 22:41:08 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Buy TuneCab Now.lnk
[2011/07/09 22:40:58 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\GSService.exe
[2011/07/09 22:40:56 | 000,019,099 | ---- | C] () -- C:\WINDOWS\System32\TucbAudio.inf
[2011/07/09 22:40:56 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\TucbVideo.inf
[2011/07/09 22:40:56 | 000,002,539 | ---- | C] () -- C:\WINDOWS\System32\TucbVideo.cat
[2011/07/09 22:40:56 | 000,002,100 | ---- | C] () -- C:\WINDOWS\System32\TucbAudio.cat
[2011/06/20 09:53:51 | 000,002,288 | ---- | C] () -- C:\Documents and Settings\Saba\Desktop\Google Chrome.lnk
[2011/06/20 09:53:51 | 000,002,266 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/19 18:22:52 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/10/17 06:46:28 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/09/12 21:42:48 | 000,000,077 | ---- | C] () -- C:\WINDOWS\mydebug.ini
[2010/09/12 21:38:35 | 000,023,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\ppsio2.sys
[2010/06/30 18:06:01 | 000,000,382 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2010/06/25 12:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/06/23 10:35:39 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010/06/18 17:58:51 | 000,000,070 | ---- | C] () -- C:\WINDOWS\colorUI.INI
[2010/06/18 09:40:59 | 000,000,253 | -H-- | C] () -- C:\WINDOWS\System32\xpsys40024032.DLL
[2010/04/17 09:09:13 | 000,000,179 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/04/17 09:08:56 | 000,012,126 | ---- | C] () -- C:\WINDOWS\System32\Pixpcz.dll
[2010/04/17 09:08:56 | 000,011,934 | ---- | C] () -- C:\WINDOWS\System32\Pixpnr.dll
[2010/04/17 09:08:54 | 000,004,528 | ---- | C] () -- C:\WINDOWS\System32\Setbrows.exe
[2010/04/14 09:58:01 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\winscp.rnd
[2010/01/22 10:13:41 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/01/08 10:12:53 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\PFP120JPR.{PB
[2010/01/08 10:12:52 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Saba\Application Data\PFP120JCM.{PB
[2009/11/22 17:28:36 | 000,000,259 | ---- | C] () -- C:\WINDOWS\System32\bdemerge.ini
[2009/11/13 11:29:00 | 000,000,032 | ---- | C] () -- C:\WINDOWS\gca631.INI
[2009/11/05 09:24:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2009/11/04 10:05:05 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/11/04 08:59:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2009/11/03 22:05:26 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/11/03 22:05:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/03 21:54:07 | 000,097,792 | ---- | C] () -- C:\Documents and Settings\Saba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/03 20:57:00 | 000,000,353 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/11/02 17:24:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2009/11/02 15:46:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/11/02 15:43:58 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2009/11/02 15:43:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2009/11/02 15:43:58 | 000,010,150 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2009/11/02 15:43:58 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2009/11/02 15:39:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2009/11/02 15:39:57 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009/11/02 15:38:51 | 000,004,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2009/11/02 15:21:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/10 15:32:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/01/10 15:32:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/01/10 15:32:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/01/10 15:32:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/01/10 15:32:19 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/01/10 15:32:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/01/10 15:14:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008/01/10 15:04:54 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2008/01/10 14:30:56 | 000,000,102 | ---- | C] () -- C:\WINDOWS\System32\softkbd.exe.config
[2008/01/10 14:27:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/01/10 14:24:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/01/10 14:23:56 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/01/10 12:56:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\gtfirstboot.exe
[2008/01/10 12:56:35 | 000,000,337 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/01/10 12:52:58 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/01/10 12:52:54 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2008/01/10 12:52:52 | 000,476,022 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/01/10 12:52:52 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/01/10 12:52:52 | 000,085,572 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/01/10 12:52:52 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/01/10 12:52:49 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/01/10 12:52:48 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/01/10 12:52:45 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/01/10 12:52:35 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/01/10 12:52:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/01/10 12:52:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/01/10 12:52:05 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008/01/10 06:22:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/10 06:21:41 | 000,425,408 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/12/05 16:05:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/11/01 14:51:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\tmdekode.dll
[2004/09/01 10:49:17 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/03/18 07:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[1999/12/04 05:00:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\b3w32_30.dll
[1997/06/25 17:24:16 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\RegObj.dll

========== LOP Check ==========

[2010/10/19 08:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/04/06 13:30:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/05/01 09:50:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/06/04 10:27:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/06/19 10:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2009/12/31 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESRI
[2010/08/29 16:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/08/17 05:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\j2 Messenger 4.4 Output
[2010/01/29 12:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/07/10 21:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/08/14 16:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009/11/19 21:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickMediaConverter
[2010/08/25 17:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/06/02 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemExplorer
[2011/02/27 10:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/10 21:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010/04/18 10:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/07 14:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/04 09:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/12/09 21:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Across Lite 2.0
[2009/11/19 21:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Actecom
[2010/10/26 07:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Add-in Express
[2010/10/23 01:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\anpo.republika.pl
[2010/10/22 02:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\ASCOMP Software
[2010/07/03 16:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Beyond Sync
[2011/07/10 21:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\BitTorrent
[2010/06/08 08:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Bridge Baron 20
[2011/06/04 10:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Canon
[2011/02/15 18:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\CompanionLink
[2010/10/14 14:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\DNA
[2010/01/18 18:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\ESRI
[2010/10/23 01:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\fltk.org
[2010/10/23 04:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\GARMIN
[2010/10/23 01:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\GetRightToGo
[2011/06/19 09:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\go
[2010/02/18 16:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\gPhotoShow
[2010/08/24 09:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\gtk-2.0
[2011/06/03 09:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Instant Housecall
[2008/01/12 11:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\InterVideo
[2010/08/17 05:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\j2 Global
[2010/08/17 05:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\j2 Messenger
[2010/05/11 16:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\jah
[2011/02/09 12:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\JAM Software
[2009/11/08 17:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\JGsoft
[2011/07/06 08:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\JOSM
[2010/02/20 13:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Netscape
[2009/11/05 12:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\OpenOffice.org
[2011/07/10 11:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\OverDrive
[2010/03/27 18:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Participatory Culture Foundation
[2009/11/22 09:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\PayWin
[2010/06/06 19:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\PCF-VLC
[2010/06/30 08:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Philipp Winterberg
[2010/02/20 14:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Photodex
[2011/07/10 12:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\PriceGong
[2009/11/02 15:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Protector Suite
[2011/02/08 12:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Scendix Software
[2010/07/18 19:22:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\SecondLife
[2010/04/16 16:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\SmartDraw
[2011/02/08 12:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Softland
[2008/01/10 15:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\toshiba
[2008/01/10 14:59:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\WinBatch
[2009/12/05 23:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\Wireshark
[2010/04/29 10:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saba\Application Data\X-Chat 2
[2010/06/03 08:44:03 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
[2011/07/10 06:00:01 | 000,000,696 | ---- | M] () -- C:\WINDOWS\Tasks\vtigerCRM Email Reminder.job
[2011/07/10 22:50:00 | 000,000,562 | ---- | M] () -- C:\WINDOWS\Tasks\vtigerCRM Notification Scheduler.job
[2011/07/10 05:00:00 | 000,000,596 | ---- | M] () -- C:\WINDOWS\Tasks\vtigerCRM Recurring Invoice.job
[2011/07/10 22:50:00 | 000,000,568 | ---- | M] () -- C:\WINDOWS\Tasks\vtigerCRM WorkFlow.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F64C164
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C6B34D36
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:20087FC5
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A8E2C33

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP