Well as far as symptoms go... I had the same messages pop up telling me that I had all kinds of drive problems that I read from other posts. At the time that I first posted this thread I still had access to the internet on the infected computer. Not any more... the connection just keeps saying "Identifying" and it won't actually connect to the internet. I keep getting pop ups that say "The recycle bin is corrupt. Would you like to empty its contents?" This popup only shows itself... 1. when the computer boots up 2. when i run rkill and again when i run combofix. It changed my desktop and hid some of my menu items but I've since got them back... thanks to you.
Also, I uninstalled two of the older versions of Java... tried to update which of course didn't work. I also tried to clear out the cache... but I don't think that it worked.
Here is OTL
OTL logfile created on: 1/27/2012 9:35:37 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Odie\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 60.86% Memory free
5.94 Gb Paging File | 4.92 Gb Available in Paging File | 82.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 155.33 Gb Free Space | 67.12% Space Free | Partition Type: NTFS
Drive D: | 2.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.91 Gb Total Space | 1.89 Gb Free Space | 98.77% Space Free | Partition Type: FAT
Computer Name: ODIE-LAPTOP | User Name: Odie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Odie\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files\WTouch\WTouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Toshiba\TOSHIBA Service Station\TSS.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Common Files\AOL\1231115655\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\NetZero\exec.exe (NetZero, Inc.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe (Toshiba)
PRC - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Program Files\Toshiba\FlashCards\BlackPng.dll ()
MOD - C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll ()
MOD - C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Program Files\Toshiba\TBS\NotifyTBS.dll ()
MOD - C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll ()
========== Win32 Services (SafeList) ==========
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WTouchService) -- C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (TMachInfo) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (TNaviSrv) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (SmartFaceVWatchSrv) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe (Toshiba)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (easytether) -- C:\Windows\System32\drivers\easytthr.sys (Mobile Stream)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (pneteth) -- C:\Windows\System32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (WacomVTHid) -- C:\Windows\System32\drivers\WacomVTHid.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (SVRPEDRV) -- C:\Windows\System32\sysprep\PEDRV.SYS (Inventec Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstart
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/01/21 22:08:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/02 07:07:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/03/26 15:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Odie\AppData\Roaming\Mozilla\Extensions
[2011/09/24 16:51:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/06 19:03:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/06 19:09:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/09/24 16:51:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/01/21 22:08:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/05/02 06:44:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/03/18 11:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1231115655\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\TSS.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [EasyTether] C:\Program Files\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe (NetZero, Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Users\Odie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Display All Images with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O8 - Extra context menu item: Display Image with Full Quality - C:\Program Files\NetZero\qsacc\appres.dll (United Online, Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: myspace.com ([home] http in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21D5FA56-C953-4D5A-8C38-4C6A8A5CD3E8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3ACDFDF8-2820-462C-91D7-FEA3C4FE6F98}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF760607-1879-4406-AC47-128752A558DA}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Odie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Odie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3a7ede5e-3540-11df-8164-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{3a7ede5e-3540-11df-8164-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/01/27 21:29:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.scr
[2012/01/27 21:29:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.exe
[2012/01/27 21:29:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.com
[2012/01/24 21:55:19 | 000,000,000 | --SD | C] -- C:\Aron24187A
[2012/01/22 21:48:35 | 000,000,000 | --SD | C] -- C:\Aron7362A
[2012/01/22 19:22:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/22 19:22:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/22 19:22:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/22 19:22:50 | 000,000,000 | --SD | C] -- C:\Aron
[2012/01/22 19:22:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/22 19:19:17 | 004,388,509 | R--- | C] (Swearware) -- C:\Users\Odie\Desktop\Aron.exe
[2012/01/22 18:37:41 | 000,000,000 | --SD | C] -- C:\Friday21376F
[2012/01/22 15:01:18 | 000,000,000 | --SD | C] -- C:\Friday
[2012/01/21 22:23:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/21 22:09:41 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/01/21 22:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/01/21 22:09:40 | 000,314,456 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/01/21 22:09:39 | 000,052,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/01/21 22:09:39 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/01/21 22:09:38 | 000,435,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/01/21 22:09:37 | 000,055,128 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/01/21 22:08:49 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/01/21 22:08:47 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/01/21 22:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/01/21 22:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/21 21:37:21 | 009,200,064 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Odie\Desktop\AppRemover.exe
[2012/01/21 14:23:45 | 000,000,000 | R--D | C] -- C:\Users\Odie\Videos
[2012/01/21 14:23:36 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Odie\Desktop\dds.scr
[2012/01/21 12:18:31 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Roaming\Malwarebytes
[2012/01/21 12:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/21 12:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/21 12:17:42 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/21 12:17:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/21 12:16:24 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Odie\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/14 23:44:21 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/14 23:39:01 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Local\MicrosoftNT
[2012/01/14 21:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/01/14 21:12:28 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/01/14 21:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/01/14 21:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/01/14 21:07:16 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Local\Microsoft Help
[2012/01/14 21:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/14 21:06:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/12/31 23:07:47 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Roaming\HpUpdate
[2011/12/31 23:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/12/31 23:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/12/31 23:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/12/31 23:02:57 | 000,000,000 | ---D | C] -- C:\Users\Odie\AppData\Local\HP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/27 21:19:07 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/27 21:19:07 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/27 21:10:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 21:10:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 21:10:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/27 21:10:04 | 3082,813,440 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/27 21:10:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.scr
[2012/01/27 21:09:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.com
[2012/01/27 21:09:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Odie\Desktop\OTL.exe
[2012/01/27 21:00:26 | 001,749,688 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/27 20:59:33 | 376,581,004 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/24 20:07:52 | 002,039,456 | ---- | M] () -- C:\Users\Odie\Desktop\tdsskiller.zip
[2012/01/24 20:07:24 | 000,684,297 | ---- | M] () -- C:\Users\Odie\Desktop\unhide.exe
[2012/01/22 19:19:16 | 004,388,509 | R--- | M] (Swearware) -- C:\Users\Odie\Desktop\Aron.exe
[2012/01/22 13:57:00 | 000,294,400 | ---- | M] () -- C:\Users\Odie\Desktop\exeHelper.com
[2012/01/22 13:53:40 | 001,008,141 | ---- | M] () -- C:\Users\Odie\Desktop\rkill.exe
[2012/01/22 13:51:28 | 001,008,141 | ---- | M] () -- C:\Users\Odie\Desktop\rkill.scr
[2012/01/22 13:50:14 | 001,008,141 | ---- | M] () -- C:\Users\Odie\Desktop\rkill.com
[2012/01/21 22:09:41 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/01/21 22:09:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/01/21 22:06:34 | 064,207,032 | ---- | M] () -- C:\Users\Odie\Desktop\setup_av_free_cnet.exe
[2012/01/21 21:38:10 | 009,200,064 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Odie\Desktop\AppRemover.exe
[2012/01/21 14:21:28 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Odie\Desktop\dds.scr
[2012/01/21 13:03:16 | 000,302,592 | ---- | M] () -- C:\Users\Odie\Desktop\ycow72iq.exe
[2012/01/21 12:17:48 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/21 12:06:06 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Odie\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/15 08:44:35 | 000,001,356 | ---- | M] () -- C:\Users\Odie\AppData\Local\d3d9caps.dat
[2012/01/15 08:31:24 | 000,000,640 | ---- | M] () -- C:\Users\Odie\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/01/15 07:13:25 | 000,000,464 | ---- | M] () -- C:\ProgramData\evfA91U0AmKF44
[2012/01/15 07:11:38 | 000,000,280 | ---- | M] () -- C:\ProgramData\~evfA91U0AmKF44
[2012/01/14 23:44:25 | 000,000,176 | ---- | M] () -- C:\ProgramData\~evfA91U0AmKF44r
[2012/01/14 23:44:21 | 000,000,616 | ---- | M] () -- C:\Users\Odie\Desktop\System Check.lnk
[2012/01/14 23:14:57 | 000,001,765 | ---- | M] () -- C:\Users\Odie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2012/01/03 08:19:34 | 000,002,601 | ---- | M] () -- C:\Users\Odie\Desktop\Big Game Hunter 2005 Adventures.lnk
[2011/12/31 23:03:31 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/27 21:10:04 | 3082,813,440 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/24 20:09:27 | 000,684,297 | ---- | C] () -- C:\Users\Odie\Desktop\unhide.exe
[2012/01/24 20:09:21 | 002,039,456 | ---- | C] () -- C:\Users\Odie\Desktop\tdsskiller.zip
[2012/01/22 19:22:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/22 19:22:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/22 19:22:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/22 19:22:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/22 19:22:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/22 13:56:57 | 000,294,400 | ---- | C] () -- C:\Users\Odie\Desktop\exeHelper.com
[2012/01/22 13:53:21 | 001,008,141 | ---- | C] () -- C:\Users\Odie\Desktop\rkill.exe
[2012/01/22 13:51:05 | 001,008,141 | ---- | C] () -- C:\Users\Odie\Desktop\rkill.scr
[2012/01/22 13:49:48 | 001,008,141 | ---- | C] () -- C:\Users\Odie\Desktop\rkill.com
[2012/01/21 22:09:41 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/01/21 22:03:43 | 064,207,032 | ---- | C] () -- C:\Users\Odie\Desktop\setup_av_free_cnet.exe
[2012/01/21 14:03:46 | 000,302,592 | ---- | C] () -- C:\Users\Odie\Desktop\ycow72iq.exe
[2012/01/21 12:17:48 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/15 08:31:24 | 000,000,640 | ---- | C] () -- C:\Users\Odie\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/01/14 23:44:25 | 000,000,176 | ---- | C] () -- C:\ProgramData\~evfA91U0AmKF44r
[2012/01/14 23:44:24 | 000,000,280 | ---- | C] () -- C:\ProgramData\~evfA91U0AmKF44
[2012/01/14 23:44:21 | 000,000,616 | ---- | C] () -- C:\Users\Odie\Desktop\System Check.lnk
[2012/01/14 23:44:19 | 000,000,464 | ---- | C] () -- C:\ProgramData\evfA91U0AmKF44
[2011/12/31 23:16:09 | 000,001,765 | ---- | C] () -- C:\Users\Odie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2011/12/31 23:08:10 | 000,000,767 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/12/31 23:03:31 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/04/24 19:30:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/04/24 19:30:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/24 19:29:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/10/08 21:40:03 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009/12/27 18:36:49 | 000,001,356 | ---- | C] () -- C:\Users\Odie\AppData\Local\d3d9caps.dat
[2009/03/27 19:58:04 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/01/01 22:01:21 | 000,000,026 | ---- | C] () -- C:\Windows\wininit.ini
[2009/01/01 22:01:19 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2009/01/01 21:25:20 | 000,000,866 | ---- | C] () -- C:\Windows\aolback.exe.lnk
[2008/12/31 22:03:11 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/12/27 12:54:46 | 000,000,082 | ---- | C] () -- C:\Windows\cosmimmbible.ini
[2008/12/23 18:15:46 | 000,011,264 | ---- | C] () -- C:\Users\Odie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/23 17:31:32 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/12/23 17:31:30 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/10/24 15:55:02 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/10/24 15:55:01 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/10/24 15:55:01 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/10/24 15:55:01 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/10/24 15:28:54 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/10/24 15:28:54 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/10/24 15:28:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/10/24 15:28:54 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/10/24 15:28:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/10/24 15:28:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/08/14 13:48:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/14 13:28:30 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/14 13:28:30 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/14 13:28:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/14 13:28:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/14 13:28:30 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/14 13:28:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/08/14 13:02:18 | 000,257,053 | ---- | C] () -- C:\Windows\WOLSET.exe
[2008/06/12 19:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/06/12 19:41:20 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/06/12 19:41:18 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/06/12 19:41:18 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/04/24 19:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 19:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 19:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 19:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 19:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 19:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007/12/21 17:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 06:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:47:37 | 001,749,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:33:01 | 000,595,684 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,101,350 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/22 22:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
========== LOP Check ==========
[2010/01/01 11:37:39 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\Canon
[2009/01/06 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\OpenOffice.org
[2009/03/29 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\TOSHIBA
[2008/12/25 10:39:05 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\WildTangent
[2011/04/24 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\WinBatch
[2011/11/24 09:11:06 | 000,000,000 | ---D | M] -- C:\Users\Odie\AppData\Roaming\WTouch
[2012/01/24 20:46:06 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/10/29 00:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 21:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 20:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 20:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: USERINIT.EXE >
[2008/01/20 20:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 20:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 20:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB2440$] -> -> Unknown point type
< End of report >