Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

i have some major probs hidden users shared files ram mising hard driv


  • Please log in to reply

#1
foxdog3

foxdog3

    New Member

  • Member
  • Pip
  • 2 posts
OTL logfile created on: 2/8/2014 8:05:06 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\one\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 64.81% Memory free
4.29 Gb Paging File | 2.83 Gb Available in Paging File | 65.92% Paging File free
Paging file location(s): c:\pagefile.sys 500 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 213.53 Gb Free Space | 91.69% Space Free | Partition Type: NTFS
Drive E: | 1.89 Gb Total Space | 0.01 Gb Free Space | 0.28% Space Free | Partition Type: FAT32
Drive G: | 500.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ONE-PC | User Name: one | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/08 07:44:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\one\Desktop\OTL.exe
PRC - [2014/02/08 06:25:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/08 00:05:58 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
PRC - [2014/01/27 23:18:46 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/27 23:18:46 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/08 06:25:31 | 003,583,600 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/08 00:05:58 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014/01/27 23:18:46 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/27 23:18:46 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/19 18:55:18 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 16:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/27 23:18:48 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/27 23:18:48 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/27 23:18:48 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/27 23:18:48 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/01/27 23:18:48 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/01/27 23:18:48 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/27 23:18:48 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/26 12:28:03 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/01/26 12:25:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014/01/21 19:09:34 | 000,017,088 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2012/03/01 00:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/08 01:46:56 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/05 09:57:18 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/05 09:57:18 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/22 15:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 19:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 19:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/09/22 15:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A9 89 B4 AA A5 1A CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/27 23:18:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/01/29 22:47:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\one\AppData\Roaming\Mozilla\Extensions
[2014/02/08 06:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/02/08 06:25:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/02/08 06:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/08 06:25:26 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/02/08 06:25:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4537AC59-1380-4CB4-99B6-D9AE0E787097}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/07 05:42:16 | 000,000,128 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7d9069d7-86b7-11e3-b1e2-c80aa9c9b6e0}\Shell\Option1\Command - "" = G:\HBCD\HBCDMenu.exe -- [2011/12/07 05:42:16 | 000,018,432 | R--- | M] (http://www.hiren.info)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/08 07:45:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\one\Desktop\OTL.exe
[2014/02/08 06:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/30 14:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/30 14:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/30 14:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/01/30 03:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/01/30 02:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4
[2014/01/30 02:21:19 | 000,117,024 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/01/30 02:21:19 | 000,017,088 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/01/30 02:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 4
[2014/01/30 02:17:58 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\GlarySoft
[2014/01/29 22:46:51 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Mozilla
[2014/01/28 21:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/28 12:17:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/01/28 08:07:51 | 000,000,000 | ---D | C] -- C:\Users\one\Documents\AvastPEToolkit
[2014/01/28 07:14:31 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\WinZip
[2014/01/28 07:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/01/28 07:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/01/28 07:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2014/01/28 06:05:27 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Foxit Software
[2014/01/28 06:05:26 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Programs
[2014/01/28 06:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2014/01/28 06:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2014/01/28 03:11:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/27 23:19:32 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\AVAST Software
[2014/01/27 23:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/27 23:18:56 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/01/27 23:18:53 | 001,038,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/27 23:18:53 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/27 23:18:52 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/27 23:18:52 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/27 23:18:49 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/27 23:18:47 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/27 23:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/27 23:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/27 14:22:43 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Macromedia
[2014/01/27 14:22:43 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Macromedia
[2014/01/27 14:22:43 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Adobe
[2014/01/27 14:22:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/01/27 14:22:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/01/27 14:15:53 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Adobe
[2014/01/27 14:00:41 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Skype
[2014/01/27 14:00:31 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Skype
[2014/01/27 14:00:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/01/27 14:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/01/27 14:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/01/27 14:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/01/27 01:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/01/26 18:21:02 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Mozilla
[2014/01/26 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\one\Documents\nonec
[2014/01/26 15:50:19 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Apps
[2014/01/26 13:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/01/26 13:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/01/26 13:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/01/26 13:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/01/26 13:47:57 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2014/01/26 13:43:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/26 12:28:03 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/01/26 12:25:03 | 000,381,440 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014/01/26 12:25:03 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\DAEMON Tools Lite
[2014/01/26 12:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/26 12:25:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/01/26 12:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/26 09:44:43 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/26 09:43:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/26 09:43:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/01/26 09:43:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2014/01/26 08:51:19 | 000,000,000 | ---D | C] -- C:\Users\one\Desktop\one t
[2014/01/26 08:15:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014/01/26 08:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/26 08:15:31 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/01/26 08:15:31 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/01/26 08:15:28 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/01/26 08:15:28 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/01/26 08:15:28 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/01/26 08:15:28 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/01/26 08:15:28 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/01/26 08:15:28 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/01/26 08:15:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014/01/26 08:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/01/26 08:14:02 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014/01/26 08:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2014/01/26 08:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/01/26 08:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/01/26 08:10:06 | 000,000,000 | ---D | C] -- C:\Intel
[2014/01/26 08:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014/01/26 08:06:56 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/26 08:06:32 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\SysNative\RtlUI2.exe
[2014/01/26 08:06:32 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe
[2014/01/26 08:05:29 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\ElevatedDiagnostics
[2014/01/26 08:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/01/26 08:02:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/01/26 08:02:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/01/26 07:52:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/26 07:51:57 | 000,000,000 | R--D | C] -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/26 07:51:57 | 000,000,000 | R--D | C] -- C:\Users\one\Searches
[2014/01/26 07:51:57 | 000,000,000 | R--D | C] -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/26 07:51:57 | 000,000,000 | ---D | C] -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/26 07:51:41 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Identities
[2014/01/26 07:51:36 | 000,000,000 | R--D | C] -- C:\Users\one\Contacts
[2014/01/26 07:51:33 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\VirtualStore
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\AppData\Local\Temporary Internet Files
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Templates
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Start Menu
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\SendTo
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Recent
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\PrintHood
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\NetHood
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Documents\My Videos
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Documents\My Pictures
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Documents\My Music
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\My Documents
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Local Settings
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\AppData\Local\History
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Cookies
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\Application Data
[2014/01/26 07:51:12 | 000,000,000 | -HSD | C] -- C:\Users\one\AppData\Local\Application Data
[2014/01/26 07:51:11 | 000,000,000 | --SD | C] -- C:\Users\one\AppData\Roaming\Microsoft
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Videos
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Saved Games
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Pictures
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Music
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Links
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Favorites
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Downloads
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Documents
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\Desktop
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\AppData
[2014/01/26 07:51:11 | 000,000,000 | R--D | C] -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/26 07:51:11 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Temp
[2014/01/26 07:51:11 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Local\Microsoft
[2014/01/26 07:51:11 | 000,000,000 | ---D | C] -- C:\Users\one\AppData\Roaming\Media Center Programs
[2014/01/26 07:51:01 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2014/02/08 07:45:23 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/08 07:45:23 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/08 07:45:23 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/08 07:44:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\one\Desktop\OTL.exe
[2014/02/08 07:40:53 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/02/08 07:40:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/08 07:40:19 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/08 07:39:53 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/08 07:39:53 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 02:21:20 | 000,001,108 | ---- | M] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 4.lnk
[2014/01/30 02:21:20 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 4.lnk
[2014/01/30 02:13:56 | 001,048,576 | -HS- | M] () -- C:\Users\one\NTUSER.bak
[2014/01/30 01:19:29 | 000,007,614 | ---- | M] () -- C:\Users\one\AppData\Local\Resmon.ResmonCfg
[2014/01/29 20:47:32 | 000,003,560 | ---- | M] () -- C:\bootsqm.dat
[2014/01/28 19:18:17 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\umstartup.etl
[2014/01/28 17:46:59 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\umstartup000.etl
[2014/01/28 07:02:20 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/01/27 23:19:07 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/27 23:18:48 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/27 23:18:48 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/27 23:18:48 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/27 23:18:48 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/27 23:18:48 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/27 23:18:48 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/01/27 23:18:48 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/27 23:18:48 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/27 23:18:47 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/27 14:00:24 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/01/27 01:41:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/01/27 00:02:11 | 000,266,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/26 13:58:51 | 000,016,638 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/01/26 12:54:01 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2014/01/26 12:28:03 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/01/26 12:25:29 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/01/26 12:25:07 | 000,000,204 | ---- | M] () -- C:\Windows\tasks\SidebarExecute.job
[2014/01/26 12:25:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014/01/26 09:47:15 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/01/26 09:47:15 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/01/26 09:45:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/26 09:43:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/01/26 08:48:20 | 000,001,441 | R--- | M] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/21 19:16:42 | 000,117,024 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/01/21 19:09:34 | 000,017,088 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys

========== Files Created - No Company Name ==========

[2014/01/30 02:21:20 | 000,001,108 | ---- | C] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 4.lnk
[2014/01/30 02:21:20 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4.lnk
[2014/01/30 02:21:20 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 4.lnk
[2014/01/30 02:21:20 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/01/29 22:46:44 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/29 20:47:32 | 000,003,560 | ---- | C] () -- C:\bootsqm.dat
[2014/01/28 23:26:55 | 000,007,614 | ---- | C] () -- C:\Users\one\AppData\Local\Resmon.ResmonCfg
[2014/01/28 07:02:20 | 000,002,281 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/01/27 23:19:07 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/27 23:18:55 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/27 23:18:54 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/27 14:00:24 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/01/27 01:41:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/01/27 00:21:44 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/27 00:20:46 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/26 12:25:29 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/01/26 12:25:07 | 000,000,204 | ---- | C] () -- C:\Windows\tasks\SidebarExecute.job
[2014/01/26 09:46:55 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/26 09:45:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/26 09:43:56 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/26 09:43:09 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014/01/26 09:43:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2014/01/26 08:48:20 | 000,001,441 | R--- | C] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/26 08:17:56 | 000,016,638 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2014/01/26 08:15:34 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2014/01/26 08:15:34 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ0.dat
[2014/01/26 08:06:30 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2014/01/26 07:52:07 | 000,001,413 | R--- | C] () -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/01/26 07:51:59 | 000,001,447 | R--- | C] () -- C:\Users\one\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/26 07:51:11 | 001,048,576 | -HS- | C] () -- C:\Users\one\NTUSER.bak
[2014/01/26 07:51:11 | 000,000,290 | R--- | C] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/26 07:51:11 | 000,000,272 | R--- | C] () -- C:\Users\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/01/25 14:18:22 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 19:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 19:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 19:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/27 23:19:32 | 000,000,000 | ---D | M] -- C:\Users\one\AppData\Roaming\AVAST Software
[2014/01/26 12:30:08 | 000,000,000 | ---D | M] -- C:\Users\one\AppData\Roaming\DAEMON Tools Lite
[2014/01/28 06:05:50 | 000,000,000 | ---D | M] -- C:\Users\one\AppData\Roaming\Foxit Software
[2014/01/30 02:21:20 | 000,000,000 | ---D | M] -- C:\Users\one\AppData\Roaming\GlarySoft

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
foxdog3

foxdog3

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
did i run the scan right do i need to run a deeper scan
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP