I'm new to this forum and i'm currently having this problem with adserverplus, ad.yieldmanager ad.doubleclick.net popups. They always appear when i'm using firefox, chrome and IE. i have done some research and found that it is the TR/Agent.AKB.2 virus. I'm also not very good with computers so i might need more help And recently i noticed a lot of desktop.ini and album art appearing in almost all of my folders. Is it a virus?
OTL. Txt:
OTL.Txt 185.06KB 136 downloads
Thank you.
OTL logfile created on: 19/7/2012 9:22:20 PM - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = D:\Downloads
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
2.93 Gb Total Physical Memory | 0.34 Gb Available Physical Memory | 11.59% Memory free
5.85 Gb Paging File | 2.53 Gb Available in Paging File | 43.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60.00 Gb Total Space | 8.93 Gb Free Space | 14.89% Space Free | Partition Type: NTFS
Drive D: | 405.47 Gb Total Space | 248.29 Gb Free Space | 61.24% Space Free | Partition Type: NTFS
Computer Name: RP104246 | User Name: 104246 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/19 21:21:58 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL (1).exe
PRC - [2012/07/11 19:17:57 | 000,935,008 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/11 19:17:54 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/07/03 13:46:42 | 000,973,488 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/05/15 09:31:30 | 003,598,064 | ---- | M] (Funshion Online Technologies Ltd.) -- C:\Program Files\Funshion Online\Funshion\Funshion.exe
PRC - [2012/05/15 09:24:30 | 001,763,056 | ---- | M] (Funshion Online Technologies Ltd.) -- C:\Program Files\Funshion Online\Funshion\FunshionService.exe
PRC - [2012/05/10 00:53:46 | 000,201,112 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/05/04 13:37:10 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/05/04 13:37:00 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/05/04 13:36:58 | 000,955,792 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
PRC - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/05/03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2012/05/01 14:02:14 | 000,695,296 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe
PRC - [2012/05/01 14:02:12 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Program Files\Samsung\Kies\External\DeviceModules\ConnectionManager.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/01/11 16:11:58 | 005,153,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office Communicator\communicator.exe
PRC - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/11/17 12:00:06 | 002,221,712 | ---- | M] (AdFender, Inc.) -- C:\Program Files\AdFender\AdFender.exe
PRC - [2011/07/21 18:10:24 | 000,177,456 | ---- | M] (Blabbers Communications LTD) -- C:\Program Files\BrowserCompanion\BCHelper.exe
PRC - [2011/06/24 12:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/13 18:43:28 | 002,352,416 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
PRC - [2011/06/13 18:43:28 | 000,804,128 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2011/06/13 18:43:28 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
PRC - [2011/03/24 15:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/05 22:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/11/20 20:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/04 13:06:57 | 000,520,192 | ---- | M] (Republic Polytechnic) -- C:\Program Files\Republic Poly\UTClient\UTAgent.exe
PRC - [2010/05/27 17:02:48 | 000,796,592 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
PRC - [2010/01/18 15:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010/01/15 20:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/06 03:12:00 | 000,132,456 | ---- | M] (Lenovo.) -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
PRC - [2009/12/21 18:49:44 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2009/12/11 12:22:06 | 000,255,336 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe
PRC - [2009/12/11 12:22:04 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2009/12/11 11:58:56 | 000,344,064 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2009/12/03 17:44:42 | 000,128,296 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2009/11/24 13:51:18 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2009/11/09 13:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\cammute.exe
PRC - [2009/10/23 15:55:28 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/10/23 15:55:28 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/23 15:55:26 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/10/23 15:55:26 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2009/10/23 15:55:26 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2009/10/20 20:32:00 | 000,098,304 | ---- | M] () -- C:\Windows\System32\DTS.exe
PRC - [2009/10/20 20:26:50 | 001,701,112 | ---- | M] (AuthenTec, Inc.) -- C:\Windows\System32\AtService.exe
PRC - [2009/10/19 17:18:36 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2009/10/01 18:08:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 18:08:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/10/01 18:08:38 | 001,098,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
PRC - [2009/10/01 16:14:30 | 000,144,752 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/09/25 16:11:08 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2009/08/07 05:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/08/07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/10/30 15:23:52 | 000,031,744 | ---- | M] (Ricoh co.,Ltd.) -- C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
PRC - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CCM\CcmExec.exe
PRC - [2006/12/09 19:04:10 | 000,128,832 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Firewall Client 2004\FwcAgent.exe
PRC - [2006/12/09 19:04:10 | 000,117,568 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Firewall Client 2004\FwcMgmt.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/11 19:17:58 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/11 19:17:54 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/07/10 12:09:00 | 000,438,296 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
MOD - [2012/07/10 12:08:59 | 003,972,120 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 12:07:39 | 000,554,520 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 12:07:37 | 000,117,784 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/10 12:07:22 | 000,140,328 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 12:07:21 | 000,262,184 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 12:07:19 | 002,386,984 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/10 10:17:27 | 009,255,112 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/07/10 10:17:27 | 009,255,112 | ---- | M] () -- C:\Users\104246\AppData\Local\Google\Chrome\APPLIC~1\200113~1.57\gcswf32.dll
MOD - [2012/05/25 16:31:37 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\7dfba5d1d4bb05f6e4ea95ffa0f359a9\System.Core.ni.dll
MOD - [2012/05/25 16:31:09 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\96c67054741c79ebccb7c67c3468a8c5\System.Management.ni.dll
MOD - [2012/05/25 15:55:56 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96a5c5331595b2dbc3a891ad1249e519\PresentationFramework.Aero.ni.dll
MOD - [2012/05/25 15:55:52 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c3f6bab61bd342ff9dc18100d78ab48a\System.ServiceProcess.ni.dll
MOD - [2012/05/25 15:55:33 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f8df897f1f57d1cf6f9fe821df6573c5\System.Web.Services.ni.dll
MOD - [2012/05/25 15:55:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\12dc22db56f7933e84654ecc590beba5\System.Runtime.Remoting.ni.dll
MOD - [2012/05/25 15:55:12 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a6f0833352aeeafae3a5dad61536052e\System.EnterpriseServices.ni.dll
MOD - [2012/05/25 15:55:10 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\1f41bf39928a680d56621d083cf02348\System.Transactions.ni.dll
MOD - [2012/05/25 15:55:09 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4e26c6b80e18c10fd21607868d6f10cd\System.Data.ni.dll
MOD - [2012/05/25 15:54:38 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\898d81e6d776766e95f1da4e384b7c01\PresentationFramework.ni.dll
MOD - [2012/05/25 15:34:40 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc15a932ab494a57e7a8c4b424722c03\System.Windows.Forms.ni.dll
MOD - [2012/05/25 15:34:22 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\963f4a8ee1733775937bbd02da14ce44\System.Drawing.ni.dll
MOD - [2012/05/25 15:34:13 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e62f726d03a358af0ce24a70e31aaaa8\PresentationCore.ni.dll
MOD - [2012/05/25 15:33:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/05/25 15:33:32 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/05/25 15:33:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/05/25 15:33:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/05/25 15:33:01 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll
MOD - [2012/05/18 14:26:51 | 000,115,137 | ---- | M] () -- C:\Users\104246\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012/05/15 09:21:32 | 000,169,200 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\ptv.dll
MOD - [2012/05/15 09:21:22 | 000,287,472 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\lsv.dll
MOD - [2012/05/15 09:21:20 | 000,288,496 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\agentd.dll
MOD - [2012/05/15 09:20:52 | 000,238,080 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\ttv.dll
MOD - [2012/05/15 09:20:08 | 000,285,936 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\gma.dll
MOD - [2012/05/15 09:20:04 | 000,306,416 | ---- | M] () -- C:\Program Files\Funshion Online\Funshion\dump.dll
MOD - [2012/05/04 13:37:10 | 000,021,392 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012/05/02 17:33:40 | 000,649,640 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
MOD - [2012/05/02 17:33:40 | 000,007,168 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
MOD - [2012/05/02 17:33:38 | 000,537,000 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
MOD - [2012/05/02 17:33:38 | 000,003,584 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
MOD - [2012/05/02 17:21:26 | 000,080,384 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FileService.dll
MOD - [2012/05/02 08:50:38 | 000,012,800 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.dll
MOD - [2012/05/02 08:50:02 | 014,187,008 | ---- | M] () -- C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
MOD - [2012/05/02 08:49:20 | 000,514,560 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
MOD - [2012/05/02 08:49:10 | 000,034,304 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
MOD - [2012/05/02 08:48:26 | 000,022,528 | ---- | M] () -- C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
MOD - [2012/05/01 14:02:56 | 000,048,128 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\ASF_cSharpAPI.dll
MOD - [2012/05/01 14:01:48 | 000,720,896 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\MediaModules\LDBCShConv.dll
MOD - [2011/08/07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Program Files\Yuna Software\Messenger Plus!\Detour32.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/13 18:43:40 | 000,132,384 | ---- | M] () -- C:\Program Files\ThinkPad\Bluetooth Software\BTKeyInd.dll
MOD - [2011/01/04 16:11:26 | 000,839,680 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\System.Data.SQLite.dll
MOD - [2011/01/04 16:11:24 | 000,126,976 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\MediaModules\DNSe.dll
MOD - [2011/01/04 16:11:16 | 000,712,704 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\DeviceModules\SHOWDRM_UCC.dll
MOD - [2011/01/04 16:11:14 | 000,237,568 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\DeviceModules\drmcm.dll
MOD - [2010/11/29 04:34:18 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010/11/05 09:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/06 03:12:00 | 000,033,280 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
MOD - [2009/07/14 09:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/06/11 05:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2006/09/10 22:04:12 | 000,188,416 | ---- | M] () -- C:\Program Files\Republic Poly\UTClient\utenc.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/07/13 00:08:58 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/11 19:17:57 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/19 17:57:56 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/06/13 18:43:28 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2011/01/05 22:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/09 17:21:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/18 15:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010/01/15 20:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/06 03:12:00 | 000,132,456 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc)
SRV - [2010/01/06 03:12:00 | 000,075,112 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009/12/11 12:22:06 | 000,255,336 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2009/12/11 12:22:04 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2009/11/17 18:06:02 | 000,044,984 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2009/11/09 13:48:34 | 000,054,632 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\cammute.exe -- (LENOVO.CAMMUTE)
SRV - [2009/10/23 15:55:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/10/23 15:55:28 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/23 15:55:26 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/10/23 15:55:26 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/10/23 15:55:26 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/10/20 20:32:00 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Windows\System32\DTS.exe -- (dtsvc)
SRV - [2009/10/20 20:31:52 | 000,106,496 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\ADMonitor.exe -- (ADMonitor)
SRV - [2009/10/20 20:26:50 | 001,701,112 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Windows\System32\AtService.exe -- (ATService)
SRV - [2009/10/19 17:18:36 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2009/10/01 18:08:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 18:08:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/09/25 16:11:08 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009/08/07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/08/04 21:32:42 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/07/14 09:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 12:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/04/29 11:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2006/12/09 19:04:10 | 000,128,832 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Program Files\Microsoft Firewall Client 2004\FwcAgent.exe -- (FwcAgent)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Disabled | Stop_Pending] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2012/07/11 18:13:38 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120718.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/07/11 18:13:38 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120718.034\NAVENG.SYS -- (NAVENG)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/05/30 16:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/30 16:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/12/19 12:44:24 | 000,223,864 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)
DRV - [2011/12/19 12:44:24 | 000,093,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/12/19 12:44:24 | 000,072,312 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbwtis.sys -- (sbwtis)
DRV - [2011/11/29 06:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/10/17 20:52:29 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2011/09/30 12:17:24 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/09/29 12:16:18 | 000,094,584 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV - [2011/09/29 12:16:18 | 000,094,584 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011/01/05 22:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/12/21 13:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 13:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/12/21 13:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/11/20 20:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 20:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 20:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 18:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 18:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 17:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 17:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/05 03:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/03/15 15:48:51 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/22 21:14:48 | 000,485,944 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2010/01/06 03:12:00 | 000,024,304 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\DOZEHDD.SYS -- (DozeHDD)
DRV - [2010/01/06 03:12:00 | 000,011,552 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2009/12/14 17:07:32 | 000,127,232 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\5U877.sys -- (5U877)
DRV - [2009/12/10 09:36:54 | 000,214,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel®
DRV - [2009/12/02 11:37:25 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/11/20 18:12:52 | 000,020,848 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor\pcdsrvc.pkms -- (PCDSRVC{C4B36920-79E24793-06000000}_0)
DRV - [2009/10/30 06:55:30 | 000,209,920 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV - [2009/10/26 12:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/10/23 15:55:28 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/10/23 15:55:28 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2009/10/23 15:55:28 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009/10/23 15:55:24 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/10/23 15:55:24 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/10/23 15:55:24 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/10/13 17:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/10/09 12:12:02 | 000,120,360 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsX86.sys -- (Shockprf)
DRV - [2009/10/09 12:10:24 | 000,020,520 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ApsHM86.sys -- (TPDIGIMN)
DRV - [2009/09/17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/15 12:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2009/07/14 07:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/14 06:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/13 17:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2009/04/29 11:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008/12/15 13:57:00 | 000,023,416 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisrd.sys -- (Ndisrd)
DRV - [2008/05/12 18:04:02 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2007/04/20 10:44:10 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/04/13 02:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007/04/02 14:55:48 | 000,021,888 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtmserusb.sys -- (GTMSERUSB)
DRV - [2007/03/28 09:59:04 | 000,036,992 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuqbus.sys -- (GTUQBUS)
DRV - [2007/03/28 09:59:02 | 000,024,704 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\g3gruser.sys -- (G3GRUSER)
DRV - [2007/03/28 09:59:02 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/03/28 09:59:00 | 000,166,400 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2007/03/28 09:59:00 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2007/03/28 09:59:00 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2007/03/28 09:59:00 | 000,077,952 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwdelser.sys -- (NWDellPort)
DRV - [2007/03/28 09:58:58 | 000,020,480 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swivspnt.sys -- (swivsp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1060933
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myrp.sg
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGLL_enSG379
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-07-11 19:18:03&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKCU\..\SearchScopes\{B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2}: "URL" = http://www.baidu.com...shion010_oem_dg
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ISA-Firewall.rp.sg:8080
========== FireFox ==========
FF - prefs.js..CT1060933.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Plus! Network"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.6
FF - prefs.js..extensions.enabledItems: {7A074BE0-2326-436d-B473-029FAEBEB5C6}:1.1.4
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://isearch.avg.c...8:03&sap=ku&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@baidu.com/npxbdyy: C:\Program Files\Baidu\BaiduPlayer\1.14.0.101\npxbdyy.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\104246\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\104246\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/11 19:16:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/11 19:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/26 22:56:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 16:45:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/26 22:56:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 16:45:41 | 000,000,000 | ---D | M]
[2010/12/23 16:49:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\104246\AppData\Roaming\mozilla\Extensions
[2012/07/16 23:28:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions
[2012/07/16 23:28:46 | 000,000,000 | ---D | M] (Freecorder) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011/09/30 18:22:18 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2011/02/05 22:41:29 | 000,000,000 | ---D | M] (Tab Saver!) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{7A074BE0-2326-436d-B473-029FAEBEB5C6}
[2012/06/26 22:56:27 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2011/02/22 10:09:34 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/04/12 21:39:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/07/27 14:37:21 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\[email protected]
[2012/06/26 22:32:46 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/05/06 20:06:14 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\104246\AppData\Roaming\mozilla\Firefox\Profiles\e92le98s.default\extensions\[email protected]
[2012/07/16 23:30:31 | 000,000,875 | ---- | M] () -- C:\Users\104246\AppData\Roaming\Mozilla\Firefox\Profiles\e92le98s.default\searchplugins\conduit.xml
[2012/01/03 16:05:40 | 000,002,770 | ---- | M] () -- C:\Users\104246\AppData\Roaming\Mozilla\Firefox\Profiles\e92le98s.default\searchplugins\Plusnetwork.xml
[2012/04/04 10:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/11 19:16:12 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/07/11 19:18:21 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.12
[2011/10/29 17:56:16 | 000,016,192 | ---- | M] () (No name found) -- C:\USERS\104246\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E92LE98S.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}.XPI
[2012/06/23 23:46:59 | 000,065,379 | ---- | M] () (No name found) -- C:\USERS\104246\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E92LE98S.DEFAULT\EXTENSIONS\[email protected]
[2012/06/19 17:57:58 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/19 16:55:11 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/10 01:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/07/11 19:17:51 | 000,003,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/19 17:57:51 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/19 17:57:51 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\104246\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\104246\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll
CHR - plugin: AhnLab MyKeyDefense 2.5 (Enabled) = C:\Program Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll
CHR - plugin: BaiduPlayer Browser Plugin (Enabled) = C:\Program Files\Baidu\BaiduPlayer\1.14.0.101\npxbdyy.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\104246\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - Extension: Complitly plugin for chrome = C:\Users\104246\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: Untitled = C:\Users\104246\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfofcdjmmfcipljgbipjojobibknmfhc\1.0_1\
CHR - Extension: AVG Do Not Track = C:\Users\104246\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: My Chrome Theme = C:\Users\104246\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\1.1.0_0\
O1 HOSTS File: ([2010/03/09 15:52:10 | 000,380,343 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 13101 more lines...
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ViewerHelper Class) - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No CLSID value found.
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\104246\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (Lenovo ThinkVantage Toolbox) - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll (PC-Doctor, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe ()
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (AuthenTec)
O4 - HKLM..\Run: [FingerPrintSoftwareSplashScreen] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Funshion] C:\Program Files\Funshion Online\Funshion\Funshion.exe (Funshion Online Technologies Ltd.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [YY] C:\Program Files\duowan\yy-2.0\yylauncher.exe (廣州多玩資訊技術有限公司)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\104246\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\104246\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll (Microsoft ® Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: media.rp.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: myrp.edu.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: myrp.rp.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: myrp.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: rp.edu.sg ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: rp.sg ([]* in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9C10BBDE-0A29-4372-929C-3E1453EC8BAB} http://musicplayer.s...kage/p3init.cab (p3init1 Class)
O16 - DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///E:/launch.ocx (Launch Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} http://antivirus.rp....ent/webinst.cab (WebBasedClientInstall Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rp.edu.sg
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5B46C35-C760-4E1B-AF0E-25AF07400610}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF774002-B12F-45AA-B1A3-5921E1614725}: DhcpNameServer = 10.60.20.9 10.60.20.10
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\rmh {23C585BB-48FF-4865-8934-185F0A7EB84C} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\application/msword {DFF82902-0B96-3B98-6F62-D655E146A23A} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {F969FE8E-1937-45AD-AF42-8A4D11CBDC2A} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/vnd.ms-excel {DFF82902-0B96-3B98-6F62-D655E146A23A} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/vnd.ms-powerpoint {DFF82902-0B96-3B98-6F62-D655E146A23A} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/vnd-viewer {CD4527E8-4FC7-48DB-9806-10537B501237} - C:\Program Files\Microsoft\Rights Management Add-on\rmadoc.exe (Microsoft Corporation)
O18 - Protocol\Filter\application/x-microsoft-rpmsg-message {DFF82902-0B96-3B98-6F62-D655E146A23A} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\DataMngr\datamngr.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{16b17934-bbb2-11df-8a05-c417feecd537}\Shell - "" = AutoRun
O33 - MountPoints2\{16b17934-bbb2-11df-8a05-c417feecd537}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{6c47b8c1-f9f2-11e0-9e4c-c417feecd537}\Shell - "" = AutoRun
O33 - MountPoints2\{6c47b8c1-f9f2-11e0-9e4c-c417feecd537}\Shell\AutoRun\command - "" = G:\HPLauncher.exe
O33 - MountPoints2\{8bc80f7b-05b6-11e1-8b9e-c417feecd537}\Shell - "" = AutoRun
O33 - MountPoints2\{8bc80f7b-05b6-11e1-8b9e-c417feecd537}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{bd45a2db-b411-11e0-9d66-c417feecd537}\Shell - "" = AutoRun
O33 - MountPoints2\{bd45a2db-b411-11e0-9d66-c417feecd537}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/19 21:12:59 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{29F01997-B3D8-406D-8042-7B5E9C255859}
[2012/07/19 21:12:43 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{E9713D17-398B-4A5B-90EE-1E9C294CE9ED}
[2012/07/19 19:30:35 | 000,000,000 | ---D | C] -- C:\Users\104246\Desktop\All Pictures
[2012/07/19 19:16:56 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{CAD93F6C-C431-48FF-99BF-AD93F73C79BC}
[2012/07/19 19:15:18 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{571AEDBA-096D-4404-951D-5E2BD96E5202}
[2012/07/19 18:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/17 23:12:31 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{2F0B0ACB-3882-4880-A3E7-01F23ACE0EC2}
[2012/07/17 23:12:15 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{6EFC96D3-810C-450F-BD68-4E2E17AF698C}
[2012/07/16 23:12:40 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{01569546-ED87-46B3-A7A1-4ACEEA83C88A}
[2012/07/16 23:12:13 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{F12A85F5-7A46-41C4-ACB0-CFB8B22D2D5A}
[2012/07/16 10:47:50 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{AD400295-A3AF-454F-A8DE-E73303EEB828}
[2012/07/16 10:46:21 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{D7BF70B2-F9C8-4F72-BF42-92398822E2EC}
[2012/07/14 09:17:15 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{F28A34A9-D908-4F06-A72A-32999F64B1B6}
[2012/07/14 09:16:58 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{854A4010-1891-4D3C-9EF3-46A25D7F16DF}
[2012/07/12 23:05:30 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{A4BA0A76-96C1-4B24-80D5-772C045F55E2}
[2012/07/12 23:05:13 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{2ADDAF11-1931-4E11-90A0-3E6FD4D34B3C}
[2012/07/12 10:57:32 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{E6B732BC-9469-4334-A273-4B93A49DA9C0}
[2012/07/12 10:57:11 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{333689DE-0AE7-491E-8160-F874E372FF50}
[2012/07/12 10:03:40 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{0E160A22-632D-4FFE-B467-189FF9379AD5}
[2012/07/11 19:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/07/11 17:54:43 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{F7986898-8948-4358-A8D4-441AF190253B}
[2012/07/11 17:54:31 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{6561ABB4-461D-4579-9EB1-933CC68D1DE2}
[2012/07/08 12:55:40 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{068ABA4C-5561-4B46-9B2B-23C4E95456DF}
[2012/07/08 12:55:21 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{43C9011C-C2CD-41EA-ADFB-58752F1332DB}
[2012/07/05 23:21:18 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{0453076C-57B9-4E1E-BBC5-230ECA873442}
[2012/07/05 23:21:00 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{457A60C6-895E-4615-A416-6D5B930DC38F}
[2012/07/04 21:03:47 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{FF117B47-2636-49B7-B9C5-165D2C4958C2}
[2012/07/04 21:03:28 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{03D6C41B-0D2B-407D-921F-2A4A3DA04528}
[2012/07/03 23:22:05 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{EC9BE4D6-1B22-4367-967B-888A212AEEF1}
[2012/07/03 23:21:51 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{3B28A990-E426-486A-AF5A-F26C4442BFDF}
[2012/07/02 20:53:53 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{3A9B68D2-A02F-4384-81D4-208B70530552}
[2012/07/02 20:53:37 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{F7110C4A-2E6A-4B57-B661-E5F451E130EB}
[2012/07/01 21:12:30 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{568E87A7-E1AB-42B6-9184-5E0F95C4606A}
[2012/07/01 21:12:15 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{FA0A27A6-05A4-47A1-A325-8CDF725BCB42}
[2012/06/30 14:43:37 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{D0CD8E25-3788-4051-BECF-FD35EB3D18E8}
[2012/06/30 14:43:15 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{2AD3D7C1-9D5E-44FD-84B5-7C924F35E17B}
[2012/06/29 21:14:01 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{D2B5F9FC-7A39-4912-911E-055128AAD5F8}
[2012/06/29 21:13:41 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{80C6B0BC-502F-40FB-BAC5-DEFFC42DF952}
[2012/06/28 21:22:44 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{CD92B229-1949-4963-BC49-5C99C12CEC7F}
[2012/06/28 21:22:15 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{89DBB5B6-697B-45EF-B4A8-31532B8043B3}
[2012/06/27 23:02:07 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{1B48193E-BE61-4F57-BED8-379D4E7EDC05}
[2012/06/27 23:01:45 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{6B1FEF40-36FE-401C-AF84-4C99D7FFE044}
[2012/06/26 22:56:43 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\adawarebp
[2012/06/26 22:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2012/06/26 22:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2012/06/26 22:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/06/26 22:36:14 | 000,093,816 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\sbhips.sys
[2012/06/26 22:35:27 | 000,223,864 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\SbFw.sys
[2012/06/26 22:35:27 | 000,094,584 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\SbFwIm.sys
[2012/06/26 22:35:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\VDD
[2012/06/26 22:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/06/26 22:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012/06/26 22:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/06/26 22:29:24 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Roaming\Ad-Aware Antivirus
[2012/06/26 12:02:08 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{4CE82543-F591-443C-9A87-C4B337BBC33E}
[2012/06/26 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{E0D123AB-BC72-40F4-B9A7-E34C7A3698D2}
[2012/06/25 23:08:14 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{EC0E8EC2-8733-4B05-97DC-4EBD87C34721}
[2012/06/25 23:08:02 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{196E61F0-24BF-42B0-B476-CC2E1AE381AC}
[2012/06/24 23:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaiduPlayer
[2012/06/24 23:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Baidu
[2012/06/24 22:32:28 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Roaming\Baidu
[2012/06/24 22:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2012/06/24 21:52:55 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{6D6977BB-B2F8-4260-88E1-482BBFCC2874}
[2012/06/24 21:52:41 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{1FB6D2E0-CFF7-4A17-BC6F-7520AEB0B201}
[2012/06/23 22:53:17 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{7DB12A52-7FE6-43ED-9A84-FD926B229006}
[2012/06/23 22:52:39 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{D0579810-9395-4758-8A4D-AEFE67AE7C3C}
[2012/06/22 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{E15D7684-4E2D-4A36-B752-6F5E23DA6BA8}
[2012/06/22 11:36:57 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{DF6AAC55-CA08-4FA7-9AE1-6EFDE198F548}
[2012/06/22 11:24:29 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{7260C5E8-A6E2-4866-AAA3-B9E68579D44B}
[2012/06/22 11:24:09 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{C54747FF-04DA-4084-B0F3-6FB3170C4F2B}
[2012/06/21 20:33:37 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{BE3C4B6F-5DA7-409A-9FCC-852C47BE7B3B}
[2012/06/21 20:33:19 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{0A7FB47D-465B-42B0-BFF9-A0804C977EE1}
[2012/06/20 20:49:27 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{2D018069-A6EF-4824-8059-48E9C2A543C9}
[2012/06/20 20:49:06 | 000,000,000 | ---D | C] -- C:\Users\104246\AppData\Local\{D78867EB-CB01-4A9C-8DC2-4E32B1F1DED8}
========== Files - Modified Within 30 Days ==========
[2012/07/19 22:08:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/19 22:00:12 | 000,005,164 | ---- | M] () -- C:\Users\104246\funshion.ini
[2012/07/19 21:33:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/19 21:20:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1801674531-725345543-269598UA.job
[2012/07/19 21:12:32 | 000,000,911 | ---- | M] () -- C:\Users\104246\AppData\Roaming\coreavc.ini
[2012/07/19 21:10:36 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/19 21:02:26 | 000,020,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/19 21:02:26 | 000,020,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/19 20:55:06 | 000,000,497 | ---- | M] () -- C:\Windows\SMSCFG.ini
[2012/07/19 20:53:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/19 20:53:48 | 2355,904,512 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/19 18:44:56 | 101,724,594 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/07/18 00:12:15 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 23:10:52 | 000,000,438 | ---- | M] () -- C:\Windows\System32\WSCConfig.xml
[2012/07/14 23:07:22 | 000,148,992 | ---- | M] () -- C:\Users\104246\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/14 18:17:36 | 000,624,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/14 18:17:36 | 000,109,212 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/07/13 00:20:02 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1801674531-725345543-269598Core.job
[2012/07/08 17:00:02 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2012/07/05 23:17:38 | 000,000,000 | ---- | M] () -- C:\t1j4.2
[2012/07/04 21:01:35 | 000,000,000 | ---- | M] () -- C:\t1jc.1
[2012/07/03 23:19:17 | 000,000,000 | ---- | M] () -- C:\t1jg.1
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/30 14:41:53 | 000,003,212 | RHS- | M] () -- C:\Users\104246\ntuser.pol
[2012/06/29 00:21:24 | 000,001,738 | ---- | M] () -- C:\Windows\System32\EmailAVConfig.xml
[2012/06/28 00:04:32 | 000,001,190 | ---- | M] () -- C:\Windows\System32\ServiceConfig.xml
========== Files Created - No Company Name ==========
[2012/07/18 00:12:15 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 23:10:52 | 000,000,438 | ---- | C] () -- C:\Windows\System32\WSCConfig.xml
[2012/07/05 23:17:38 | 000,000,000 | ---- | C] () -- C:\t1j4.2
[2012/07/04 21:01:35 | 000,000,000 | ---- | C] () -- C:\t1jc.1
[2012/07/03 23:19:17 | 000,000,000 | ---- | C] () -- C:\t1jg.1
[2012/06/29 00:21:24 | 000,001,738 | ---- | C] () -- C:\Windows\System32\EmailAVConfig.xml
[2012/06/28 00:04:32 | 000,001,190 | ---- | C] () -- C:\Windows\System32\ServiceConfig.xml
[2012/01/15 20:50:54 | 000,000,138 | ---- | C] () -- C:\Windows\vsfilter.INI
[2012/01/15 20:45:56 | 000,000,891 | ---- | C] () -- C:\Windows\System32\bdsecushr.dat
[2011/09/30 20:19:40 | 000,000,911 | ---- | C] () -- C:\Users\104246\AppData\Roaming\coreavc.ini
[2011/09/24 19:25:41 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/09/24 19:21:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/08/22 15:10:00 | 000,000,000 | ---- | C] () -- C:\Users\104246\AppData\Local\{B2B79269-3080-4880-B353-3DFAE7F23543}
[2011/02/18 21:00:39 | 000,000,117 | ---- | C] () -- C:\Users\104246\jagex_runescape_preferences2.dat
[2011/02/18 20:54:45 | 000,000,034 | ---- | C] () -- C:\Users\104246\jagex_runescape_preferences.dat
[2011/02/01 10:31:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/02/01 10:31:52 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/01/04 16:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/01/04 16:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/01/04 16:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/01/04 16:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/01/04 16:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010/12/07 13:00:31 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010/11/29 05:16:00 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2010/11/29 05:16:00 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2010/11/29 05:16:00 | 000,105,408 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2010/11/29 04:39:32 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/11/29 04:34:18 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2010/08/14 20:07:12 | 000,000,256 | ---- | C] () -- C:\Users\104246\AppData\Roaming\090024D704AD64
[2010/07/29 12:57:02 | 000,005,160 | ---- | C] () -- C:\Users\104246\funshion.ini
[2010/07/29 12:57:02 | 000,000,990 | ---- | C] () -- C:\Windows\System32\funshion.ini
[2010/07/04 20:47:24 | 000,148,992 | ---- | C] () -- C:\Users\104246\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/16 16:57:46 | 000,003,212 | RHS- | C] () -- C:\Users\104246\ntuser.pol
[2010/03/16 16:57:34 | 000,000,017 | ---- | C] () -- C:\Users\104246\AppData\Local\resmon.resmoncfg
[2009/12/02 11:46:14 | 000,036,039 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007/04/27 17:43:36 | 000,055,620 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2007/03/28 10:00:16 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
========== LOP Check ==========
[2012/07/01 21:31:20 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Ad-Aware Antivirus
[2012/06/17 00:50:11 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\AVG2012
[2012/06/24 23:33:56 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Baidu
[2010/03/09 15:34:02 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\CachedFiles
[2011/09/30 18:22:15 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Complitly
[2011/09/26 15:49:13 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\DAEMON Tools Lite
[2011/09/19 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Downloaded Installations
[2011/09/01 18:03:31 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\duowan
[2011/03/25 16:51:57 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\DVDVideoSoft
[2011/03/02 15:32:08 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/09/27 13:59:19 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Flood Light Games
[2011/02/05 22:42:06 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\GrabPro
[2011/09/30 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Hive Cluster
[2011/08/20 22:03:44 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Launchy
[2010/11/25 15:48:33 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Leadertech
[2009/12/03 16:25:39 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\MRTalk
[2012/02/14 17:42:21 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\MusicNet
[2010/06/14 19:31:00 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\NCH Swift Sound
[2012/05/31 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Orbit
[2011/12/18 19:56:53 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\PPStream
[2010/12/24 22:44:00 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\ProgSense
[2011/09/19 18:53:16 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\RenPy
[2009/12/03 11:15:35 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Republic Poly
[2011/02/01 10:29:42 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Samsung
[2011/06/17 22:39:02 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\StepMania 5
[2010/07/03 21:52:11 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Synthesia
[2012/05/18 15:11:52 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\Temp
[2010/11/19 15:02:00 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/11/06 17:19:38 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\uTorrent
[2011/01/13 14:16:13 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\WOWClient
[2012/05/02 21:50:49 | 000,000,000 | ---D | M] -- C:\Users\104246\AppData\Roaming\YourFileDownloader
[2010/03/09 16:10:06 | 000,000,528 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/07/08 17:00:02 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2011/12/29 11:13:23 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2012/03/07 20:00:57 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012/06/24 23:33:57 | 000,000,000 | ---D | C](C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hao123???) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hao123桌面版
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9857FAE3
< End of report >
Edited by Essexboy, 26 July 2012 - 12:47 PM.