OTL logfile created on: 06/06/2012 23:11:10 - Run 2
OTL by OldTimer - Version 3.2.42.1 Folder = D:\Laine
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 31.62% Memory free
3.99 Gb Paging File | 1.90 Gb Available in Paging File | 47.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50.00 Gb Total Space | 20.53 Gb Free Space | 41.07% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 33.76 Gb Free Space | 33.76% Space Free | Partition Type: NTFS
Drive E: | 148.09 Gb Total Space | 25.21 Gb Free Space | 17.02% Space Free | Partition Type: NTFS
Computer Name: EIT-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/05 15:19:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Laine\OTL.exe
PRC - [2012/06/05 13:08:32 | 000,419,096 | ---- | M] (BitDefender SRL) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2012/06/05 13:07:19 | 000,782,336 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
PRC - [2012/06/03 13:29:22 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/06/02 15:04:21 | 000,935,480 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/05/11 20:03:49 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/05/11 19:56:54 | 000,105,288 | ---- | M] (SurfRight B.V.) -- C:\Program Files\HitmanPro\hmpsched.exe
PRC - [2012/04/23 19:23:40 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2012/04/19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/12 14:27:54 | 003,731,112 | ---- | M] (Gretech Corp.) -- C:\Program Files\GRETECH\GomPlayer\GOM.EXE
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/07 07:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 07:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/22 20:49:58 | 006,591,800 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/03 20:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/11/03 17:20:58 | 000,803,144 | ---- | M] (AVG) -- C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
PRC - [2011/02/26 12:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/14 17:28:32 | 000,250,368 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010/10/14 17:28:22 | 000,228,352 | ---- | M] () -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/05/25 19:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/12/26 02:15:56 | 004,147,136 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/12/26 02:15:32 | 006,223,808 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2009/07/14 08:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/06 14:12:02 | 001,626,112 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
PRC - [2009/03/27 15:25:28 | 000,438,272 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
PRC - [2008/11/10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/03/27 04:51:00 | 000,208,896 | ---- | M] () -- C:\Program Files\UniKey\UniKey.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/03 13:29:22 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/06/02 15:04:22 | 000,132,664 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/05/23 08:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
MOD - [2012/05/23 08:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/23 08:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll
MOD - [2012/05/23 08:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll
MOD - [2012/05/23 08:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/23 08:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/23 08:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/23 08:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012/05/23 08:06:23 | 008,743,584 | ---- | M] () -- C:\Users\ADMINI~1\AppData\Local\Google\Chrome\APPLIC~1\190108~1.52\gcswf32.dll
MOD - [2012/04/02 15:46:18 | 000,946,176 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\GSFU.ax
MOD - [2012/02/22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/02/22 20:49:38 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2011/11/03 17:21:06 | 000,350,024 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl
MOD - [2011/11/03 17:21:06 | 000,184,136 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl
MOD - [2011/11/03 17:21:06 | 000,050,504 | ---- | M] () -- C:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl
MOD - [2011/09/08 16:03:56 | 000,594,944 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\GVF.ax
MOD - [2011/08/03 11:31:02 | 003,373,568 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\libavcodec.dll
MOD - [2011/08/03 11:31:02 | 000,184,320 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\GRFU.ax
MOD - [2011/07/22 22:00:32 | 005,270,754 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-53.dll
MOD - [2011/07/22 22:00:32 | 000,736,644 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-53.dll
MOD - [2011/07/22 22:00:32 | 000,213,337 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-51.dll
MOD - [2011/07/22 15:00:00 | 003,576,320 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2011/07/22 15:00:00 | 000,327,680 | ---- | M] () -- C:\Program Files\K-Lite Codec Pack\ffdshow\ff_libfaad2.dll
MOD - [2011/05/17 07:49:30 | 000,421,520 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\GomTVStrm.dll
MOD - [2010/10/15 16:35:54 | 001,433,600 | ---- | M] () -- C:\Program Files\GRETECH\GomPlayer\GAF.ax
MOD - [2010/10/14 17:28:22 | 000,228,352 | ---- | M] () -- C:\ProgramData\DatacardService\DCSHelper.exe
MOD - [2009/04/13 11:53:26 | 000,233,472 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\ENU\seccenter.ui
MOD - [2009/03/27 15:25:28 | 000,438,272 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
MOD - [2009/02/23 10:44:34 | 000,045,056 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\actxcont.dll
MOD - [2008/12/20 03:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008/12/20 03:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
MOD - [2008/10/09 16:31:54 | 000,192,512 | ---- | M] () -- C:\Windows\System32\txmlutil.dll
MOD - [2006/03/27 04:51:00 | 000,208,896 | ---- | M] () -- C:\Program Files\UniKey\UniKey.exe
MOD - [2006/03/19 11:55:44 | 000,188,416 | ---- | M] () -- C:\Program Files\UniKey\UKHook40.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/06/05 13:08:32 | 000,419,096 | ---- | M] (BitDefender SRL) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2012/06/05 13:06:32 | 000,323,584 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2012/06/02 15:04:21 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/05/11 19:56:54 | 000,105,288 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/07 07:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/25 01:36:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/02/16 16:17:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 20:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/14 17:28:32 | 000,250,368 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009/07/14 08:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 08:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/06 14:12:02 | 001,626,112 | ---- | M] (BitDefender S. R. L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- (VSSERV)
SRV - [2008/11/10 03:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - [2012/06/05 13:08:18 | 000,146,312 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2012/06/01 23:48:19 | 000,223,440 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012/04/23 18:26:26 | 000,096,056 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/03/07 07:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 07:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 07:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 07:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 07:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 07:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/22 00:06:51 | 000,065,856 | ---- | M] (WinMount International Inc) [File_System | System | Running] -- C:\Windows\System32\drivers\WMDrive.sys -- (WMDrive)
DRV - [2012/01/05 06:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/07/22 11:28:26 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2010/09/27 19:58:36 | 000,106,880 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (mbbdatacard)
DRV - [2010/09/27 11:53:26 | 000,102,144 | ---- | M] (MBB Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_mbbusbdev.sys -- (ew_mbbusbdev)
DRV - [2010/07/13 17:56:36 | 000,065,640 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/11/27 16:51:02 | 009,794,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/15 19:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2009/09/03 10:16:14 | 000,021,256 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009/07/14 06:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 05:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/14 05:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink
DRV - [2009/06/27 04:25:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/04/06 16:44:58 | 000,266,376 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/01/12 12:27:58 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys -- (BDSelfPr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-06-03 13:29:25&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...4:23&sap=ku&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Administrator\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/02 15:00:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/02 15:00:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/06/03 13:29:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/03 13:41:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/19 22:51:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\IDM\idmmzcc5 [2012/05/20 17:36:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\IDM\idmmzcc5 [2012/05/20 17:36:45 | 000,000,000 | ---D | M]
[2012/02/23 18:16:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2012/06/03 13:10:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fmtdcq7g.default\extensions
[2012/03/06 19:21:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\fmtdcq7g.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/05/30 17:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/03 13:41:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/06/02 15:00:12 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/06/02 15:00:12 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2012/06/03 13:29:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.0.0.9\
[2012/06/02 15:04:35 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FMTDCQ7G.DEFAULT\EXTENSIONS\[email protected]
[2012/02/09 04:00:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/09 01:37:51 | 000,005,480 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\5giay.xml
[2012/06/03 13:29:17 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/09 01:37:51 | 000,001,937 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\baambootratuav.xml
[2012/02/09 01:37:51 | 000,003,220 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\muare.xml
[2012/02/09 01:37:51 | 000,001,296 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-vi.xml
[2012/02/09 01:37:51 | 000,002,435 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zing-mp3.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...fr&d=2012-06-03 13:29:25&v=11.0.0.9&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Administrator\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: AVG Safe Search = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: Skype Click to Call = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: AVG Do Not Track = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/05/20 17:36:42 | 000,001,205 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 www.registeridm.com
O1 - Hosts: 127.0.0.1 secure.registeridm.com
O1 - Hosts: 127.0.0.1 www.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 secure.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror2.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror3.internetdownloadmanager.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Thanh công cụ) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A6ADD5C-88AE-430F-A885-7FAEB28354B6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A6ADD5C-88AE-430F-A885-7FAEB28354B6}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C08805AF-6762-4657-BF31-62B5C4B5CF1F}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 04:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6fdf9a4c-a452-11e1-9fb8-00269e936751}\Shell - "" = AutoRun
O33 - MountPoints2\{6fdf9a4c-a452-11e1-9fb8-00269e936751}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6fdf9a5d-a452-11e1-9fb8-00269e936751}\Shell - "" = AutoRun
O33 - MountPoints2\{6fdf9a5d-a452-11e1-9fb8-00269e936751}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/04 22:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2009
[2012/06/04 22:37:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\BitDefender
[2012/06/04 22:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2012/06/04 22:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2012/06/04 22:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2012/06/04 22:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/04 22:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/04 22:25:36 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/04 22:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/03 20:26:37 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2012/06/03 20:26:37 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2012/06/03 13:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/06/03 13:42:24 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/06/03 13:42:24 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/06/03 13:42:16 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/06/03 13:42:10 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/06/03 13:42:06 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/06/03 13:42:05 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/06/03 13:40:57 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/06/03 13:40:57 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/06/03 13:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/06/03 13:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PlatinumHideIP
[2012/06/03 13:08:55 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PlatinumHideIP
[2012/06/03 13:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Platinum Hide IP
[2012/06/03 13:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\PlatinumHideIP
[2012/06/03 11:20:17 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2012/06/03 11:18:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2012/06/03 09:33:56 | 000,000,000 | --SD | C] -- C:\Users\Administrator\Documents\Passwords Database
[2012/06/03 03:43:22 | 000,000,000 | R--D | C] -- C:\Backup
[2012/06/03 02:36:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/06/03 02:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/06/02 15:28:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\AVG
[2012/06/02 15:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/06/02 15:05:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\AVG2012
[2012/06/02 15:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/06/02 00:44:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\AVG Secure Search
[2012/06/02 00:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/06/02 00:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/06/02 00:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/06/02 00:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/02 00:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2012/06/02 00:32:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/02 00:31:07 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/06/02 00:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/06/02 00:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/06/02 00:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/06/01 23:49:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TrueCrypt
[2012/06/01 23:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueCrypt
[2012/06/01 23:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2012/06/01 23:48:19 | 000,223,440 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2012/06/01 23:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2012/05/30 23:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr
[2012/05/23 04:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-com 3G
[2012/05/23 04:14:27 | 000,860,928 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012/05/23 04:14:27 | 000,208,896 | ---- | C] (MBB Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2012/05/23 04:14:27 | 000,106,880 | ---- | C] (MBB Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012/05/23 04:14:27 | 000,027,136 | ---- | C] (MBB Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012/05/23 04:14:27 | 000,011,648 | ---- | C] (MBB Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012/05/23 04:14:13 | 000,102,144 | ---- | C] (MBB Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_mbbusbdev.sys
[2012/05/23 04:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\D-com 3G
[2012/05/23 04:13:20 | 000,000,000 | ---D | C] -- C:\InstallC112
[2012/05/23 04:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2012/05/21 17:45:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Corel VideoStudio
[2012/05/21 17:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012/05/21 17:38:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\InstallShield
[2012/05/20 17:36:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\IDM
[2012/05/20 17:36:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/05/12 17:25:35 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/12 17:25:34 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/12 17:25:33 | 002,342,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/12 17:25:29 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/12 17:25:28 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/12 17:25:28 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/12 17:25:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/12 17:25:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
========== Files - Modified Within 30 Days ==========
[2012/06/06 23:11:00 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884192660-1188798769-3266166625-1000UA.job
[2012/06/06 23:01:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884192660-1188798769-3266166625-500UA.job
[2012/06/06 22:28:38 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/06 22:28:38 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/06 22:21:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/06 22:21:04 | 1606,369,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/06 12:38:12 | 000,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2012/06/05 14:11:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884192660-1188798769-3266166625-1000Core.job
[2012/06/05 13:08:18 | 000,146,312 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdfm.sys
[2012/06/05 12:35:43 | 000,000,850 | ---- | M] () -- C:\Windows\System32\ProductTweaks.xml
[2012/06/05 12:35:43 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2012/06/04 22:37:15 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Free Edition 2009.lnk
[2012/06/04 22:25:38 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/03 20:01:28 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/06/03 16:49:13 | 000,141,824 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 16:42:52 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/03 16:42:52 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/03 13:42:25 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/06/03 13:08:50 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Platinum Hide IP.lnk
[2012/06/03 03:43:25 | 000,017,408 | ---- | M] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2012/06/02 15:27:03 | 000,001,124 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/06/02 15:27:03 | 000,001,100 | ---- | M] () -- C:\Users\Administrator\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/02 15:06:26 | 000,034,814 | ---- | M] () -- C:\Users\Administrator\AppData\Local\dt.dat
[2012/06/02 15:04:39 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/01 23:48:28 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2012/06/01 23:48:19 | 000,223,440 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2012/06/01 07:01:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884192660-1188798769-3266166625-500Core.job
[2012/05/30 23:46:27 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Pixlr-o-matic.lnk
[2012/05/24 09:03:19 | 000,002,399 | ---- | M] () -- C:\Users\Administrator\Desktop\Google Chrome.lnk
[2012/05/23 04:14:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\D-com 3G.lnk
[2012/05/21 18:25:52 | 002,217,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/20 17:36:42 | 000,001,205 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/20 17:36:42 | 000,000,979 | ---- | M] () -- C:\Users\Administrator\Desktop\Internet Download Manager.lnk
========== Files Created - No Company Name ==========
[2012/06/05 13:08:46 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2012/06/05 12:35:43 | 000,000,850 | ---- | C] () -- C:\Windows\System32\ProductTweaks.xml
[2012/06/05 12:35:43 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2012/06/04 22:37:15 | 000,002,096 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Free Edition 2009.lnk
[2012/06/04 22:25:38 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/03 13:42:25 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/06/03 13:08:50 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Platinum Hide IP.lnk
[2012/06/03 03:43:23 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2012/06/02 15:27:03 | 000,001,124 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/06/02 15:27:03 | 000,001,100 | ---- | C] () -- C:\Users\Administrator\Desktop\AVG PC Tuneup 2011.lnk
[2012/06/02 15:06:26 | 000,034,814 | ---- | C] () -- C:\Users\Administrator\AppData\Local\dt.dat
[2012/06/02 15:04:39 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/01 23:48:28 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2012/05/23 04:14:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\D-com 3G.lnk
[2012/05/03 12:59:48 | 000,151,560 | ---- | C] () -- C:\Windows\System32\SARCheck.dll
[2012/02/23 18:16:45 | 000,141,824 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/16 14:31:25 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/02/16 14:31:24 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/02/16 14:31:24 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/02/16 14:31:24 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/02/16 14:31:24 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:905844AA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:661DFA1C
< End of report >