Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slooow Computer


  • Please log in to reply

#1
smoke~water

smoke~water

    Member

  • Member
  • PipPip
  • 28 posts
Hi, I hope someone on here can help.. My laptop has been running very slow recently, I mean whenever I try to open anything it takes a good while for it to open, be it the web or folders or files. It also sounds like the computer is constantly trying to install updates, but I already manually checked to see if there were any windows or avast! updates needed and my computer is still the same. I also noticed that Flash kept crashing and Chrome takes a ton of memory to run, and the laptop overheats fast, which it didn't really do before. Anyway, I ran Avast and Malwarebytes but neither caught anything, so I decided to post here to see if you guys might help me check to see if there's any hidden malware.
Last thing: we also have a desktop comp, in which i found a program called winpcap. I kind of understood that it can be used to track internet traffic? My brother uses that computer but says he didn't install it, our wireless network is secured, but is it possible that someone got access to the desktop comp?

Here is the OTL log:


OTL logfile created on: 6/1/2012 4:00:22 PM - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\Roberto\My Documents\Downloads
Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.85 Mb Total Physical Memory | 163.62 Mb Available Physical Memory | 16.12% Memory free
2.39 Gb Paging File | 1.31 Gb Available in Paging File | 54.80% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 51.19 Gb Total Space | 7.79 Gb Free Space | 15.22% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-USER | User Name: Me | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/01 15:58:14 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roberto\My Documents\Downloads\OTL.exe
PRC - [2012/05/22 18:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/03/06 16:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 16:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/06/09 13:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/07 02:50:14 | 000,538,096 | ---- | M] ( ) -- C:\WINDOWS\system32\dlbtcoms.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/08/07 20:37:52 | 000,233,554 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
PRC - [2006/08/02 00:32:44 | 000,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/08/02 00:27:54 | 000,479,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/05/05 17:39:54 | 000,046,592 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2006/03/19 16:33:42 | 001,130,578 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\TOSHIBA RAID\Console\KRaidMan.exe
PRC - [2006/03/17 19:01:22 | 000,049,152 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\Toshiba\TOSHIBA RAID\Service\krdevctl.exe
PRC - [2006/03/16 13:58:50 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2006/03/10 12:01:56 | 000,110,592 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSODDCtl.exe
PRC - [2006/03/10 12:01:54 | 000,315,392 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2006/03/10 12:01:44 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2006/02/22 17:41:00 | 000,086,016 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMERzCtl.exe
PRC - [2006/01/17 16:20:38 | 000,258,048 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\00THotkey.exe
PRC - [2005/12/20 12:46:20 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\ThpSrv.exe
PRC - [2005/12/14 12:00:32 | 000,126,976 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMESRV31.exe
PRC - [2005/11/29 20:45:36 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
PRC - [2005/11/29 16:37:22 | 000,266,240 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Rotation Utility\TRot.exe
PRC - [2005/11/17 15:44:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
PRC - [2005/11/10 11:47:44 | 000,192,512 | ---- | M] (TOSHIBA Corp.) -- C:\WINDOWS\system32\TFNF5.exe
PRC - [2005/10/06 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/10/05 12:33:46 | 000,344,144 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TAudEffect\TAudEff.exe
PRC - [2005/09/20 17:06:02 | 000,798,720 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
PRC - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2005/06/28 20:43:00 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TouchED\TouchED.exe
PRC - [2005/05/23 16:21:36 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/05/17 11:42:02 | 000,049,152 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Wireless Hotkey\TosHKCW.exe
PRC - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/12/30 00:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2004/12/16 11:56:52 | 000,090,112 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
PRC - [2004/08/28 00:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/08/18 03:37:44 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2004/06/30 16:29:34 | 000,049,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Acceleration Utilities\Shaker\TSkrMain.exe
PRC - [2004/02/24 15:57:32 | 000,077,824 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMETEMnu.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/01 04:24:02 | 001,765,376 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12060100\algo.dll
MOD - [2012/05/22 18:56:50 | 000,441,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
MOD - [2012/05/22 18:56:49 | 003,922,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/22 18:55:24 | 000,134,696 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/22 18:55:23 | 000,250,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/22 18:55:21 | 002,375,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/20 19:26:16 | 008,797,856 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/05/08 19:00:45 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/08 18:59:35 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/08 18:53:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/08 18:53:35 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll
MOD - [2012/05/08 18:52:57 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll
MOD - [2012/05/08 18:50:21 | 001,179,648 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.3300.0__b77a5c561934e089\system.dll
MOD - [2012/05/08 18:49:26 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/08 18:49:09 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/02 16:17:36 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2012/05/02 16:17:35 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/09/30 21:20:09 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC\SKLibrary\1.7.2600.5512__31bf3856ad364e35\SKLibrary.dll
MOD - [2008/09/30 21:20:09 | 000,012,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC\SoftKeyboardLogic\1.7.2600.5512__31bf3856ad364e35\SoftKeyboardLogic.dll
MOD - [2008/09/30 21:20:09 | 000,009,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.SoftKeyboardInterface\1.7.2600.5512__31bf3856ad364e35\Interop.SoftKeyboardInterface.dll
MOD - [2006/09/11 15:35:27 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\interop.tipcomponents\1.7.2600.2180__31bf3856ad364e35\interop.tipcomponents.dll
MOD - [2006/08/02 00:26:20 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/08/02 00:24:54 | 000,348,160 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/06/23 13:07:08 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/05/20 19:32:33 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/06 16:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/30 07:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.Net\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/13 17:12:38 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 17:12:29 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 17:12:14 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 17:11:59 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 17:11:57 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 17:11:49 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/07 02:50:14 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\dlbtcoms.exe -- (dlbt_device)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/08/07 20:37:52 | 000,233,554 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe -- (kraidsvc)
SRV - [2005/12/20 12:46:20 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2005/12/14 12:00:32 | 000,126,976 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/03/06 16:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 16:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 16:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 16:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 16:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 16:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 15:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/13 12:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 11:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2006/09/11 19:13:20 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/08/02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/05/05 18:00:02 | 000,013,568 | ---- | M] (UPEK Inc.) [File_System | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir)
DRV - [2006/05/05 17:59:52 | 000,033,024 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2)
DRV - [2006/05/05 17:33:04 | 000,003,456 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Protector Suite QL\smihlp.sys -- (smihlp)
DRV - [2006/02/14 18:50:52 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10I.sys -- (KR10I)
DRV - [2005/12/26 17:59:42 | 000,595,072 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TEchoCan.sys -- (TEchoCan)
DRV - [2005/12/26 14:33:26 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TVALZ.SYS -- (TVALZ)
DRV - [2005/12/12 15:32:54 | 001,083,576 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/30 10:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/15 09:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/06 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/27 16:01:14 | 000,215,552 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10I2K.sys -- (KR10I2K)
DRV - [2005/09/09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 15:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/06/10 13:26:00 | 000,035,968 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005/06/02 03:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2004/12/27 23:31:50 | 000,016,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\thpdrv.sys -- (Thpdrv)
DRV - [2004/11/13 12:24:52 | 000,006,144 | R--- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Thpevm.sys -- (Thpevm)
DRV - [2004/08/04 05:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/04 05:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/04 05:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/06/16 11:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2004/05/08 20:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 13:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/09/12 22:48:50 | 000,008,832 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TBtnKey.sys -- (TBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...q={searchTerms}
IE - HKCU\..\SearchScopes\{69186773-0241-412D-84DD-427A9303A0D0}: "URL" = http://www.google.co...&rlz=1I7TSHB_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5 (861) (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_1\
CHR - Extension: Google Search = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Documents and Settings\Roberto\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe (TOSHIBA)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL ()
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Kraidman] c:\Program Files\Toshiba\TOSHIBA RAID\Console\KRaidMan.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TAcelMgr] C:\Program Files\Toshiba\Acceleration Utilities\TAcelMgr\TAcelMgr.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE (TOSHIBA)
O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TouchED] C:\Program Files\Toshiba\TouchED\TouchED.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRot.exe] c:\Program Files\Toshiba\TOSHIBA Rotation Utility\TRot.exe (TOSHIBA)
O4 - HKLM..\Run: [TSkrMain] C:\Program Files\Toshiba\Acceleration Utilities\Shaker\TSkrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Roberto\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Roberto\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1209952276180 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45F34E1E-5F73-4B19-8996-909FD05DABF4}: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (ynexjl.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (psqlpwd.dll) - C:\WINDOWS\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\TosBtNP: DllName - (TosBtNP.dll) - C:\WINDOWS\System32\TosBtNP.dll (TOSHIBA CORPORATION)
O20 - Winlogon\Notify\TSigNP: DllName - (TSigNP.dll) - C:\WINDOWS\System32\TSigNP.dll (TOSHIBA)
O24 - Desktop Components:0 (Ink Desktop) - {80E95280-2D38-3CB8-A215-FB5F14C4343E}
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Roberto\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roberto\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/19 20:32:04 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\Roberto\My Documents\My Safe

========== Files - Modified Within 30 Days ==========

[2012/06/01 16:02:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/01 15:32:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/01 13:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2012/06/01 13:36:34 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2012/05/31 22:54:31 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2012/05/31 15:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2012/05/31 14:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2012/05/30 21:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2012/05/30 18:49:16 | 000,135,167 | ---- | M] () -- C:\Documents and Settings\Roberto\Desktop\Acapulcosyay.JPG
[2012/05/30 08:58:31 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2012/05/29 22:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2012/05/29 20:52:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2012/05/29 19:52:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2012/05/29 18:51:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2012/05/29 17:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2012/05/23 19:06:07 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/05/23 18:27:04 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\Roberto\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/19 20:34:35 | 000,001,193 | ---- | M] () -- C:\Documents and Settings\Roberto\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2012/05/19 20:29:26 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/19 20:29:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/19 20:29:13 | 1064,222,720 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/17 12:05:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2012/05/17 12:05:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2012/05/16 22:04:28 | 005,774,417 | ---- | M] () -- C:\Documents and Settings\Roberto\My Documents\theimagineers_latelateshowtheme.m4a
[2012/05/12 13:21:15 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/05/08 19:09:30 | 000,254,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/08 18:52:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/08 18:48:27 | 000,447,262 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/08 18:48:27 | 000,073,944 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/08 18:21:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/02 17:50:18 | 000,045,204 | ---- | M] () -- C:\Documents and Settings\Roberto\My Documents\Front-Cover-Supertramp.jpg
[2012/05/02 17:49:47 | 000,138,790 | ---- | M] () -- C:\Documents and Settings\Roberto\My Documents\Supertramp 1979.jpg
[2012/05/02 17:48:09 | 000,049,628 | ---- | M] () -- C:\Documents and Settings\Roberto\My Documents\Getnloose.jpeg
[2012/05/02 17:46:18 | 000,051,550 | ---- | M] () -- C:\Documents and Settings\Roberto\My Documents\supertramp_-_breakfast_in_america_a(3).jpeg

========== Files Created - No Company Name ==========

[2012/05/30 18:49:15 | 000,135,167 | ---- | C] () -- C:\Documents and Settings\Roberto\Desktop\Acapulcosyay.JPG
[2012/05/20 19:26:20 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/16 22:04:15 | 005,774,417 | ---- | C] () -- C:\Documents and Settings\Roberto\My Documents\theimagineers_latelateshowtheme.m4a
[2012/05/08 18:23:30 | 001,023,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nbdoc.dll
[2012/05/02 17:50:20 | 000,045,204 | ---- | C] () -- C:\Documents and Settings\Roberto\My Documents\Front-Cover-Supertramp.jpg
[2012/05/02 17:49:58 | 000,138,790 | ---- | C] () -- C:\Documents and Settings\Roberto\My Documents\Supertramp 1979.jpg
[2012/05/02 17:48:11 | 000,049,628 | ---- | C] () -- C:\Documents and Settings\Roberto\My Documents\Getnloose.jpeg
[2012/05/02 17:46:32 | 000,051,550 | ---- | C] () -- C:\Documents and Settings\Roberto\My Documents\supertramp_-_breakfast_in_america_a(3).jpeg
[2012/02/15 23:44:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

========== LOP Check ==========

[2006/09/11 18:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix
[2006/09/11 18:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agilix GoBinder
[2010/03/01 14:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/03/24 00:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/08/29 20:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2011/07/22 23:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2006/09/11 19:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/09/23 19:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/03/19 00:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/10/04 18:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\.minecraft
[2011/05/22 14:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Canon
[2012/01/31 20:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Garmin
[2009/04/30 16:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\InterVideo
[2010/12/29 18:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Leadertech
[2006/09/11 16:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Protector Suite
[2010/12/29 18:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Seagate
[2006/09/11 16:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\toshiba
[2011/07/22 23:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\Ulead Systems
[2008/12/26 20:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roberto\Application Data\WildTangent
[2012/05/12 13:21:15 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/03/26 20:44:06 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2012/05/17 12:05:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2012/05/17 12:05:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2012/06/01 13:36:34 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2012/06/01 13:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2012/05/31 14:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2012/05/31 22:54:31 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2012/05/29 20:52:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2012/05/29 18:51:02 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2012/05/31 15:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/11/14 11:52:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/05/29 17:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2012/05/30 21:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2012/05/29 19:52:04 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2012/05/30 08:58:31 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2012/05/29 22:51:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/08/10 16:58:37 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/27 22:48:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/08/09 10:36:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/10/23 00:37:22 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2012/01/03 21:09:47 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2012/04/19 16:19:41 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/06/09 18:48:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job

========== Purity Check ==========



< End of report >

Edited by smoke~water, 01 June 2012 - 06:18 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP