OTL logfile created on: 04/01/2012 00:53:20 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.93 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 59.17% Memory free
4.11 Gb Paging File | 2.84 Gb Available in Paging File | 69.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.12 Gb Total Space | 81.57 Gb Free Space | 55.82% Space Free | Partition Type: NTFS
Drive D: | 5.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 38.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: PB | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/04 00:46:46 | 000,892,768 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/03 23:47:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2012/01/01 04:43:30 | 000,869,216 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/19 00:02:03 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/29 15:35:47 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/31 11:57:56 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2010/12/31 11:57:48 | 000,398,848 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2010/01/08 13:15:24 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtWLan.exe
PRC - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/04 00:46:46 | 000,892,768 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/12/11 13:39:43 | 000,185,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\91a0ef84ce31c1ac825b9c2fa1be36ef\Vodafone.Model.Connection.ni.dll
MOD - [2011/12/11 13:39:42 | 000,087,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Shor#\a71baed10b9e2bddf57a53d9321afe98\Vodafone.Model.Shortcut.ni.dll
MOD - [2011/12/11 13:39:41 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\95fafcd0efacf717bab8f72ea2dde014\Vodafone.View.ManagedToolTip.ni.dll
MOD - [2011/12/11 13:39:39 | 000,850,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\4b83d286325776691441e610aa79b990\Vodafone.View.Shared.ni.dll
MOD - [2011/12/11 13:39:36 | 000,585,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\483582174d6533a7d77f6e5611618cbc\Vodafone.View.SecondaryWindows.ni.dll
MOD - [2011/12/11 13:39:35 | 000,754,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\1a334a8203d1449bdc2a03736a25fa5a\Vodafone.BusinessLogic.ni.dll
MOD - [2011/12/11 13:39:32 | 000,071,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\81c7e5dabf017448ffda9beea3fbe4e4\Vodafone.Vpn.ni.dll
MOD - [2011/12/11 13:39:31 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\3f84ff901b80cd3489da1034bc1efec1\Vodafone.LanWlanManager.ni.dll
MOD - [2011/12/11 13:39:31 | 000,022,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\905caa45cb1ad4a5709886dea8c47a56\Vodafone.Core.Interfaces.ni.dll
MOD - [2011/12/11 13:39:31 | 000,022,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\714ba5c7a60c262b7c6da117248a7ce6\Vodafone.Core.CoreInstanceProvider.ni.dll
MOD - [2011/12/11 13:39:30 | 000,119,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\03fe2ebc7e613515b6a42fc69fdcc7ad\Interop.Shell32.ni.dll
MOD - [2011/12/11 13:39:30 | 000,055,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\1c458a79f279c61cb79a132f5a84ce69\Vodafone.TrafficOptimiser.ni.dll
MOD - [2011/12/11 13:39:29 | 000,731,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\a5cc271c1b1b2202749329fc152e7edf\Vodafone.WwanWrapper.ni.dll
MOD - [2011/12/11 13:39:28 | 000,763,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\b3e82f60e2a55f136a91d7a5c2ed70b7\Vodafone.ConnectionServices.ni.dll
MOD - [2011/12/11 13:39:25 | 000,410,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\3aadc72e970a0e09d1d373becd4bbe38\Vodafone.MbbManagement.ni.dll
MOD - [2011/12/11 13:39:24 | 000,389,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\7519973cffe9c960cbb057cb9924c440\Vodafone.DeviceAccess.Internals.ni.dll
MOD - [2011/12/11 13:39:24 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\ae9fa93798503bbd80a6a50214ec35d1\Vodafone.DeviceAccess.Interfaces.ni.dll
MOD - [2011/12/11 13:39:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\3fa00c296506187396649eee2e83420a\Vodafone.DeviceAccess.Factory.ni.dll
MOD - [2011/12/11 13:39:22 | 000,087,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\ef7d95f7c5208e4b49d33dbc07081687\Vodafone.Core.Remoting.ni.dll
MOD - [2011/12/11 13:39:21 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\a566138282d295371650157a3c94a9af\Common.Logging.ni.dll
MOD - [2011/12/11 13:39:20 | 002,104,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\0bb1c3b71e23a9812c186357c69730e0\Spring.Core.ni.dll
MOD - [2011/12/11 13:39:17 | 000,049,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\b9d45b714f118cb5bf0fff1ae58500c5\Vodafone.Contracts.Adapter.ni.dll
MOD - [2011/12/11 13:39:17 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\b045c11cbdd516c528aa51070e42c340\Vodafone.InstanceProvider.Impl.ni.dll
MOD - [2011/12/11 13:39:14 | 001,303,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\2af3b5cd026db4fbf4ec072b86ed55ea\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll
MOD - [2011/12/11 13:39:12 | 003,346,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\3d094e28d42b038ae7e3792fd704bae6\Infragistics2.Win.Misc.v9.2.ni.dll
MOD - [2011/12/11 13:39:06 | 011,052,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\e828948103570cba489d6781a3c767da\Infragistics2.Win.v9.2.ni.dll
MOD - [2011/12/11 13:38:51 | 000,871,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\ca37c2f516e0e31c447f0be980cd72a5\Infragistics2.Shared.v9.2.ni.dll
MOD - [2011/12/11 13:38:49 | 007,135,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\d12ef5fc6cb82e3721ad878617ffd634\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll
MOD - [2011/12/11 13:38:39 | 000,101,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\4ca5feaf54719d8bee8d8d3a70336329\Vodafone.Contracts.View.ni.dll
MOD - [2011/12/11 13:38:39 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\b79adf37739818102ba5eab1b68de260\Vodafone.DeviceAccess.Contracts.ni.dll
MOD - [2011/12/11 13:38:38 | 000,218,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\355de558a64b1d6b4c7ac42925ad8af5\Interop.FNCClient11Lib.ni.dll
MOD - [2011/12/11 13:38:38 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\5b69a8dd63b8100719294bc4285f08a9\Vodafone.Core.Contracts.ni.dll
MOD - [2011/12/11 13:38:38 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\e3df12f15df7e2dbc6e3bec72f733e4b\Vodafone.UpdateManager.ni.dll
MOD - [2011/12/11 13:38:37 | 000,124,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\06040d5ec69671a932fe8493b2e945df\Vodafone.Contracts.Model.ni.dll
MOD - [2011/12/11 13:38:37 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\e121b1c36226f6d3e19144aaf295c8c5\Vodafone.Base.Internals.ni.dll
MOD - [2011/12/11 13:38:36 | 000,153,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\b68fb7e9d43170fe0183ed50bd451789\Vodafone.ConnectionManagement.ni.dll
MOD - [2011/12/11 13:38:36 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\d500279e6440c4c6fab9705c3273dc1a\Vodafone.Base.Factory.ni.dll
MOD - [2011/12/11 13:38:35 | 000,350,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\c7b339009e618fb4edb70cc8fef47179\Vodafone.ReportingManager.ni.dll
MOD - [2011/12/11 13:38:35 | 000,092,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\7729be3d950bc29e6c62e61a481e573e\Vodafone.Contracts.Common.ni.dll
MOD - [2011/12/11 13:38:35 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\2f497bbb97b4675716d19f99c695a637\Vodafone.Contracts.Presenter.ni.dll
MOD - [2011/12/11 13:38:32 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\02479139a3edb560983ffb37ab088c21\Vodafone.OutlookConnector.ni.dll
MOD - [2011/12/11 13:38:31 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\1e8bf1f51dd7c3f26f8b0e9639d8d718\Vodafone.SmsContactManager.ni.dll
MOD - [2011/12/11 13:38:30 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\e2a7613d18c0a0da5b64888c04c9e397\Vodafone.CommonDialogs.ni.dll
MOD - [2011/12/11 13:38:29 | 000,946,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\e3cc930599340a5af7d69e30005e0634\Vodafone.ApplicationHost.Impl.ni.dll
MOD - [2011/12/11 13:38:27 | 000,325,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\fea8fcfd7f6a873dbb2801dd2160618e\Vodafone.DataAccessor.ni.dll
MOD - [2011/12/11 13:38:27 | 000,080,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\d46da6e3b0934feaa5c97749d8e6f0be\Vodafone.SmsProfileManager.ni.dll
MOD - [2011/12/11 13:38:27 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\e0e3736051d73cf630857d4cc554e32e\Vodafone.SettingsManager.ni.dll
MOD - [2011/12/11 13:38:26 | 000,074,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\92a21b5deac79fce4078ce5b99ca77c5\Vodafone.NtServiceMessaging.ni.dll
MOD - [2011/12/11 13:38:25 | 001,809,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\8738c675ece90a52e8d4a7f117335df0\MobileBroadbandResources.ni.dll
MOD - [2011/12/11 13:38:25 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\2592c40a088e2038d956d926ca993b38\Vodafone.Base.Win32.ni.dll
MOD - [2011/12/11 13:38:24 | 000,181,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\e3e8a01609ac8f97d8f5b2ac20eeb5e6\Vodafone.Common.ni.dll
MOD - [2011/12/11 13:38:24 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\d1e2f7254639988b21d68949ef88c92e\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2011/12/11 13:38:20 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll
MOD - [2011/12/11 13:38:18 | 000,666,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\f81ce12c2a94dc2dc4c4cdc9105e806a\Vodafone.Data.ni.dll
MOD - [2011/12/11 13:38:18 | 000,141,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\f456d0076160d3f35f1570c71488c066\Vodafone.Base.Contracts.ni.dll
MOD - [2011/12/11 13:38:16 | 001,243,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\566c3e979d2812f0996451ae99ce5b3e\Vodafone.Platform.ni.dll
MOD - [2011/12/11 13:38:14 | 000,095,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\ec56a22d7fc660b0ce523e45fe9ec34e\Vodafone.LogEngine.ni.dll
MOD - [2011/12/11 13:38:13 | 000,271,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\29e6f4ecad776d63c0ce64ea4766bb9c\MobileBroadband.ni.exe
MOD - [2011/12/11 13:15:01 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll
MOD - [2011/12/11 13:14:55 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\81a310f5bd696b74485a513680672a5e\System.Web.Services.ni.dll
MOD - [2011/12/11 13:14:55 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2011/12/11 13:14:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2011/12/11 13:14:48 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\fdbb4d76b37aada9010c49a6e09da067\System.Transactions.ni.dll
MOD - [2011/12/11 13:14:19 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\6a39ee17f7cefb77c8e98dbfb72b058b\System.Security.ni.dll
MOD - [2011/12/11 13:14:13 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2011/12/11 13:14:09 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011/12/11 13:13:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011/12/11 13:13:25 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011/12/11 13:13:04 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ca69ec9d6589d3526ee38212ef28e2bb\System.Data.ni.dll
MOD - [2011/12/11 13:11:47 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011/12/11 13:11:27 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/04/29 14:34:58 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/04/29 14:34:57 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/03/21 16:30:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/01/19 07:35:11 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/01/01 04:43:30 | 000,869,216 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/19 00:02:03 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2010/12/31 11:57:56 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2009/12/07 12:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe -- (Realtek87B)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/21 06:31:45 | 000,464,384 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2010/12/30 12:19:46 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/12/30 12:19:38 | 000,191,872 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/01 13:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010/05/07 12:03:20 | 000,048,096 | ---- | M] (e2eSoft) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VAud_WDM.sys -- (camerVAWdm)
DRV - [2010/03/31 05:59:24 | 000,350,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2008/09/29 18:20:40 | 000,449,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WNDA31v.sys -- (WNDA3100)
DRV - [2006/11/02 07:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3943532527-4041018772-598937663-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3943532527-4041018772-598937663-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/01/01 04:44:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\9.0.0.23\ [2012/01/01 04:44:19 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={667A0084-85C9-46D6-87C2-E343EF01DB6E}&mid=545c1764655647d19a124d4dd691cedd-b2d2f83a08b440f32c480522962e16858b66638c&lang=en&ds=AVG&pr=pr&d=2012-01-04 00:46:47&v=9.0.0.23&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AT_HatsuneMiku = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcacbggjcnkdgchjnekppjkkkhlijkdd\2_1\
CHR - Extension: AVG Safe Search = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Skype Click to Call = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
Hosts file not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000..\Run: [MSN Webcam Recorder] C:\Program Files\MSN Webcam Recorder\ml20gui.exe ()
O4 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-3943532527-4041018772-598937663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{897C89C3-AFA7-4B62-AE02-8693A7F28EC4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9B176BC-5E4F-4C56-9F5F-070E48A39187}: NameServer = 88.82.13.12 88.82.13.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/09 14:14:09 | 000,000,118 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/04 00:46:45 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/01/03 23:47:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012/01/03 22:56:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/03 22:56:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/03 22:24:56 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Something is eating my Internet usage - TechSpot OpenBoards_files
[2012/01/03 05:22:15 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\temp
[2012/01/03 05:00:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/03 05:00:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/03 05:00:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/03 05:00:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/03 05:00:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/03 04:49:02 | 004,368,434 | R--- | C] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2012/01/01 21:30:18 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\TechSpot - Technology News, Reviews and Analysis_files
[2012/01/01 21:30:12 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs_files
[2012/01/01 21:30:00 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\UPDATED 5-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards_files
[2012/01/01 21:15:39 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2012/01/01 21:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/01 21:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/01 21:15:19 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/01 21:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/01 06:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012/01/01 06:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/01/01 06:06:27 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Microsoft Games
[2012/01/01 05:55:49 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\SUPERAntiSpyware.com
[2012/01/01 05:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2012/01/01 05:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/01/01 05:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/01/01 05:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/01/01 04:55:48 | 000,000,000 | ---D | C] -- C:\$AVG
[2012/01/01 04:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/01/01 04:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/01/01 04:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/01/01 04:39:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/01/01 03:51:07 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Obophue
[2012/01/01 03:51:07 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Haemxy
[2011/12/31 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\AVG2012
[2011/12/31 01:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/12/31 01:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/12/31 01:08:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/12/31 01:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/12/31 01:03:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Qovy
[2011/12/31 01:03:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Mizaq
[2011/12/30 22:06:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/12/18 10:26:17 | 000,000,000 | ---D | C] -- C:\PFiles
[2011/12/11 05:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/12/11 04:04:31 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Ventrilo
[2011/12/11 04:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2011/12/11 04:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2011/12/11 04:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/12/10 06:31:09 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2011/12/10 01:06:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/12/10 00:25:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\PackageAware
[2011/12/10 00:18:41 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSN Webcam Recorder
[2011/12/10 00:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSN Webcam Recorder
[2011/12/10 00:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Webcam Recorder
[2011/12/10 00:10:10 | 000,000,000 | R--D | C] -- C:\Users\admin\Documents\LifeCam Files
[2011/12/09 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\{EA80AFA6-AF52-49C3-BE2E-096B714D1730}
[2011/12/09 23:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/12/09 23:51:59 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\{A6D9FA8C-7AAE-4EA2-AC84-106D9115F619}
[2011/02/11 17:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/04 00:49:57 | 085,892,713 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/04 00:38:42 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/04 00:38:42 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/04 00:35:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3943532527-4041018772-598937663-1000UA.job
[2012/01/03 23:47:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012/01/03 22:42:44 | 004,368,434 | R--- | M] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2012/01/03 22:38:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/03 22:38:33 | 2072,928,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/03 22:24:56 | 000,149,283 | ---- | M] () -- C:\Users\admin\Desktop\Something is eating my Internet usage - TechSpot OpenBoards.htm
[2012/01/03 19:03:57 | 000,000,512 | ---- | M] () -- C:\Users\admin\Desktop\MBR.dat
[2012/01/03 04:15:49 | 157,117,776 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/03 04:07:06 | 000,032,687 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/01 21:40:24 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/01 21:40:24 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/01 21:30:00 | 000,095,403 | ---- | M] () -- C:\Users\admin\Desktop\UPDATED 5-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2012/01/01 21:15:23 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/01 06:26:17 | 000,001,874 | ---- | M] () -- C:\Users\admin\Desktop\HijackThis.lnk
[2012/01/01 05:54:47 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/01 04:44:32 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/01/01 03:57:25 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/12/30 21:05:34 | 000,000,112 | ---- | M] () -- C:\ProgramData\Ct305E8.dat
[2011/12/30 21:05:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\8638R0X.com.b
[2011/12/25 15:35:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3943532527-4041018772-598937663-1000Core.job
[2011/12/20 03:38:22 | 000,002,042 | ---- | M] () -- C:\Users\admin\Desktop\Google Chrome.lnk
[2011/12/20 03:38:22 | 000,002,004 | ---- | M] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/11 13:05:48 | 000,232,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/11 04:03:35 | 000,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/12/11 04:03:33 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/10 06:41:52 | 000,000,943 | ---- | M] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/10 05:37:20 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2011/12/10 05:37:16 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2011/12/10 00:23:09 | 002,334,160 | ---- | M] () -- C:\Users\admin\Documents\122.110.7.211.80 to
tonylovesjam@hotmail.co.uk;{7845570c-695c-4f3e-98b4-c59d07a97af1} (1).ml20
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========