TechSpot

Google redirection

By Darbon
Aug 17, 2010
  1. Hello, it seems that everytime i search on google i will get re-directed. Well, most of the time anyway. It's also making my Firefox a bit buggy, like it will crash and everytime i click it will just say Not responding.

    If you could list me which logs to upload i will do it.

    I'd like to confirm that i have Avast! free antivirus, MBAM, SUPERAntiSpyware Free Edition, HJT and Comodo Firewall.

    Thanks.

    -Alex.
     

    Attached Files:

  2. crunchie

    crunchie Malware Helper Posts: 728

    Hi and welcome to TechSpot forums :).

    ====

    Please read the directions given here and when done, post the requested logs.
    Please do not attach the logs unless requested, or unless they are to large to paste.
     
  3. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    As for my GMER log, it's too large to attach and it's also too too large to post here?

    Thanks.

    -Alex.
     

    Attached Files:

  4. crunchie

    crunchie Malware Helper Posts: 728

    Try breaking the log over several posts.

    You need to disable one of your AV's or uninstall one altogether. More than one AV running will cause problems with your pc.

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  5. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    I don't think i have another AV. All i have is avast! free. If there are previous logs of AVG Free i actually deleted most of its files as it was vulnerable and wouldn't let me uninstall it.

    As for the gmer.log it has over 1 million characters inside the file, and i'm only allowed to post 20,000 at a time. So it would actually require me to post 55 times to show you the whole of my log, is their no other way i can show you it?

    I will post my OTR results in the next two posts.
     
  6. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    OTL logfile created on: 8/18/2010 9:40:36 AM - Run 1
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Alex\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 116.29 Gb Total Space | 18.29 Gb Free Space | 15.73% Space Free | Partition Type: NTFS
    Drive D: | 116.21 Gb Total Space | 94.03 Gb Free Space | 80.92% Space Free | Partition Type: NTFS
    Drive E: | 15.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: ALEX-TOSH
    Current User Name: Alex
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/08/18 09:39:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    PRC - [2010/08/02 16:29:34 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/07/31 23:43:17 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
    PRC - [2010/07/31 23:43:07 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
    PRC - [2010/07/31 23:43:06 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
    PRC - [2010/07/21 15:53:00 | 010,358,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
    PRC - [2010/07/19 18:50:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2010/06/28 21:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010/06/26 18:09:18 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
    PRC - [2010/06/10 21:18:20 | 000,019,760 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/03 13:45:42 | 000,012,592 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    PRC - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    PRC - [2010/06/01 19:00:40 | 002,039,240 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    PRC - [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    PRC - [2009/10/31 06:45:39 | 002,131,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/08/13 13:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
    PRC - [2009/08/12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
    PRC - [2009/08/10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFIWmxSvcs.exe
    PRC - [2009/08/06 16:02:56 | 001,050,000 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
    PRC - [2009/08/06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
    PRC - [2009/08/06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
    PRC - [2009/08/06 13:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
    PRC - [2009/08/05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    PRC - [2009/08/05 15:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
    PRC - [2009/08/05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
    PRC - [2009/08/03 18:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
    PRC - [2009/08/03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    PRC - [2009/07/29 09:19:44 | 000,163,840 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    PRC - [2009/07/28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
    PRC - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
    PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2009/07/13 16:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
    PRC - [2009/07/07 10:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\RSelect\RSelSvc.exe
    PRC - [2009/03/27 19:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
    PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/08/18 09:39:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    MOD - [2010/07/31 23:43:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    MOD - [2010/06/01 19:00:52 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
    MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
    MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/16 00:47:55 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2010/07/31 23:43:14 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
    SRV - [2010/07/31 23:43:08 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
    SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
     
  7. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    SRV - [2010/06/09 15:05:19 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2010/06/03 08:04:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2010/05/19 09:43:06 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
    SRV - [2010/02/24 02:55:00 | 003,506,124 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2009/08/10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
    SRV - [2009/08/06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
    SRV - [2009/08/05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV - [2009/08/03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
    SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
    SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2009/07/07 10:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
    SRV - [2009/05/22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/03/27 19:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
    SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
    SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\RtsUCcid.sys -- (USBCCID)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2010/07/31 23:43:17 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/31 23:43:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/06/28 21:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/06/04 11:55:48 | 000,224,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
    DRV - [2010/06/03 15:21:36 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/06/01 19:00:14 | 000,075,944 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
    DRV - [2010/06/01 19:00:14 | 000,030,112 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2010/05/31 11:46:50 | 000,267,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
    DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2010/05/27 17:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009/11/04 03:59:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
    DRV - [2009/08/13 09:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
    DRV - [2009/07/30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV - [2009/07/24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
    DRV - [2009/07/21 15:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2009/07/20 17:48:32 | 000,213,552 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP)
    DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
    DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
     
  8. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
    DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009/07/14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
    DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009/07/13 23:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
    DRV - [2009/07/13 23:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
    DRV - [2009/07/13 23:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
    DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/07/07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)
    DRV - [2009/06/24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2009/06/22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV - [2009/06/08 06:57:40 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009/06/05 03:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
    DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
    DRV - [2009/05/05 01:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
    DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2008/07/31 23:42:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
    DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
    DRV - [2007/10/19 09:50:50 | 000,024,320 | ---- | M] (Steganos GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapavpn.sys -- (tapavpn)
    DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
    DRV - [2006/03/27 16:03:42 | 000,023,552 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
    DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncdrv.sys -- (vncdrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.21.3
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..network.proxy.ftp: "87.248.226.210"
    FF - prefs.js..network.proxy.ftp_port: 3128
    FF - prefs.js..network.proxy.gopher: "87.248.226.210"
    FF - prefs.js..network.proxy.gopher_port: 3128
    FF - prefs.js..network.proxy.http: "87.248.226.210"
    FF - prefs.js..network.proxy.http_port: 3128
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.socks: "87.248.226.210"
    FF - prefs.js..network.proxy.socks_port: 3128
    FF - prefs.js..network.proxy.ssl: "87.248.226.210"
    FF - prefs.js..network.proxy.ssl_port: 3128
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 10:02:55 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/17 10:02:54 | 000,000,000 | ---D | M]

    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
    [2009/12/29 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
    [2010/03/01 22:51:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions
    [2010/03/01 22:51:48 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
    [2010/08/18 09:37:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions
    [2010/07/14 17:44:56 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
    [2010/08/09 15:52:02 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
    [2010/08/15 23:35:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/08/18 09:37:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/08/16 00:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\foxyproxy@eric.h.jung
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/08/02 16:29:37 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
    [2010/08/02 16:29:37 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
    [2010/08/02 16:29:38 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
    [2010/08/02 16:29:38 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2010/07/15 01:07:28 | 000,609,487 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 ad.a8.net
    O1 - Hosts: 127.0.0.1 asy.a8ww.net
    O1 - Hosts: 127.0.0.1 abcstats.com
    O1 - Hosts: 127.0.0.1 a.abv.bg
    O1 - Hosts: 127.0.0.1 adserver.abv.bg
    O1 - Hosts: 127.0.0.1 adv.abv.bg
    O1 - Hosts: 127.0.0.1 bimg.abv.bg
    O1 - Hosts: 127.0.0.1 ca.abv.bg
    O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
    O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
    O1 - Hosts: 127.0.0.1 accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 achmedia.com
    O1 - Hosts: 127.0.0.1 aconti.net
    O1 - Hosts: 127.0.0.1 secure.aconti.net
    O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
    O1 - Hosts: 127.0.0.1 ads.active.com
    O1 - Hosts: 127.0.0.1 am1.activemeter.com
    O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ads.activepower.net
    O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ad2games.com
    O1 - Hosts: 16077 more lines...
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [] File not found
     
  9. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
    O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation)
    O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2007/08/25 01:06:04 | 000,000,073 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2007/08/27 22:58:06 | 003,605,180 | R--- | M] (Macromedia, Inc.)
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/08/18 09:39:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    [2010/08/17 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
    [2010/08/17 10:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/08/17 10:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/08/17 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/08/17 09:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
    [2010/08/17 09:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SUPERAntiSpyware.com
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2010/08/17 09:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/08/17 09:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/08/17 09:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2010/08/17 09:38:31 | 005,470,720 | ---- | C] (Jeffrey Harris) -- C:\Users\Alex\Desktop\SharePod.exe
    [2010/08/16 01:49:17 | 000,000,000 | ---D | C] -- C:\Windows\W7SBC
    [2010/08/16 01:37:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
    [2010/08/16 01:37:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
    [2010/08/15 23:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2010/08/15 21:59:23 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
    [2010/08/15 21:33:01 | 000,000,000 | ---D | C] -- C:\ProjectGamma1
    [2010/08/15 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
    [2010/08/15 20:51:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/08/15 20:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/08/15 20:51:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/08/15 20:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/08/15 20:44:46 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2010/08/15 20:44:45 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2010/08/15 20:44:44 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2010/08/15 20:44:40 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2010/08/15 20:44:38 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2010/08/15 20:44:15 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2010/08/15 20:44:15 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
    [2010/08/15 18:50:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Windows Server
    [2010/08/15 16:53:15 | 000,000,000 | ---D | C] -- C:\.Menacescape_file_store_32
    [2010/08/15 13:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
    [2010/08/15 04:21:01 | 000,000,000 | ---D | C] -- C:\Windows\Sound
    [2010/08/14 22:45:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Screenshot Sender
    [2010/08/14 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\WMTools Downloaded Files
    [2010/08/14 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\VirtualDJ
    [2010/08/14 15:16:29 | 000,000,000 | ---D | C] -- C:\ijji
    [2010/08/14 15:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\ijji
    [2010/08/12 04:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\CLE
    [2010/08/12 00:27:37 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Tor
    [2010/08/11 22:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
    [2010/08/11 22:29:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
    [2010/08/11 22:28:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\uniblue
    [2010/08/11 22:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
    [2010/08/11 22:28:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
    [2010/08/09 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\AC Tool
    [2010/08/09 15:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVPN
    [2010/08/09 15:52:17 | 000,000,000 | -HSD | C] -- C:\Nsi.pending
    [2010/08/09 15:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
    [2010/08/09 14:44:20 | 000,749,920 | ---- | C] (WeOnlyDo Software) -- C:\Windows\System32\wodTunnel.ocx
    [2010/08/09 14:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
    [2010/08/07 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Netrex_Foundation
    [2010/08/07 20:36:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Geckofx
    [2010/08/07 16:27:03 | 000,000,000 | ---D | C] -- C:\.562_cache_32
    [2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Guild Wars
    [2010/08/07 15:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
    [2010/08/07 15:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Guild Wars
    [2010/08/07 13:00:03 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/08/04 21:28:19 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\vlc
    [2010/08/04 21:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2010/08/04 21:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
    [2010/08/04 21:15:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
    [2010/08/03 11:10:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\My Chat Logs
    [2010/08/03 00:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
    [2010/08/03 00:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
    [2010/08/03 00:56:07 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Visual Studio 2010
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
    [2010/08/03 00:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
    [2010/08/02 16:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2010/08/02 16:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
    [2010/08/01 09:16:50 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Bigasoft iPod Video Converter
    [2010/08/01 09:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bigasoft
    [2010/08/01 02:39:08 | 000,125,328 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\drivers\dne2000.sys
    [2010/08/01 02:39:08 | 000,106,768 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\dneinobj.dll
    [2010/08/01 02:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
    [2010/08/01 02:30:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Steganos VPN
    [2010/08/01 02:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Steganos Internet Anonym VPN
    [2010/07/31 23:43:16 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    [2010/07/15 19:52:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\skypePM
    [2010/07/15 19:51:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Skype
    [2010/07/15 19:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2010/07/15 19:50:28 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
    [2010/07/15 19:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
    [2010/07/15 12:55:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SharePod
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Songbird2
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Songbird2
    [2010/07/15 12:22:25 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\MediaMonkey
    [2010/07/15 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
    [2010/07/14 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2010/07/14 22:27:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/07/14 17:42:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
    [2010/07/14 17:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2010/07/14 17:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Freecorder 4
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\FLVService
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Windows\Freecorder
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder
    [2010/07/12 00:34:13 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Creative Software
    [2010/07/12 00:14:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\WNR
    [2010/07/11 23:16:28 | 000,000,000 | ---D | C] -- C:\Perl
    [2010/07/11 18:53:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DarKGunZ
    [2010/07/11 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 WAV WMA Converter
    [2010/07/11 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EvilGunZ
    [2010/07/11 11:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\EvilGunZ C8
    [2010/07/07 18:39:28 | 000,000,000 | ---D | C] -- C:\Downloads
    [2010/07/07 18:38:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\BitComet
    [2010/07/07 18:25:21 | 000,267,880 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
    [2010/07/07 18:25:21 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
    [2010/07/07 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\PCF-VLC
    [2010/07/07 17:49:53 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Participatory Culture Foundation
    [2010/07/07 17:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
    [2010/07/07 17:16:16 | 000,000,000 | ---D | C] -- C:\ATI
    [2010/07/07 16:56:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DriverGenius
    [2010/07/07 16:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010/06/26 19:51:45 | 000,000,000 | ---D | C] -- C:\AdobeTemp
    [2010/06/24 21:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
    [2010/06/24 21:07:17 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
    [2010/06/24 21:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
    [2010/06/24 21:06:44 | 000,000,000 | ---D | C] -- C:\Intel
    [2010/06/24 20:18:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Blitware
    [2010/06/24 20:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Robot
    [2010/06/20 10:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
     
  10. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    [2010/06/19 19:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/06/13 21:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
    [2010/06/13 21:12:53 | 000,000,000 | ---D | C] -- C:\AMD
    [2010/06/13 15:46:54 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Yahoo!
    [2010/06/13 15:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
    [2010/06/13 01:33:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\The Duel
    [2010/06/09 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EA SPORTS(TM) FIFA Online
    [2010/06/09 16:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
    [2010/06/09 15:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
    [2010/06/09 15:54:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
    [2010/06/07 23:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
    [2010/06/07 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
    [2010/06/07 23:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
    [2010/06/05 23:25:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Roxio
    [2010/06/05 23:23:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Research In Motion
    [2010/06/05 23:14:56 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\InstallShield
    DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
    DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009/07/14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
    DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009/07/13 23:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
    DRV - [2009/07/13 23:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
    DRV - [2009/07/13 23:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
    DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/07/07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)
    DRV - [2009/06/24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2009/06/22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV - [2009/06/08 06:57:40 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009/06/05 03:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
    DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
    DRV - [2009/05/05 01:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
    DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2008/07/31 23:42:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
    DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
    DRV - [2007/10/19 09:50:50 | 000,024,320 | ---- | M] (Steganos GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapavpn.sys -- (tapavpn)
    DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
    DRV - [2006/03/27 16:03:42 | 000,023,552 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
    DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncdrv.sys -- (vncdrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.21.3
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..network.proxy.ftp: "87.248.226.210"
    FF - prefs.js..network.proxy.ftp_port: 3128
    FF - prefs.js..network.proxy.gopher: "87.248.226.210"
    FF - prefs.js..network.proxy.gopher_port: 3128
    FF - prefs.js..network.proxy.http: "87.248.226.210"
    FF - prefs.js..network.proxy.http_port: 3128
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.socks: "87.248.226.210"
    FF - prefs.js..network.proxy.socks_port: 3128
    FF - prefs.js..network.proxy.ssl: "87.248.226.210"
    FF - prefs.js..network.proxy.ssl_port: 3128
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 10:02:55 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/17 10:02:54 | 000,000,000 | ---D | M]

    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
    [2009/12/29 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
    [2010/03/01 22:51:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions
    [2010/03/01 22:51:48 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
    [2010/08/18 09:37:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions
    [2010/07/14 17:44:56 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
    [2010/08/09 15:52:02 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
    [2010/08/15 23:35:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/08/18 09:37:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/08/16 00:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\foxyproxy@eric.h.jung
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/08/02 16:29:37 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
    [2010/08/02 16:29:37 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
    [2010/08/02 16:29:38 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
    [2010/08/02 16:29:38 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2010/07/15 01:07:28 | 000,609,487 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 ad.a8.net
    O1 - Hosts: 127.0.0.1 asy.a8ww.net
    O1 - Hosts: 127.0.0.1 abcstats.com
    O1 - Hosts: 127.0.0.1 a.abv.bg
    O1 - Hosts: 127.0.0.1 adserver.abv.bg
    O1 - Hosts: 127.0.0.1 adv.abv.bg
    O1 - Hosts: 127.0.0.1 bimg.abv.bg
    O1 - Hosts: 127.0.0.1 ca.abv.bg
    O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
    O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
    O1 - Hosts: 127.0.0.1 accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 achmedia.com
    O1 - Hosts: 127.0.0.1 aconti.net
    O1 - Hosts: 127.0.0.1 secure.aconti.net
    O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
    O1 - Hosts: 127.0.0.1 ads.active.com
    O1 - Hosts: 127.0.0.1 am1.activemeter.com
    O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ads.activepower.net
     
  11. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ad2games.com
    O1 - Hosts: 16077 more lines...
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
    O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation)
    O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2007/08/25 01:06:04 | 000,000,073 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2007/08/27 22:58:06 | 003,605,180 | R--- | M] (Macromedia, Inc.)
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/08/18 09:39:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    [2010/08/17 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
    [2010/08/17 10:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/08/17 10:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/08/17 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/08/17 09:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
    [2010/08/17 09:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SUPERAntiSpyware.com
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2010/08/17 09:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/08/17 09:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/08/17 09:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2010/08/17 09:38:31 | 005,470,720 | ---- | C] (Jeffrey Harris) -- C:\Users\Alex\Desktop\SharePod.exe
    [2010/08/16 01:49:17 | 000,000,000 | ---D | C] -- C:\Windows\W7SBC
    [2010/08/16 01:37:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
    [2010/08/16 01:37:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
    [2010/08/15 23:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2010/08/15 21:59:23 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
    [2010/08/15 21:33:01 | 000,000,000 | ---D | C] -- C:\ProjectGamma1
    [2010/08/15 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
    [2010/08/15 20:51:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/08/15 20:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/08/15 20:51:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/08/15 20:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/08/15 20:44:46 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2010/08/15 20:44:45 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2010/08/15 20:44:44 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2010/08/15 20:44:40 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2010/08/15 20:44:38 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2010/08/15 20:44:15 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2010/08/15 20:44:15 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
    [2010/08/15 18:50:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Windows Server
    [2010/08/15 16:53:15 | 000,000,000 | ---D | C] -- C:\.Menacescape_file_store_32
    [2010/08/15 13:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
    [2010/08/15 04:21:01 | 000,000,000 | ---D | C] -- C:\Windows\Sound
    [2010/08/14 22:45:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Screenshot Sender
    [2010/08/14 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\WMTools Downloaded Files
    [2010/08/14 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\VirtualDJ
    [2010/08/14 15:16:29 | 000,000,000 | ---D | C] -- C:\ijji
    [2010/08/14 15:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\ijji
    [2010/08/12 04:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\CLE
    [2010/08/12 00:27:37 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Tor
    [2010/08/11 22:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
    [2010/08/11 22:29:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
    [2010/08/11 22:28:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\uniblue
    [2010/08/11 22:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
    [2010/08/11 22:28:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
    [2010/08/09 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\AC Tool
    [2010/08/09 15:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVPN
    [2010/08/09 15:52:17 | 000,000,000 | -HSD | C] -- C:\Nsi.pending
    [2010/08/09 15:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
    [2010/08/09 14:44:20 | 000,749,920 | ---- | C] (WeOnlyDo Software) -- C:\Windows\System32\wodTunnel.ocx
    [2010/08/09 14:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
    [2010/08/07 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Netrex_Foundation
    [2010/08/07 20:36:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Geckofx
    [2010/08/07 16:27:03 | 000,000,000 | ---D | C] -- C:\.562_cache_32
    [2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Guild Wars
    [2010/08/07 15:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
    [2010/08/07 15:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Guild Wars
    [2010/08/07 13:00:03 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/08/04 21:28:19 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\vlc
    [2010/08/04 21:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2010/08/04 21:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
    [2010/08/04 21:15:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
    [2010/08/03 11:10:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\My Chat Logs
    [2010/08/03 00:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
    [2010/08/03 00:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
    [2010/08/03 00:56:07 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Visual Studio 2010
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
    [2010/08/03 00:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
    [2010/08/02 16:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2010/08/02 16:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
    [2010/08/01 09:16:50 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Bigasoft iPod Video Converter
    [2010/08/01 09:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bigasoft
    [2010/08/01 02:39:08 | 000,125,328 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\drivers\dne2000.sys
    [2010/08/01 02:39:08 | 000,106,768 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\dneinobj.dll
    [2010/08/01 02:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
    [2010/08/01 02:30:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Steganos VPN
    [2010/08/01 02:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Steganos Internet Anonym VPN
    [2010/07/31 23:43:16 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    [2010/07/15 19:52:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\skypePM
    [2010/07/15 19:51:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Skype
    [2010/07/15 19:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2010/07/15 19:50:28 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
    [2010/07/15 19:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
     
  12. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    [2010/07/15 12:55:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SharePod
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Songbird2
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Songbird2
    [2010/07/15 12:22:25 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\MediaMonkey
    [2010/07/15 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
    [2010/07/14 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2010/07/14 22:27:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/07/14 17:42:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
    [2010/07/14 17:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2010/07/14 17:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Freecorder 4
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\FLVService
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Windows\Freecorder
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder
    [2010/07/12 00:34:13 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Creative Software
    [2010/07/12 00:14:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\WNR
    [2010/07/11 23:16:28 | 000,000,000 | ---D | C] -- C:\Perl
    [2010/07/11 18:53:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DarKGunZ
    [2010/07/11 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 WAV WMA Converter
    [2010/07/11 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EvilGunZ
    [2010/07/11 11:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\EvilGunZ C8
    [2010/07/07 18:39:28 | 000,000,000 | ---D | C] -- C:\Downloads
    [2010/07/07 18:38:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\BitComet
    [2010/07/07 18:25:21 | 000,267,880 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
    [2010/07/07 18:25:21 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
    [2010/07/07 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\PCF-VLC
    [2010/07/07 17:49:53 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Participatory Culture Foundation
    [2010/07/07 17:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
    [2010/07/07 17:16:16 | 000,000,000 | ---D | C] -- C:\ATI
    [2010/07/07 16:56:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DriverGenius
    [2010/07/07 16:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010/06/26 19:51:45 | 000,000,000 | ---D | C] -- C:\AdobeTemp
    [2010/06/24 21:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
    [2010/06/24 21:07:17 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
    [2010/06/24 21:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
    [2010/06/24 21:06:44 | 000,000,000 | ---D | C] -- C:\Intel
    [2010/06/24 20:18:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Blitware
    [2010/06/24 20:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Robot
    [2010/06/20 10:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
    [2010/06/19 19:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/06/13 21:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
    [2010/06/13 21:12:53 | 000,000,000 | ---D | C] -- C:\AMD
    [2010/06/13 15:46:54 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Yahoo!
    [2010/06/13 15:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
    [2010/06/13 01:33:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\The Duel
    [2010/06/09 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EA SPORTS(TM) FIFA Online
    [2010/06/09 16:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
    [2010/06/09 15:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
    [2010/06/09 15:54:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
    [2010/06/07 23:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
    [2010/06/07 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
    [2010/06/07 23:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
    [2010/06/05 23:25:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Roxio
    [2010/06/05 23:23:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Research In Motion
    [2010/06/05 23:14:56 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\InstallShield
    [2010/06/05 23:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
    [2010/06/05 23:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
    [2010/06/05 23:13:48 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Programs
    [2010/06/05 23:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
    [2010/06/05 22:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
    [2010/06/05 22:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
    [2010/06/05 22:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
    [2010/06/03 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\DivX
    [2010/06/03 22:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
    [2010/06/03 22:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
    [2010/06/03 22:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
    [2010/06/03 22:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010/06/03 08:04:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
    [2010/05/29 16:31:39 | 000,006,016 | ---- | C] (RDV Soft) -- C:\Windows\System32\drivers\vnccom.SYS
    [2010/05/29 16:30:46 | 000,012,800 | ---- | C] (RDV Soft) -- C:\Windows\System32\vncdrv.dll
    [2010/05/29 16:30:46 | 000,005,760 | ---- | C] (RDV Soft) -- C:\Windows\System32\vnchelp.dll
    [2010/05/29 16:30:46 | 000,004,736 | ---- | C] (RDV Soft) -- C:\Windows\System32\drivers\vncdrv.sys
    [2010/05/29 14:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2010/05/27 17:59:54 | 000,376,832 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
    [2010/05/27 17:59:30 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
    [2010/05/27 17:58:32 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010/05/27 17:58:18 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010/05/27 17:58:10 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010/05/27 17:58:04 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010/05/27 17:57:58 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010/05/27 17:35:16 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010/05/23 12:04:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
    [2009/08/21 13:40:06 | 001,691,848 | ---- | C] (Stardock Corporation) -- C:\Users\Alex\AppData\Roaming\IconPackager.exe
    [2009/08/19 02:20:00 | 025,772,024 | ---- | C] (Stardock Corporation ) -- C:\Users\Alex\AppData\Roaming\iconpackager_setup.exe

    ========== Files - Modified Within 90 Days ==========

    [2010/08/18 09:44:28 | 005,767,168 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT
    [2010/08/18 09:39:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    [2010/08/18 09:38:50 | 000,778,150 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/08/18 09:38:50 | 000,664,100 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/08/18 09:38:50 | 000,124,804 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/08/18 09:29:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/08/18 09:29:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/08/18 09:29:36 | 2212,884,480 | -HS- | M] () -- C:\hiberfil.sys
    [2010/08/18 00:48:25 | 000,941,602 | -H-- | M] () -- C:\Users\Alex\AppData\Local\IconCache.db
    [2010/08/17 21:56:38 | 000,293,376 | ---- | M] () -- C:\Users\Alex\Desktop\yorrrlnp.exe
    [2010/08/17 21:25:54 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/08/17 21:25:54 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/08/17 10:06:49 | 000,002,459 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/08/17 09:59:12 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2010/08/17 09:53:09 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/08/16 01:23:20 | 000,000,288 | -H-- | M] () -- C:\Users\Alex\Desktop\phile.cfg
    [2010/08/15 22:40:24 | 000,000,099 | ---- | M] () -- C:\Users\Alex\jagex_runescape_preferences2.dat
    [2010/08/15 22:11:52 | 000,000,046 | ---- | M] () -- C:\Users\Alex\jagex_runescape_preferences.dat
    [2010/08/15 22:09:13 | 000,000,000 | ---- | M] () -- C:\Users\Alex\jagex__preferences3.dat
    [2010/08/15 20:51:19 | 000,000,964 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/08/15 20:44:46 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2010/08/15 20:44:38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2010/08/15 11:09:13 | 063,466,956 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
    [2010/08/15 11:03:17 | 003,750,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/08/15 02:18:01 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
    [2010/08/14 20:17:29 | 000,017,920 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/08/14 16:41:15 | 000,098,160 | ---- | M] () -- C:\Users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/08/11 22:29:35 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
    [2010/08/11 22:11:58 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF
    [2010/08/11 21:59:40 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
    [2010/08/07 15:32:27 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars.lnk
    [2010/08/07 14:49:35 | 000,000,132 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2010/08/02 16:32:46 | 000,001,595 | ---- | M] () -- C:\Users\Alex\Desktop\Photoshop.lnk
    [2010/08/01 09:14:44 | 000,001,107 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft iPod Video Converter.lnk
    [2010/07/31 23:43:17 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
    [2010/07/31 23:43:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    [2010/07/31 23:43:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/07/17 11:41:44 | 005,470,720 | ---- | M] (Jeffrey Harris) -- C:\Users\Alex\Desktop\SharePod.exe
    [2010/07/16 13:09:32 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/07/16 13:09:23 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
    [2010/07/15 19:52:18 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
    [2010/07/15 13:02:50 | 000,504,038 | -H-- | M] () -- C:\Users\Alex\Desktop\sqlite3.dll
    [2010/07/15 12:59:46 | 000,007,356 | -H-- | M] () -- C:\Users\Alex\Desktop\SharePodSettings.xml
    [2010/07/15 01:07:28 | 000,609,487 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
    [2010/07/14 22:18:13 | 000,002,503 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2010/07/14 17:42:30 | 000,001,876 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/07/14 17:42:30 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/07/14 16:40:35 | 000,000,069 | ---- | M] () -- C:\Windows\GunzLauncher.INI
    [2010/06/28 21:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
    [2010/06/28 21:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2010/06/28 21:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2010/06/24 20:57:28 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
    [2010/06/20 19:45:59 | 000,002,006 | ---- | M] () -- C:\Users\Alex\Desktop\HijackThis.lnk
    [2010/06/20 10:11:19 | 000,138,056 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
    [2010/06/20 10:11:03 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/06/17 23:19:39 | 000,000,485 | ---- | M] () -- C:\Windows\win.ini
    [2010/06/17 23:12:36 | 000,000,042 | ---- | M] () -- C:\Windows\.wb4
    [2010/06/13 15:46:45 | 000,001,798 | ---- | M] () -- C:\Users\Alex\Desktop\CCleaner.lnk
    [2010/06/13 01:32:52 | 000,000,033 | ---- | M] () -- C:\Windows\EvilGunZ_Launcher.INI
    [2010/06/09 16:25:43 | 007,027,254 | ---- | M] () -- C:\Windows\Invader1920.bmp
    [2010/06/09 15:55:29 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
    [2010/06/07 00:30:38 | 000,835,952 | ---- | M] () -- C:\Users\Alex\AppData\Local\rx_image.Cache
    [2010/06/07 00:30:38 | 000,042,160 | ---- | M] () -- C:\Users\Alex\AppData\Local\rx_audio.Cache
    [2010/06/03 15:21:36 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
    [2010/06/02 21:08:11 | 000,152,868 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
    [2010/05/31 11:46:50 | 000,267,880 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
    [2010/05/29 16:32:09 | 000,000,017 | ---- | M] () -- C:\Windows\System32\'
    [2010/05/27 18:03:08 | 000,057,480 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
    [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    [2010/05/27 17:58:32 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010/05/27 17:58:18 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010/05/27 17:58:10 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010/05/27 17:58:04 | 000,011,776 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010/05/27 17:57:58 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010/05/27 17:35:16 | 000,050,176 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
    [2010/05/27 17:31:14 | 000,534,960 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
    [2010/05/26 15:57:22 | 000,035,048 | ---- | M] () -- C:\Users\Alex\Start Orb (rings-thin).bmp

    ========== Files Created - No Company Name ==========

    [2010/08/17 21:54:09 | 000,293,376 | ---- | C] () -- C:\Users\Alex\Desktop\yorrrlnp.exe
    [2010/08/17 10:06:49 | 000,002,459 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/08/17 09:59:12 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2010/08/17 09:53:09 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/08/16 01:54:13 | 000,035,048 | ---- | C] () -- C:\Users\Alex\Start Orb (rings-thin).bmp
    [2010/08/16 01:23:20 | 000,000,288 | -H-- | C] () -- C:\Users\Alex\Desktop\phile.cfg
    [2010/08/15 22:09:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\jagex__preferences3.dat
    [2010/08/15 22:09:09 | 000,000,099 | ---- | C] () -- C:\Users\Alex\jagex_runescape_preferences2.dat
    [2010/08/15 20:51:19 | 000,000,964 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/08/15 20:44:46 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2010/08/12 23:51:15 | 000,000,046 | ---- | C] () -- C:\Users\Alex\jagex_runescape_preferences.dat
    [2010/08/11 22:29:35 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
    [2010/08/07 15:32:27 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars.lnk
    [2010/08/07 14:49:35 | 000,000,132 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2010/08/02 16:32:46 | 000,001,595 | ---- | C] () -- C:\Users\Alex\Desktop\Photoshop.lnk
    [2010/08/02 11:06:29 | 000,001,594 | ---- | C] () -- C:\Windows\VPNUnInstall.MIF
    [2010/08/01 09:14:44 | 000,001,107 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft iPod Video Converter.lnk
    [2010/08/01 02:39:36 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF
    [2010/07/15 19:52:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/07/15 13:02:50 | 000,504,038 | -H-- | C] () -- C:\Users\Alex\Desktop\sqlite3.dll
    [2010/07/15 12:59:46 | 000,007,356 | -H-- | C] () -- C:\Users\Alex\Desktop\SharePodSettings.xml
    [2010/07/14 17:42:30 | 000,001,876 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/07/14 17:42:30 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/07/11 18:53:05 | 000,000,069 | ---- | C] () -- C:\Windows\GunzLauncher.INI
    [2010/07/07 18:25:21 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2010/06/24 20:57:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2010/06/24 20:30:52 | 000,189,796 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
    [2010/06/24 20:30:52 | 000,001,112 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
     
  13. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
    [2010/06/24 20:30:52 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
    [2010/06/24 20:18:47 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\Driver Robot.job
    [2010/06/20 10:11:03 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/06/19 19:47:54 | 000,002,006 | ---- | C] () -- C:\Users\Alex\Desktop\HijackThis.lnk
    [2010/06/17 23:12:36 | 000,000,042 | ---- | C] () -- C:\Windows\.wb4
    [2010/06/13 01:32:52 | 000,000,033 | ---- | C] () -- C:\Windows\EvilGunZ_Launcher.INI
    [2010/06/09 17:24:03 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
    [2010/06/09 16:25:43 | 007,027,254 | ---- | C] () -- C:\Windows\Invader1920.bmp
    [2010/06/09 15:55:29 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
    [2010/06/07 00:30:32 | 000,835,952 | ---- | C] () -- C:\Users\Alex\AppData\Local\rx_image.Cache
    [2010/06/07 00:30:32 | 000,042,160 | ---- | C] () -- C:\Users\Alex\AppData\Local\rx_audio.Cache
    [2010/06/02 21:08:11 | 000,152,868 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2010/05/29 16:32:09 | 000,000,017 | ---- | C] () -- C:\Windows\System32\'
    [2010/05/29 14:39:17 | 000,002,503 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2010/05/27 18:03:08 | 000,057,480 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010/05/27 17:31:14 | 000,534,960 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010/05/17 09:13:47 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/05/17 09:13:47 | 000,138,056 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
    [2010/05/17 09:13:23 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
    [2010/05/13 22:16:04 | 000,000,600 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\winscp.rnd
    [2010/02/04 20:45:58 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
    [2010/01/10 00:11:06 | 000,017,920 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/11/19 18:08:38 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
    [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2008/02/01 13:55:10 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

    ========== LOP Check ==========

    [2010/04/06 11:25:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AVG9
    [2010/07/09 17:28:31 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BitComet
    [2010/06/24 20:18:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Blitware
    [2010/05/23 12:04:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
    [2009/12/25 12:57:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
    [2010/02/06 20:27:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\godzHell
    [2010/03/02 16:37:22 | 000,000,000 | -H-D | M] -- C:\Users\Alex\AppData\Roaming\ijjigame
    [2010/06/13 15:08:45 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LimeWire
    [2010/02/09 23:50:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mouse Recorder Pro
    [2010/06/03 20:54:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokia
    [2010/01/01 21:48:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokia Ovi Suite
    [2010/07/07 17:49:53 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Participatory Culture Foundation
    [2010/01/01 21:48:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Suite
    [2010/07/07 18:35:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PCF-VLC
    [2010/04/02 14:08:39 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PlayFirst
    [2010/06/05 23:23:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Research In Motion
    [2010/08/14 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Screenshot Sender
    [2010/07/15 12:55:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SharePod
    [2010/07/15 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Songbird2
    [2010/08/07 13:00:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/08/01 02:30:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Steganos VPN
    [2010/02/20 01:23:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
    [2010/05/17 21:42:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thinstall
    [2010/02/24 22:48:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TightVNC
    [2009/12/25 12:14:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Toshiba
    [2010/08/11 22:30:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uniblue
    [2010/08/16 09:17:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
    [2009/12/25 21:01:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WildTangent
    [2010/07/12 00:14:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WNR
    [2010/08/15 02:18:01 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
    [2010/08/16 00:53:04 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: AGP440.SYS >
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#1\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#2\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#3\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\Standard AHCI 1.0 Serial ATA Controller\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\Standard Dual Channel PCI IDE Controller\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

    < MD5 for: CNGAUDIT.DLL >
    [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
    [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

    < MD5 for: IASTORV.SYS >
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

    < MD5 for: NETLOGON.DLL >
    [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
    [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

    < MD5 for: NVSTOR.SYS >
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

    < MD5 for: SCECLI.DLL >
    [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
    [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/07/14 02:16:18 | 000,489,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll

    < %systemroot%\System32\config\*.sav >

    < End of report >
    SRV - [2010/06/09 15:05:19 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2010/06/03 08:04:41 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2010/05/19 09:43:06 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
    SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
    SRV - [2010/02/24 02:55:00 | 003,506,124 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2009/08/10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
    SRV - [2009/08/06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
    SRV - [2009/08/05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV - [2009/08/03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
    SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
    SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2009/07/07 10:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
    SRV - [2009/05/22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/03/27 19:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
    SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
    SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\RtsUCcid.sys -- (USBCCID)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2010/07/31 23:43:17 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
    DRV - [2010/07/31 23:43:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
    DRV - [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/06/28 21:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
     
  14. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/07/07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)
    DRV - [2009/06/24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2009/06/22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV - [2009/06/08 06:57:40 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
    DRV - [2009/06/05 03:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
    DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
    DRV - [2009/05/05 01:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
    DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2008/07/31 23:42:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
    DRV - [2008/03/29 17:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
    DRV - [2007/10/19 09:50:50 | 000,024,320 | ---- | M] (Steganos GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapavpn.sys -- (tapavpn)
    DRV - [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
    DRV - [2006/03/27 16:03:42 | 000,023,552 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
    DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncdrv.sys -- (vncdrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
    FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.21.3
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..network.proxy.ftp: "87.248.226.210"
    FF - prefs.js..network.proxy.ftp_port: 3128
    FF - prefs.js..network.proxy.gopher: "87.248.226.210"
    FF - prefs.js..network.proxy.gopher_port: 3128
    FF - prefs.js..network.proxy.http: "87.248.226.210"
    FF - prefs.js..network.proxy.http_port: 3128
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.socks: "87.248.226.210"
    FF - prefs.js..network.proxy.socks_port: 3128
    FF - prefs.js..network.proxy.ssl: "87.248.226.210"
    FF - prefs.js..network.proxy.ssl_port: 3128
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/17 10:02:55 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/17 10:02:54 | 000,000,000 | ---D | M]

    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
    [2009/12/29 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/07/15 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
    [2010/03/01 22:51:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions
    [2010/03/01 22:51:48 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
    [2010/08/18 09:37:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions
    [2010/07/14 17:44:56 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
    [2010/08/09 15:52:02 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
    [2010/08/15 23:35:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/08/18 09:37:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/08/16 00:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\wfnmfo78.default\extensions\foxyproxy@eric.h.jung
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/08/17 09:49:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2010/08/02 16:29:37 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
    [2010/08/02 16:29:37 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
    [2010/08/02 16:29:38 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
    [2010/08/02 16:29:38 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2010/07/15 01:07:28 | 000,609,487 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
    O1 - Hosts: 127.0.0.1 ad.a8.net
    O1 - Hosts: 127.0.0.1 asy.a8ww.net
    O1 - Hosts: 127.0.0.1 abcstats.com
    O1 - Hosts: 127.0.0.1 a.abv.bg
    O1 - Hosts: 127.0.0.1 adserver.abv.bg
    O1 - Hosts: 127.0.0.1 adv.abv.bg
    O1 - Hosts: 127.0.0.1 bimg.abv.bg
    O1 - Hosts: 127.0.0.1 ca.abv.bg
    O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
    O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
    O1 - Hosts: 127.0.0.1 accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
    O1 - Hosts: 127.0.0.1 achmedia.com
    O1 - Hosts: 127.0.0.1 aconti.net
    O1 - Hosts: 127.0.0.1 secure.aconti.net
    O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
    O1 - Hosts: 127.0.0.1 ads.active.com
    O1 - Hosts: 127.0.0.1 am1.activemeter.com
    O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ads.activepower.net
    O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
    O1 - Hosts: 127.0.0.1 ad2games.com
    O1 - Hosts: 16077 more lines...
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFree.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterSt
     
  15. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    DRV - [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/06/04 11:55:48 | 000,224,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
    DRV - [2010/06/03 15:21:36 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
    DRV - [2010/06/01 19:00:14 | 000,075,944 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
    DRV - [2010/06/01 19:00:14 | 000,030,112 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2010/05/31 11:46:50 | 000,267,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
    DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010/05/27 18:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2010/05/27 17:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009/11/04 03:59:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
    DRV - [2009/08/13 09:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
    DRV - [2009/07/30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV - [2009/07/24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
    DRV - [2009/07/21 15:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2009/07/20 17:48:32 | 000,213,552 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP)
    DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
    DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
    DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009/07/14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
    DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
    DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009/07/13 23:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
    DRV - [2009/07/13 23:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
    DRV - [2009/07/13 23:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Deman
     
  16. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    d | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
    artupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
    O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
    O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation)
    O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2007/08/25 01:06:04 | 000,000,073 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{9b453445-d52a-11de-b082-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2007/08/27 22:58:06 | 003,605,180 | R--- | M] (Macromedia, Inc.)
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/08/18 09:39:18 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    [2010/08/17 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
    [2010/08/17 10:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/08/17 10:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/08/17 10:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/08/17 09:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
    [2010/08/17 09:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SUPERAntiSpyware.com
    [2010/08/17 09:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2010/08/17 09:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/08/17 09:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/08/17 09:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2010/08/17 09:38:31 | 005,470,720 | ---- | C] (Jeffrey Harris) -- C:\Users\Alex\Desktop\SharePod.exe
    [2010/08/16 01:49:17 | 000,000,000 | ---D | C] -- C:\Windows\W7SBC
    [2010/08/16 01:37:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
    [2010/08/16 01:37:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
    [2010/08/15 23:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2010/08/15 21:59:23 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
    [2010/08/15 21:33:01 | 000,000,000 | ---D | C] -- C:\ProjectGamma1
    [2010/08/15 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
    [2010/08/15 20:51:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/08/15 20:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/08/15 20:51:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/08/15 20:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/08/15 20:44:46 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2010/08/15 20:44:45 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2010/08/15 20:44:44 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2010/08/15 20:44:40 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2010/08/15 20:44:38 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2010/08/15 20:44:15 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2010/08/15 20:44:15 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
    [2010/08/15 19:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
    [2010/08/15 18:50:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Windows Server
    [2010/08/15 16:53:15 | 000,000,000 | ---D | C] -- C:\.Menacescape_file_store_32
    [2010/08/15 13:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
    [2010/08/15 04:21:01 | 000,000,000 | ---D | C] -- C:\Windows\Sound
    [2010/08/14 22:45:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Screenshot Sender
    [2010/08/14 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\WMTools Downloaded Files
    [2010/08/14 17:36:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\VirtualDJ
    [2010/08/14 15:16:29 | 000,000,000 | ---D | C] -- C:\ijji
    [2010/08/14 15:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\ijji
    [2010/08/12 04:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\CLE
    [2010/08/12 00:27:37 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Tor
    [2010/08/11 22:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
    [2010/08/11 22:29:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
    [2010/08/11 22:28:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\uniblue
    [2010/08/11 22:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
    [2010/08/11 22:28:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
    [2010/08/09 16:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\AC Tool
    [2010/08/09 15:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVPN
    [2010/08/09 15:52:17 | 000,000,000 | -HSD | C] -- C:\Nsi.pending
    [2010/08/09 15:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
    [2010/08/09 14:44:20 | 000,749,920 | ---- | C] (WeOnlyDo Software) -- C:\Windows\System32\wodTunnel.ocx
    [2010/08/09 14:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
    [2010/08/07 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Netrex_Foundation
     
  17. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    [2010/08/07 20:36:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Geckofx
    [2010/08/07 16:27:03 | 000,000,000 | ---D | C] -- C:\.562_cache_32
    [2010/08/07 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Guild Wars
    [2010/08/07 15:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
    [2010/08/07 15:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Guild Wars
    [2010/08/07 13:00:03 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/08/04 21:28:19 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\vlc
    [2010/08/04 21:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
    [2010/08/04 21:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
    [2010/08/04 21:15:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
    [2010/08/03 11:10:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\My Chat Logs
    [2010/08/03 00:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
    [2010/08/03 00:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
    [2010/08/03 00:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
    [2010/08/03 00:56:07 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Visual Studio 2010
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
    [2010/08/03 00:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
    [2010/08/03 00:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
    [2010/08/02 16:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2010/08/02 16:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
    [2010/08/01 09:16:50 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Bigasoft iPod Video Converter
    [2010/08/01 09:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bigasoft
    [2010/08/01 02:39:08 | 000,125,328 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\drivers\dne2000.sys
    [2010/08/01 02:39:08 | 000,106,768 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\System32\dneinobj.dll
    [2010/08/01 02:38:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
    [2010/08/01 02:30:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Steganos VPN
    [2010/08/01 02:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Steganos Internet Anonym VPN
    [2010/07/31 23:43:16 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    [2010/07/15 19:52:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\skypePM
    [2010/07/15 19:51:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Skype
    [2010/07/15 19:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
    [2010/07/15 19:50:28 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
    [2010/07/15 19:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
    [2010/07/15 12:55:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SharePod
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Songbird2
    [2010/07/15 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Songbird2
    [2010/07/15 12:22:25 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\MediaMonkey
    [2010/07/15 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
    [2010/07/14 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2010/07/14 22:27:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/07/14 17:42:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
    [2010/07/14 17:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2010/07/14 17:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Freecorder 4
    [2010/07/14 17:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\FLVService
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Windows\Freecorder
    [2010/07/14 17:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Freecorder
    [2010/07/12 00:34:13 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Creative Software
    [2010/07/12 00:14:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\WNR
    [2010/07/11 23:16:28 | 000,000,000 | ---D | C] -- C:\Perl
    [2010/07/11 18:53:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DarKGunZ
    [2010/07/11 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\MP3 WAV WMA Converter
    [2010/07/11 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EvilGunZ
    [2010/07/11 11:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\EvilGunZ C8
    [2010/07/07 18:39:28 | 000,000,000 | ---D | C] -- C:\Downloads
    [2010/07/07 18:38:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\BitComet
    [2010/07/07 18:25:21 | 000,267,880 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
    [2010/07/07 18:25:21 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
    [2010/07/07 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\PCF-VLC
    [2010/07/07 17:49:53 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Participatory Culture Foundation
    [2010/07/07 17:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
    [2010/07/07 17:16:16 | 000,000,000 | ---D | C] -- C:\ATI
    [2010/07/07 16:56:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\DriverGenius
    [2010/07/07 16:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
    [2010/06/26 19:51:45 | 000,000,000 | ---D | C] -- C:\AdobeTemp
    [2010/06/24 21:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
    [2010/06/24 21:07:17 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
    [2010/06/24 21:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
    [2010/06/24 21:06:44 | 000,000,000 | ---D | C] -- C:\Intel
    [2010/06/24 20:18:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Blitware
    [2010/06/24 20:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Robot
    [2010/06/20 10:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
    [2010/06/19 19:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/06/13 21:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
    [2010/06/13 21:12:53 | 000,000,000 | ---D | C] -- C:\AMD
    [2010/06/13 15:46:54 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Yahoo!
    [2010/06/13 15:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
    [2010/06/13 01:33:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\The Duel
    [2010/06/09 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\EA SPORTS(TM) FIFA Online
    [2010/06/09 16:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
    [2010/06/09 15:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
    [2010/06/09 15:54:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
    [2010/06/07 23:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
    [2010/06/07 23:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
    [2010/06/07 23:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
    [2010/06/05 23:25:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Roxio
    [2010/06/05 23:23:36 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Research In Motion
    [2010/06/05 23:14:56 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\InstallShield
    [2010/06/05 23:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
    [2010/06/05 23:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
    [2010/06/05 23:13:48 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Programs
    [2010/06/05 23:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
    [2010/06/05 22:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
    [2010/06/05 22:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
    [2010/06/05 22:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
    [2010/06/03 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\DivX
    [2010/06/03 22:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
    [2010/06/03 22:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
    [2010/06/03 22:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
    [2010/06/03 22:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010/06/03 08:04:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
    [2010/05/29 16:31:39 | 000,006,016 | ---- | C] (RDV Soft) -- C:\Windows\System32\drivers\vnccom.SYS
    [2010/05/29 16:30:46 | 000,012,800 | ---- | C] (RDV Soft) -- C:\Windows\System32\vncdrv.dll
    [2010/05/29 16:30:46 | 000,005,760 | ---- | C] (RDV Soft) -- C:\Windows\System32\vnchelp.dll
    [2010/05/29 16:30:46 | 000,004,736 | ---- | C] (RDV Soft) -- C:\Windows\System32\drivers\vncdrv.sys
    [2010/05/29 14:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2010/05/27 17:59:54 | 000,376,832 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
    [2010/05/27 17:59:30 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
    [2010/05/27 17:58:32 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010/05/27 17:58:18 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010/05/27 17:58:10 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010/05/27 17:58:04 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010/05/27 17:57:58 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010/05/27 17:35:16 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
    [2010/05/23 12:04:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
    [2009/08/21 13:40:06 | 001,691,848 | ---- | C] (Stardock Corporation) -- C:\Users\Alex\AppData\Roaming\IconPackager.exe
    [2009/08/19 02:20:00 | 025,772,024 | ---- | C] (Stardock Corporation ) -- C:\Users\Alex\AppData\Roaming\iconpackager_setup.exe
     
  18. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    ========== Files - Modified Within 90 Days ==========

    [2010/08/18 09:44:28 | 005,767,168 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT
    [2010/08/18 09:39:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
    [2010/08/18 09:38:50 | 000,778,150 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/08/18 09:38:50 | 000,664,100 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/08/18 09:38:50 | 000,124,804 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/08/18 09:29:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/08/18 09:29:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/08/18 09:29:36 | 2212,884,480 | -HS- | M] () -- C:\hiberfil.sys
    [2010/08/18 00:48:25 | 000,941,602 | -H-- | M] () -- C:\Users\Alex\AppData\Local\IconCache.db
    [2010/08/17 21:56:38 | 000,293,376 | ---- | M] () -- C:\Users\Alex\Desktop\yorrrlnp.exe
    [2010/08/17 21:25:54 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/08/17 21:25:54 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/08/17 10:06:49 | 000,002,459 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/08/17 09:59:12 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2010/08/17 09:53:09 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/08/16 01:23:20 | 000,000,288 | -H-- | M] () -- C:\Users\Alex\Desktop\phile.cfg
    [2010/08/15 22:40:24 | 000,000,099 | ---- | M] () -- C:\Users\Alex\jagex_runescape_preferences2.dat
    [2010/08/15 22:11:52 | 000,000,046 | ---- | M] () -- C:\Users\Alex\jagex_runescape_preferences.dat
    [2010/08/15 22:09:13 | 000,000,000 | ---- | M] () -- C:\Users\Alex\jagex__preferences3.dat
    [2010/08/15 20:51:19 | 000,000,964 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/08/15 20:44:46 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2010/08/15 20:44:38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2010/08/15 11:09:13 | 063,466,956 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
    [2010/08/15 11:03:17 | 003,750,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/08/15 02:18:01 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
    [2010/08/14 20:17:29 | 000,017,920 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/08/14 16:41:15 | 000,098,160 | ---- | M] () -- C:\Users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/08/11 22:29:35 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
    [2010/08/11 22:11:58 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF
    [2010/08/11 21:59:40 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
    [2010/08/07 15:32:27 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars.lnk
    [2010/08/07 14:49:35 | 000,000,132 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2010/08/02 16:32:46 | 000,001,595 | ---- | M] () -- C:\Users\Alex\Desktop\Photoshop.lnk
    [2010/08/01 09:14:44 | 000,001,107 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft iPod Video Converter.lnk
    [2010/07/31 23:43:17 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
    [2010/07/31 23:43:16 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
    [2010/07/31 23:43:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
    [2010/07/17 11:41:44 | 005,470,720 | ---- | M] (Jeffrey Harris) -- C:\Users\Alex\Desktop\SharePod.exe
    [2010/07/16 13:09:32 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/07/16 13:09:23 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
    [2010/07/15 19:52:18 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
    [2010/07/15 13:02:50 | 000,504,038 | -H-- | M] () -- C:\Users\Alex\Desktop\sqlite3.dll
    [2010/07/15 12:59:46 | 000,007,356 | -H-- | M] () -- C:\Users\Alex\Desktop\SharePodSettings.xml
    [2010/07/15 01:07:28 | 000,609,487 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
    [2010/07/14 22:18:13 | 000,002,503 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2010/07/14 17:42:30 | 000,001,876 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/07/14 17:42:30 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/07/14 16:40:35 | 000,000,069 | ---- | M] () -- C:\Windows\GunzLauncher.INI
    [2010/06/28 21:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
    [2010/06/28 21:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2010/06/28 21:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2010/06/24 20:57:28 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
    [2010/06/20 19:45:59 | 000,002,006 | ---- | M] () -- C:\Users\Alex\Desktop\HijackThis.lnk
    [2010/06/20 10:11:19 | 000,138,056 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
    [2010/06/20 10:11:03 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/06/17 23:19:39 | 000,000,485 | ---- | M] () -- C:\Windows\win.ini
    [2010/06/17 23:12:36 | 000,000,042 | ---- | M] () -- C:\Windows\.wb4
    [2010/06/13 15:46:45 | 000,001,798 | ---- | M] () -- C:\Users\Alex\Desktop\CCleaner.lnk
    [2010/06/13 01:32:52 | 000,000,033 | ---- | M] () -- C:\Windows\EvilGunZ_Launcher.INI
    [2010/06/09 16:25:43 | 007,027,254 | ---- | M] () -- C:\Windows\Invader1920.bmp
    [2010/06/09 15:55:29 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
    [2010/06/07 00:30:38 | 000,835,952 | ---- | M] () -- C:\Users\Alex\AppData\Local\rx_image.Cache
    [2010/06/07 00:30:38 | 000,042,160 | ---- | M] () -- C:\Users\Alex\AppData\Local\rx_audio.Cache
    [2010/06/03 15:21:36 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
    [2010/06/02 21:08:11 | 000,152,868 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
    [2010/05/31 11:46:50 | 000,267,880 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
    [2010/05/29 16:32:09 | 000,000,017 | ---- | M] () -- C:\Windows\System32\'
    [2010/05/27 18:03:08 | 000,057,480 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
    [2010/05/27 17:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    [2010/05/27 17:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    [2010/05/27 17:58:32 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
    [2010/05/27 17:58:18 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
    [2010/05/27 17:58:10 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
    [2010/05/27 17:58:04 | 000,011,776 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
    [2010/05/27 17:57:58 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
    [2010/05/27 17:35:16 | 000,050,176 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
    [2010/05/27 17:31:14 | 000,534,960 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
    [2010/05/26 15:57:22 | 000,035,048 | ---- | M] () -- C:\Users\Alex\Start Orb (rings-thin).bmp

    ========== Files Created - No Company Name ==========

    [2010/08/17 21:54:09 | 000,293,376 | ---- | C] () -- C:\Users\Alex\Desktop\yorrrlnp.exe
    [2010/08/17 10:06:49 | 000,002,459 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/08/17 09:59:12 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2010/08/17 09:53:09 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/08/16 01:54:13 | 000,035,048 | ---- | C] () -- C:\Users\Alex\Start Orb (rings-thin).bmp
    [2010/08/16 01:23:20 | 000,000,288 | -H-- | C] () -- C:\Users\Alex\Desktop\phile.cfg
    [2010/08/15 22:09:13 | 000,000,000 | ---- | C] () -- C:\Users\Alex\jagex__preferences3.dat
    [2010/08/15 22:09:09 | 000,000,099 | ---- | C] () -- C:\Users\Alex\jagex_runescape_preferences2.dat
    [2010/08/15 20:51:19 | 000,000,964 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/08/15 20:44:46 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2010/08/12 23:51:15 | 000,000,046 | ---- | C] () -- C:\Users\Alex\jagex_runescape_preferences.dat
    [2010/08/11 22:29:35 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
    [2010/08/07 15:32:27 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars.lnk
    [2010/08/07 14:49:35 | 000,000,132 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2010/08/02 16:32:46 | 000,001,595 | ---- | C] () -- C:\Users\Alex\Desktop\Photoshop.lnk
    [2010/08/02 11:06:29 | 000,001,594 | ---- | C] () -- C:\Windows\VPNUnInstall.MIF
    [2010/08/01 09:14:44 | 000,001,107 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Bigasoft iPod Video Converter.lnk
    [2010/08/01 02:39:36 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF
    [2010/07/15 19:52:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/07/15 13:02:50 | 000,504,038 | -H-- | C] () -- C:\Users\Alex\Desktop\sqlite3.dll
    [2010/07/15 12:59:46 | 000,007,356 | -H-- | C] () -- C:\Users\Alex\Desktop\SharePodSettings.xml
    [2010/07/14 17:42:30 | 000,001,876 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/07/14 17:42:30 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/07/11 18:53:05 | 000,000,069 | ---- | C] () -- C:\Windows\GunzLauncher.INI
    [2010/07/07 18:25:21 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2010/06/24 20:57:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2010/06/24 20:30:52 | 000,189,796 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
    [2010/06/24 20:30:52 | 000,001,112 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
    [2010/06/24 20:30:52 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
    [2010/06/24 20:30:52 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
    [2010/06/24 20:18:47 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\Driver Robot.job
    [2010/06/20 10:11:03 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/06/19 19:47:54 | 000,002,006 | ---- | C] () -- C:\Users\Alex\Desktop\HijackThis.lnk
    [2010/06/17 23:12:36 | 000,000,042 | ---- | C] () -- C:\Windows\.wb4
    [2010/06/13 01:32:52 | 000,000,033 | ---- | C] () -- C:\Windows\EvilGunZ_Launcher.INI
    [2010/06/09 17:24:03 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
    [2010/06/09 16:25:43 | 007,027,254 | ---- | C] () -- C:\Windows\Invader1920.bmp
    [2010/06/09 15:55:29 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
    [2010/06/07 00:30:32 | 000,835,952 | ---- | C] () -- C:\Users\Alex\AppData\Local\rx_image.Cache
    [2010/06/07 00:30:32 | 000,042,160 | ---- | C] () -- C:\Users\Alex\AppData\Local\rx_audio.Cache
    [2010/06/02 21:08:11 | 000,152,868 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2010/05/29 16:32:09 | 000,000,017 | ---- | C] () -- C:\Windows\System32\'
    [2010/05/29 14:39:17 | 000,002,503 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2010/05/27 18:03:08 | 000,057,480 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
    [2010/05/27 17:31:14 | 000,534,960 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
    [2010/05/17 09:13:47 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/05/17 09:13:47 | 000,138,056 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
    [2010/05/17 09:13:23 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
    [2010/05/13 22:16:04 | 000,000,600 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\winscp.rnd
    [2010/02/04 20:45:58 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
    [2010/01/10 00:11:06 | 000,017,920 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/11/19 18:08:38 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
    [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2008/02/01 13:55:10 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

    ========== LOP Check ==========

    [2010/04/06 11:25:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AVG9
    [2010/07/09 17:28:31 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BitComet
    [2010/06/24 20:18:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Blitware
    [2010/05/23 12:04:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
    [2009/12/25 12:57:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
    [2010/02/06 20:27:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\godzHell
    [2010/03/02 16:37:22 | 000,000,000 | -H-D | M] -- C:\Users\Alex\AppData\Roaming\ijjigame
    [2010/06/13 15:08:45 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LimeWire
    [2010/02/09 23:50:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mouse Recorder Pro
    [2010/06/03 20:54:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokia
    [2010/01/01 21:48:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nokia Ovi Suite
    [2010/07/07 17:49:53 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Participatory Culture Foundation
    [2010/01/01 21:48:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Suite
    [2010/07/07 18:35:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PCF-VLC
    [2010/04/02 14:08:39 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PlayFirst
    [2010/06/05 23:23:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Research In Motion
    [2010/08/14 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Screenshot Sender
    [2010/07/15 12:55:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SharePod
     
  19. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    [2010/07/15 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Songbird2
    [2010/08/07 13:00:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/08/01 02:30:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Steganos VPN
    [2010/02/20 01:23:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
    [2010/05/17 21:42:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thinstall
    [2010/02/24 22:48:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TightVNC
    [2009/12/25 12:14:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Toshiba
    [2010/08/11 22:30:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uniblue
    [2010/08/16 09:17:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
    [2009/12/25 21:01:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WildTangent
    [2010/07/12 00:14:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WNR
    [2010/08/15 02:18:01 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
    [2010/08/16 00:53:04 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: AGP440.SYS >
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
    [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#1\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#2\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel#3\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\IDE Channel\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\Standard AHCI 1.0 Serial ATA Controller\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Alex\My Documents\DriverGenius\Backup\Driver Backup 7-7-2010-17714\Standard Dual Channel PCI IDE Controller\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
    [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

    < MD5 for: CNGAUDIT.DLL >
    [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
    [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

    < MD5 for: IASTORV.SYS >
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
    [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

    < MD5 for: NETLOGON.DLL >
    [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
    [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

    < MD5 for: NVSTOR.SYS >
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
    [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

    < MD5 for: SCECLI.DLL >
    [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
    [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/07/14 02:16:18 | 000,489,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll

    < %systemroot%\System32\config\*.sav >

    < End of report >
     
  20. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    OTL Extras logfile created on: 8/18/2010 9:40:36 AM - Run 1
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Alex\Desktop
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
    5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 116.29 Gb Total Space | 18.29 Gb Free Space | 15.73% Space Free | Partition Type: NTFS
    Drive D: | 116.21 Gb Total Space | 94.03 Gb Free Space | 80.92% Space Free | Partition Type: NTFS
    Drive E: | 15.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: ALEX-TOSH
    Current User Name: Alex
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    jsfile [open] -- Reg Error: Key error.
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Key error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DefaultOutboundAction" = 0
    "DefaultInboundAction" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
    "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
    "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1E47EF59-E939-A9F1-D29B-0B3FC952A0AF}" = Catalyst Control Center Localization All
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
    "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{453E989A-CD2B-1562-01FD-0C8F3E23A2AD}" = ccc-core-static
    "{46245945-5865-46dc-8200-376F3A90D88E}_is1" = Bigasoft iPod Video Converter 2.2.0.3848
    "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
    "{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
     
  21. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
    "{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{AB7ED389-33A8-B46A-4A8A-F685EF451A5C}" = Catalyst Control Center Graphics Previews Vista
    "{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
    "{B2F3FB19-D848-479C-818E-130ABC9366DB}" = BlackBerry Device Software Updater
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
    "{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
    "{B9C11A0C-C3FF-FCB2-1BFA-B30400FAFF96}" = Catalyst Control Center InstallProxy
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
    "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D8E58628-B032-A478-5262-084DA4C16006}" = ccc-utility
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
    "{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F68D9C4D-DC60-D021-8B2D-CD14E6BD43EA}" = CCC Help English
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FB1F2BF7-AB8C-8467-4F42-81C410805C91}" = ATI Catalyst Install Manager
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "avast5" = avast! Free Antivirus
    "BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
    "CCleaner" = CCleaner
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "DivX Setup.divx.com" = DivX Setup
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6
    "Freecorder Toolbar" = Freecorder Toolbar
    "Freecorder4.01" = Freecorder 4.01 Application
    "Guild Wars" = Guild Wars
    "HijackThis" = HijackThis 2.0.2
    "IconPackager" = IconPackager
    "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
    "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
    "Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
    "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
    "PunkBusterSvc" = PunkBuster Services
    "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
    "Steam App 10540" = Football Manager 2009
    "Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
    "Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
    "Uninstall_is1" = Uninstall 1.0.0.1
    "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
    "VLC media player" = VLC media player 1.1.2
    "WinRAR archiver" = WinRAR archiver

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "EvilGunZ C8" = EvilGunZ C8
    "Hydrascape" = Hydrascape

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/15/2010 1:50:53 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 4196

    Error - 8/15/2010 1:50:54 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/15/2010 1:50:54 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 5195

    Error - 8/15/2010 1:50:54 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 5195

    Error - 8/15/2010 1:50:55 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second
     
  22. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    Error - 8/15/2010 1:50:55 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 6490

    Error - 8/15/2010 1:50:55 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 6490

    Error - 8/15/2010 1:51:10 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 8/15/2010 1:51:10 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 21450

    Error - 8/15/2010 1:51:10 PM | Computer Name = Alex-TOSH | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 21450

    [ System Events ]
    Error - 8/16/2010 4:26:52 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7011
    Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
    response from the Browser service.

    Error - 8/16/2010 4:28:08 AM | Computer Name = Alex-TOSH | Source = WMPNetworkSvc | ID = 866300
    Description =

    Error - 8/16/2010 10:54:54 AM | Computer Name = Alex-TOSH | Source = Application Popup | ID = 875
    Description = Driver tap0801.sys has been blocked from loading.

    Error - 8/16/2010 10:55:17 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7024
    Description = The AVG Free WatchDog service terminated with service-specific error
    %%-536805315.

    Error - 8/16/2010 10:55:49 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
    Hard Drive Watcher 9 service to connect.

    Error - 8/16/2010 10:55:50 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7001
    Description = The AVG Free E-mail Scanner service depends on the AVG Free WatchDog
    service which failed to start because of the following error: %%1066

    Error - 8/16/2010 10:56:02 AM | Computer Name = Alex-TOSH | Source = WMPNetworkSvc | ID = 866300
    Description =

    Error - 8/16/2010 10:56:03 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7024
    Description = The HomeGroup Listener service terminated with service-specific error
    %%-2147023143.

    Error - 8/16/2010 10:56:43 AM | Computer Name = Alex-TOSH | Source = Service Control Manager | ID = 7011
    Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
    response from the Browser service.

    Error - 8/16/2010 10:58:11 AM | Computer Name = Alex-TOSH | Source = WMPNetworkSvc | ID = 866300
    Description =


    < End of report >
     
  23. crunchie

    crunchie Malware Helper Posts: 728

    Run the AVG removal tool found here:http://www.avg.com/us-en/download-tools

    ===============

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :Files
      
      :OTL
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      :Commands
      [emptyflash]
      [emptytemp]
      [Reboot]
    • Then click the Run Fix button at the top.
    • Let the program run unhindered, reboot the PC when it is done.
    • Post log from this run.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

    ==============

    Run GMER again following these instructions:

    Download gmer.zip: http://www.gmer.net/files.php
    Unzip the file, and double click on gmer.exe, select Rootkit tab and click the Scan button.
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    ==============

    If the log is still as large as the other, do no post it as I do not fancy going through 55 posts:)
     
  24. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    All processes killed
    ========== FILES ==========
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    ========== COMMANDS ==========

    [EMPTYFLASH]

    User: Alex
    ->Flash cache emptied: 1017 bytes

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYTEMP]

    User: Alex
    ->Temp folder emptied: 9108944 bytes
    ->Temporary Internet Files folder emptied: 739635 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 48923940 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 362148 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 1622533 bytes

    Total Files Cleaned = 58.00 mb


    OTL by OldTimer - Version 3.2.10.0 log created on 08182010_192837

    Files\Folders moved on Reboot...
    File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
     
  25. Darbon

    Darbon TS Rookie Topic Starter Posts: 30

    I've redone GMER and it's only 400 bytes smaller, so i doubt you would like to read it ;) as you can see i've posted my OTL log above. Let me know what you think.

    Also, thanks alot for your AVG Remover. It was exactly what i was looking for.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...