Appreciate opening the topic back up
Forcing the default webpage did not get rid of the popup problem
Here is the two reports
OTL logfile created on: 11/30/2011 7:54:36 PM - Run 18
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\owner\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
501.98 Mb Total Physical Memory | 114.82 Mb Available Physical Memory | 22.87% Memory free
1.20 Gb Paging File | 0.81 Gb Available in Paging File | 67.78% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.91 Gb Total Space | 62.81 Gb Free Space | 67.60% Space Free | Partition Type: NTFS
Computer Name: TOSHIBA-USER | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/11/12 10:42:50 | 001,647,448 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/11/09 20:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011/11/09 20:01:38 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011/11/03 06:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011/11/03 06:44:24 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2011/11/01 17:21:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\owner\Desktop\OTL.exe
PRC - [2011/10/08 16:34:24 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/17 16:38:38 | 000,040,960 | R--- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/10/20 05:40:04 | 000,010,328 | R--- | M] (America Online) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
========== Modules (No Company Name) ========== MOD - [2011/11/30 11:44:55 | 001,643,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11113001\algo.dll
MOD - [2011/11/29 07:40:55 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11113001\aswRep.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/02/05 10:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/11/28 10:59:16 | 000,876,544 | R--- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005/11/28 10:59:16 | 000,208,965 | R--- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005/11/28 10:59:16 | 000,053,322 | R--- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (Swupdtmr)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (AdvancedSystemCareService)
SRV - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/11/09 20:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/11/03 06:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011/10/08 16:34:24 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/25 14:14:34 | 000,053,248 | R--- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/03/29 07:51:54 | 000,068,000 | R--- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/12/20 11:22:14 | 000,035,328 | R--- | M] (TOSHIBA Corp.) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/01/17 16:38:38 | 000,040,960 | R--- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/10/20 05:40:04 | 000,010,328 | R--- | M] (America Online) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2004/10/15 12:54:14 | 000,100,016 | R--- | M] (America Online, Inc) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
SRV - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2004/06/29 09:29:30 | 000,184,373 | R--- | M] () [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe -- (AOLService)
========== Driver Services (SafeList) ========== DRV - [2011/11/09 20:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/11/03 06:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011/10/08 16:04:42 | 000,239,472 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/20 13:29:32 | 000,016,208 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 13:29:30 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 13:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/11/26 17:02:52 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008/07/28 11:29:58 | 000,160,792 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctfw2.sys -- (pctfw2)
DRV - [2008/04/13 10:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP)
DRV - [2006/01/07 11:09:50 | 000,007,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Samhid.sys -- (samhid)
DRV - [2005/12/09 16:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/12/04 09:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/30 11:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/30 10:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 11:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/15 09:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 14:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 15:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/06/02 03:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/12 00:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 12:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Google, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KB, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Movies, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Weather, =
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "
http://www.google.co...-8&oe=UTF-8&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.103: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4C00B1D8-FCFF-4EEA-ACB8-346CF65599D9}: C:\Documents and Settings\owner\Local Settings\Application Data\{4C00B1D8-FCFF-4EEA-ACB8-346CF65599D9}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D148F54C-3063-4DA4-807F-FE55A71C9076}: C:\Documents and Settings\owner\Local Settings\Application Data\{D148F54C-3063-4DA4-807F-FE55A71C9076}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/20 19:03:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/11/12 08:18:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/12 09:33:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/20 19:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/20 19:04:48 | 000,000,000 | ---D | M]
[2011/06/17 20:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Extensions
[2011/11/12 08:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\nk4pu3ra.default\extensions
[2010/01/13 18:25:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\nk4pu3ra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/13 18:25:08 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\nk4pu3ra.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/11/12 08:18:15 | 000,000,000 | ---D | M] (ZoneAlarm Security Community Toolbar) -- C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\nk4pu3ra.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
[2010/04/25 19:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/05/22 17:04:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/25 19:38:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2007/05/22 17:03:47 | 000,000,000 | ---D | M] (Real Networks Settings) -- C:\Program Files\Mozilla Firefox\extensions\
[email protected][2010/01/15 09:05:35 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\
[email protected]File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\APPLICATION DATA\{4C00B1D8-FCFF-4EEA-ACB8-346CF65599D9}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\APPLICATION DATA\{D148F54C-3063-4DA4-807F-FE55A71C9076}
[2010/04/07 14:52:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 08:26:02 | 000,142,296 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/15 09:05:16 | 000,067,688 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2010/01/15 09:05:16 | 000,054,368 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2010/01/15 09:05:17 | 000,034,944 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2010/01/15 09:05:19 | 000,046,712 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2010/01/15 09:05:19 | 000,172,136 | R--- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2010/04/12 16:29:19 | 000,411,368 | R--- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 00:00:00 | 000,002,252 | R--- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ========== CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2011/11/30 17:01:48 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF834CEA-88BF-4650-BECC-A00FDB4C3D29}: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\owner\Local Settings\Application Data\Microsoft\Wallpaper3.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\owner\Local Settings\Application Data\Microsoft\Wallpaper3.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 07:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/11/30 16:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\RK_Quarantine
[2011/11/24 20:53:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\owner\Recent
[2011/11/24 20:40:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/24 13:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\ArcSoft
[2011/11/24 13:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\HP SimpleSave Application
[2011/11/24 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/11/24 12:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Zone Labs
[2011/11/24 12:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Yahoo!
[2011/11/24 12:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Windows Plus
[2011/11/24 12:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Windows NT
[2011/11/24 12:16:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Windows Media Player
[2011/11/24 12:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Windows Media Connect 2
[2011/11/24 12:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Windows Installer Clean Up
[2011/11/24 12:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\WildTangent
[2011/11/24 12:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\VS Revo Group
[2011/11/24 12:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Viewpoint
[2011/11/24 12:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\VideoLAN
[2011/11/24 12:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Veoh Networks
[2011/11/24 12:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Toshiba Games
[2011/11/24 12:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\TOSHIBA
[2011/11/24 12:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Synaptics
[2011/11/24 12:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\SpywareBlaster
[2011/11/24 12:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/24 12:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Sonic
[2011/11/24 12:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Realtek
[2011/11/24 12:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Real
[2011/11/24 12:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\QuickTime
[2011/11/24 12:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Pure Networks
[2011/11/24 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Outlook Express
[2011/11/24 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\NOS
[2011/11/24 12:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\NetMeeting
[2011/11/24 12:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\MSN Gaming Zone
[2011/11/24 12:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\MSN
[2011/11/24 12:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\MSECACHE
[2011/11/24 12:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Mozilla Firefox
[2011/11/24 12:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Movie Maker
[2011/11/24 12:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Microsoft Visual Studio
[2011/11/24 12:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Microsoft Office
[2011/11/24 12:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Metamail Inc
[2011/11/24 12:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Messenger
[2011/11/24 12:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/24 12:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\ltmoh
[2011/11/24 12:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Java
[2011/11/24 12:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\IObit
[2011/11/24 12:14:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\InterVideo
[2011/11/24 12:14:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Internet Explorer
[2011/11/24 12:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Intel
[2011/11/24 12:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\InstallShield Installation Information
[2011/11/24 12:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\illiminable
[2011/11/24 12:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Google
[2011/11/24 12:14:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\GemMaster
[2011/11/24 12:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\FLV Player
[2011/11/24 12:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\ESPNMotion
[2011/11/24 12:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\EnglishOtto
[2011/11/24 12:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\DVD-RAM
[2011/11/24 12:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\DivX
[2011/11/24 12:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\DIGStream
[2011/11/24 12:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Common Files
[2011/11/24 12:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\CheckPoint
[2011/11/24 12:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Centra
[2011/11/24 12:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\AVerMedia
[2011/11/24 12:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\AVAST Software
[2011/11/24 12:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\America Online 9.0
[2011/11/24 12:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Adobe
[2011/11/24 12:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Desktop\recovery
[2011/11/20 21:55:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/20 21:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/20 21:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/11/20 21:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/11/20 21:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/20 21:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/11/20 21:08:09 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\owner\Desktop\spybotsd162.exe
[2011/11/20 20:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 5
[2011/11/18 21:02:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/11/18 20:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\VS Revo Group
[2011/11/18 20:47:32 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2011/11/18 20:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2011/11/18 20:47:29 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/11/18 20:46:21 | 007,860,512 | ---- | C] (VS Revo Group ) -- C:\Documents and Settings\owner\Desktop\RevoUninProSetup.exe
[2011/11/15 20:13:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8
[2011/11/12 09:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/11/12 09:35:15 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/12 09:35:15 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/12 09:34:53 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/12 09:34:52 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/12 09:34:50 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/12 09:34:49 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/12 09:34:49 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/12 09:34:48 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/12 09:33:08 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/12 09:33:05 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/12 09:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/11/12 09:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/12 08:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/11/12 08:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\My Documents\ForceField Shared Files
[2011/11/12 08:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Application Data\CheckPoint
[2011/11/12 08:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011/11/12 08:18:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\Conduit
[2011/11/12 08:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Local Settings\Application Data\temp
[2011/11/12 08:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Check Point
[2011/11/12 08:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2011/11/12 08:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/11/05 16:34:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/04 21:02:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/11/04 20:27:41 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/11/04 20:27:34 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/11/04 20:26:55 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/11/04 20:26:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/11/04 20:26:09 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/11/04 20:26:05 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/11/04 20:25:56 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/11/04 20:25:31 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/11/04 20:25:16 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/11/04 20:25:12 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/11/04 20:25:09 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/11/04 20:25:03 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/11/04 20:24:58 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/11/04 20:24:54 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/11/04 20:24:50 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/11/04 20:24:33 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/11/04 20:24:17 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/11/04 20:24:13 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/11/04 20:24:09 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/11/04 20:24:01 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/11/04 20:23:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/11/04 20:23:25 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/11/04 20:23:21 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/11/04 20:23:06 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/11/04 20:23:03 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/11/04 20:22:59 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/11/04 20:22:55 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/11/04 20:22:51 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/11/04 20:22:48 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/11/04 20:22:14 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/11/04 20:22:09 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/11/04 20:22:05 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/11/04 20:22:04 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/11/04 20:21:59 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/11/04 20:21:55 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/11/04 20:21:42 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/11/04 20:21:38 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/11/04 20:20:53 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/11/04 20:20:49 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/11/04 20:20:46 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/11/04 20:20:42 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/11/04 20:20:36 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/11/04 20:20:16 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2011/11/04 20:19:46 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/11/04 20:19:42 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/11/04 20:19:39 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/11/04 20:19:35 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/11/04 20:19:32 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/11/04 20:19:06 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/11/04 20:19:03 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/11/04 20:18:59 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/11/04 20:18:50 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/11/04 20:18:21 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/11/04 20:18:17 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/11/04 20:18:14 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/11/04 20:18:10 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/11/04 20:17:45 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/11/04 20:17:38 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/11/04 20:17:35 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/11/04 20:17:19 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/11/04 20:17:15 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/11/04 20:17:12 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/11/04 20:17:09 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/11/04 20:17:06 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/11/04 20:17:02 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/11/04 20:16:59 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/11/04 20:16:56 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/11/04 20:16:52 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/11/04 20:16:46 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/11/04 20:16:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/11/04 20:16:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/11/04 20:16:42 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/11/04 20:16:41 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/11/04 20:16:39 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/11/04 20:16:26 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/11/04 20:16:19 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/11/04 20:16:15 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/11/04 20:16:11 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/11/04 20:15:57 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/11/04 20:15:53 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/11/04 20:15:23 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/11/04 20:15:19 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/11/04 20:15:16 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/11/04 20:15:04 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/11/04 20:14:08 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/11/04 20:13:55 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/11/04 20:13:52 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/11/04 20:13:49 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/11/04 20:13:08 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/11/04 20:13:04 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/11/04 20:13:00 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/11/04 20:12:57 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/11/04 20:12:38 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/11/04 20:12:10 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/11/04 20:12:07 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/11/04 20:12:01 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/11/04 20:11:53 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/11/04 20:11:50 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/11/04 20:11:41 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/11/04 20:11:38 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/11/04 20:11:35 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/11/04 20:11:32 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/11/04 20:11:29 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/11/04 20:11:26 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/11/04 20:11:17 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/11/04 20:11:14 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/11/04 20:11:11 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/11/04 20:11:08 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/11/04 20:11:04 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/11/04 20:10:12 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2011/11/04 20:09:38 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/11/04 20:09:17 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/11/04 20:09:14 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/11/04 20:09:13 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/11/04 20:09:10 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/11/04 20:09:09 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/11/04 20:09:06 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/11/04 20:08:57 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/11/04 20:08:55 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/11/04 20:08:52 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/11/04 20:08:49 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/11/04 20:08:45 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/11/04 20:08:42 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/11/04 20:08:02 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/11/04 20:07:15 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/11/04 20:05:35 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/11/04 20:05:26 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/11/04 20:04:58 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/11/04 20:04:56 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/11/04 20:04:53 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/11/04 20:04:40 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/11/04 20:04:34 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/11/04 20:04:32 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/11/04 20:04:28 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/11/04 20:04:26 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/11/04 20:04:23 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/11/04 20:04:22 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/11/04 20:04:07 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/11/04 20:04:03 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/11/04 20:04:01 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/11/04 20:02:36 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/11/04 20:02:32 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/11/04 20:02:23 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/11/04 20:02:21 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/11/04 20:02:20 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/11/04 20:02:15 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/11/04 20:02:14 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/11/04 20:02:13 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/11/04 20:02:12 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/11/04 20:02:10 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/11/04 20:01:50 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/11/04 20:01:49 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/11/04 20:01:45 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/11/04 20:01:23 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/11/04 20:01:21 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/11/04 20:01:20 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/11/04 20:01:19 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/11/04 20:01:18 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/11/04 20:01:17 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/11/04 20:01:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/11/04 20:01:14 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/11/04 20:01:06 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/11/04 20:00:52 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/11/04 20:00:45 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/11/04 20:00:40 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/11/04 20:00:39 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/11/04 20:00:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/11/04 20:00:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/11/04 20:00:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/11/04 20:00:34 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/11/04 20:00:33 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/11/04 20:00:32 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/11/04 20:00:31 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/11/04 20:00:30 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/11/04 20:00:28 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/11/04 20:00:27 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/11/04 19:59:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/11/04 19:59:53 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/11/04 19:59:53 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/11/04 19:59:52 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/11/04 19:59:51 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/11/04 19:59:51 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/11/04 19:59:50 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/11/04 19:59:49 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/11/04 19:59:48 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/11/04 19:59:47 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/11/04 19:59:46 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/11/04 19:59:45 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/11/04 19:59:44 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/11/04 19:59:44 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/11/04 19:59:43 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/11/04 19:59:42 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/11/04 19:59:42 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/11/04 19:59:41 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/11/04 19:59:38 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/11/04 19:59:34 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/11/04 19:59:34 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/11/04 19:59:33 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/11/04 19:59:32 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/11/04 19:59:32 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/11/04 19:59:31 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/11/04 19:59:31 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/11/04 19:59:11 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/11/04 19:59:05 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/11/04 19:58:54 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/11/04 19:58:52 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/11/04 19:58:51 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/11/04 19:58:51 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/11/04 19:58:51 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/11/04 19:58:49 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/11/04 19:58:46 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/11/04 19:58:46 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/11/04 19:58:45 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/11/04 19:58:44 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/11/04 19:58:44 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/11/04 19:19:37 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2011/11/04 19:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\owner\Start Menu\Programs\Tweaking.com
[2011/11/04 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2011/11/02 15:10:39 | 004,280,796 | R--- | C] (Swearware) -- C:\Documents and Settings\owner\Desktop\ComboFix.exe
[2006/02/15 08:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[1 C:\Documents and Settings\owner\Desktop\*.tmp files -> C:\Documents and Settings\owner\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/11/30 20:06:07 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3425365616-2220058473-2887799412-1005.job
[2011/11/30 19:52:20 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/30 19:43:01 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3425365616-2220058473-2887799412-1005.job
[2011/11/30 19:42:35 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/30 19:42:26 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/11/30 19:42:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/30 19:42:05 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/30 17:01:48 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/11/30 16:19:31 | 000,111,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/30 16:04:37 | 000,751,616 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\RogueKiller.exe
[2011/11/29 16:20:47 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/24 21:36:51 | 000,000,055 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Windows XP Tips - Ramesh.url
[2011/11/24 13:17:57 | 000,054,156 | ---- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/11/24 12:12:49 | 000,002,258 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Repair.vbs
[2011/11/24 12:07:55 | 000,007,252 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\admintools.zip
[2011/11/24 12:04:18 | 000,014,797 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\accrestore.zip
[2011/11/21 20:55:11 | 000,025,214 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\image002.jpg
[2011/11/21 20:54:58 | 000,026,053 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\DSCN0154.jpg
[2011/11/20 21:08:08 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\owner\Desktop\spybotsd162.exe
[2011/11/18 20:47:35 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2011/11/18 20:46:26 | 007,860,512 | ---- | M] (VS Revo Group ) -- C:\Documents and Settings\owner\Desktop\RevoUninProSetup.exe
[2011/11/16 21:59:22 | 000,000,279 | -HS- | M] () -- C:\boot.ini
[2011/11/16 21:42:54 | 000,000,284 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\reset.zip
[2011/11/16 21:42:24 | 000,379,392 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\subinacl.msi
[2011/11/15 20:16:44 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011/11/15 20:02:11 | 000,415,916 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/11/15 19:24:37 | 000,662,016 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\MicrosoftFixit50123.msi
[2011/11/12 09:51:09 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/06 17:04:18 | 000,088,779 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\avz_sysinfo.htm
[2011/11/06 17:04:18 | 000,028,311 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\avz_sysinfo.xml
[2011/11/06 17:04:18 | 000,016,209 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\avptool_sysinfo.zip
[2011/11/06 08:30:55 | 000,446,386 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 08:30:55 | 000,073,426 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/04 21:06:12 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/04 21:04:39 | 000,278,944 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/04 21:02:28 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2011/11/04 20:59:12 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/11/04 20:59:12 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/11/04 19:18:05 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2011/11/04 19:15:35 | 003,451,220 | ---- | M] () -- C:\Documents and Settings\owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2011/11/02 15:37:23 | 004,280,796 | R--- | M] (Swearware) -- C:\Documents and Settings\owner\Desktop\ComboFix.exe
[2011/11/01 17:21:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\owner\Desktop\OTL.exe
[1 C:\Documents and Settings\owner\Desktop\*.tmp files -> C:\Documents and Settings\owner\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/11/30 16:05:56 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/30 16:04:33 | 000,751,616 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\RogueKiller.exe
[2011/11/24 21:00:15 | 526,438,400 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/24 12:12:53 | 000,002,258 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Repair.vbs
[2011/11/24 12:08:46 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Windows XP Tips - Ramesh.url
[2011/11/24 12:08:23 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\AdminTools.exe
[2011/11/24 12:07:55 | 000,007,252 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\admintools.zip
[2011/11/24 12:05:51 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\AccRestore.exe
[2011/11/24 12:05:32 | 000,014,797 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\accrestore.zip
[2011/11/21 20:55:13 | 000,025,214 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\image002.jpg
[2011/11/21 20:55:03 | 000,026,053 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\DSCN0154.jpg
[2011/11/20 20:43:35 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2011/11/18 20:47:35 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2011/11/16 21:56:31 | 000,000,369 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\reset.cmd
[2011/11/16 21:55:37 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\reset.zip
[2011/11/16 21:42:22 | 000,379,392 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\subinacl.msi
[2011/11/15 20:54:28 | 000,000,814 | R--- | C] () -- C:\Documents and Settings\owner\Desktop\Internet Explorer (2).lnk
[2011/11/15 20:54:22 | 000,000,814 | R--- | C] () -- C:\Documents and Settings\owner\Desktop\Copy of Internet Explorer.lnk
[2011/11/15 20:16:44 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011/11/15 19:24:35 | 000,662,016 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\MicrosoftFixit50123.msi
[2011/11/12 08:20:25 | 000,415,916 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/11/05 20:43:40 | 000,088,779 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\avz_sysinfo.htm
[2011/11/05 20:43:40 | 000,028,311 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\avz_sysinfo.xml
[2011/11/05 20:43:08 | 000,016,209 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\avptool_sysinfo.zip
[2011/11/04 21:06:12 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/11/04 20:27:31 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/11/04 20:27:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/11/04 20:08:36 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/11/04 20:07:29 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/11/04 20:05:33 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/11/04 20:05:28 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/11/04 20:05:23 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/11/04 20:05:19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/11/04 20:05:13 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/11/04 20:04:59 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/11/04 20:02:19 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/11/04 20:02:18 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/11/04 20:02:17 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/11/04 19:59:25 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/11/04 19:59:25 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/11/04 19:59:24 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/11/04 19:59:23 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/11/04 19:59:23 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/11/04 19:59:22 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/11/04 19:59:22 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/11/04 19:59:21 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/11/04 19:59:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/11/04 19:59:15 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/11/04 19:18:05 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2011/11/04 19:15:36 | 003,451,220 | ---- | C] () -- C:\Documents and Settings\owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2011/09/20 11:37:10 | 000,025,944 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/09/20 11:37:09 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/07/09 14:12:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/07/09 14:12:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/07/09 14:12:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/07/09 14:12:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/07/09 14:12:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/24 15:02:40 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/24 15:02:40 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/06/14 22:14:20 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.9.76924.507_XP_Vista_x32.INI
[2009/05/23 19:33:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2009/02/08 16:39:03 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.5.57173.439_XP_Vista_x32.INI
[2009/01/28 06:35:03 | 000,000,562 | R--- | C] () -- C:\Documents and Settings\owner\Application Data\wklnhst.dat
[2008/09/07 09:29:43 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/09/01 11:12:06 | 000,001,156 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/05/06 19:04:48 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\sam.ini
[2007/05/06 18:55:17 | 000,007,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\Samhid.sys
[2007/05/06 18:55:16 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\FDRpage.dll
[2007/05/06 18:54:53 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\CreateDir.exe
[2006/12/23 08:53:25 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2006/12/23 08:52:52 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2006/12/23 08:52:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2006/10/07 21:01:23 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/24 22:06:34 | 000,069,632 | R--- | C] () -- C:\Documents and Settings\owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/24 09:42:46 | 000,000,128 | R--- | C] () -- C:\Documents and Settings\owner\Local Settings\Application Data\fusioncache.dat
[2006/06/05 19:40:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/05 19:37:46 | 000,004,528 | R--- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2006/02/24 23:02:55 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/02/24 20:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/02/16 07:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/02/16 01:55:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/16 01:50:52 | 000,000,302 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 01:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/16 01:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/16 01:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/16 01:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/16 01:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/16 01:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/15 08:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/15 08:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/15 08:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/15 08:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/15 08:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/15 08:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/15 08:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/15 08:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/15 08:21:55 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2006/02/15 08:21:55 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2006/02/15 08:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/02/15 08:21:53 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/02/15 07:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/15 07:41:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/02/15 07:35:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/02/15 07:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/15 06:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/02/15 06:03:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/15 06:03:40 | 000,446,386 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/15 06:03:40 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/15 06:03:40 | 000,073,426 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/15 06:03:40 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/15 06:03:34 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/15 06:03:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/15 06:03:27 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/02/15 06:03:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/15 06:03:05 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/15 06:02:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/15 06:02:16 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/14 23:30:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/02/14 23:29:32 | 000,278,944 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/11/28 20:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/24 15:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
========== LOP Check ========== [2011/01/23 18:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/11/12 09:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/12/23 16:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/04/17 16:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/11/12 08:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2010/12/22 20:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2006/02/17 01:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2011/07/22 19:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Giraffic
[2011/10/24 14:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\INFECTED
[2011/11/20 20:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/10/25 17:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LOGFILES
[2010/12/22 20:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/25 18:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\REPORTS
[2011/11/20 21:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/09/06 18:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/09/22 19:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/06/06 21:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2009/12/22 22:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/12/22 21:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\AVG10
[2009/10/28 14:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Centra
[2011/11/12 08:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\CheckPoint
[2009/01/10 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\fltk.org
[2007/01/24 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\InterVideo
[2011/11/20 20:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\IObit
[2009/09/14 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Logs
[2009/09/14 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\OfficeUpdate12
[2009/10/28 14:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Saba
[2009/01/28 06:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Template
[2006/02/16 01:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\toshiba
[2007/09/06 18:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\Viewpoint
[2006/09/22 19:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\owner\Application Data\WildTangent
[2011/11/30 19:42:26 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
RogueKiller V6.1.11 [11/30/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback:
http://www.geekstogo...13-roguekiller/Blog:
http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: owner [Admin rights]
Mode: Shortcuts HJfix -- Date : 11/30/2011 16:14:42
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 32 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 10 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 23976 / Fail 0
My documents: Success 2 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 154 / Fail 0
Backup: [NOT FOUND]
Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : ¤¤¤
Finished : << RKreport[1].txt >>
RKreport[1].txt