Inactive Websites being redirected at random

OTL logfile created on: 7/16/2010 7:32:42 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\DONGS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 14.73 Gb Free Space | 9.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONGS-PC
Current User Name: DONGS
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
PRC - [2010/07/16 12:05:26 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/07/16 12:05:21 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/16 12:05:21 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/16 12:04:33 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/16 12:04:31 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/29 19:28:16 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/06/21 11:26:31 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\DONGS\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/04/01 18:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/25 15:05:58 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/06/02 13:26:48 | 000,505,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008/05/09 11:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/04/24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 00:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 13:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/11/23 09:45:34 | 002,076,672 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files\sysreset\mirc.exe
PRC - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 19:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/08/21 11:31:36 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-022208-143751)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\DONGS\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 18:43:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/09 18:00:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/02 17:26:08 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/12/06 18:12:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/08 23:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/08 23:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Swagbucks.com "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.4chan.org/frames/ "
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.10
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.9
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.27
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/15 22:14:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 20:58:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 20:58:35 | 000,000,000 | ---D | M]

[2010/06/19 21:43:29 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Extensions
[2010/07/15 21:08:20 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions
[2010/07/01 23:33:18 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/14 22:10:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/06/26 19:52:43 | 000,000,000 | ---D | M] (4chan) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/01 23:16:00 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\foxmarks@kei.com
[2010/07/01 23:33:19 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\isreaditlater@ideashower.com
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\pmog@gamelayers.com
[2010/07/01 23:34:31 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\smarterwiki@wikiatic.com
[2010/07/11 00:58:55 | 000,001,540 | ---- | M] () -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\searchplugins\swagbuckscom.xml
[2010/07/15 21:08:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/20 23:51:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/19 22:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/19 22:10:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.255.112.14 85.255.112.5 1.2.3.4
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

The file is too big, so I've split it up.

 

Here's the next part:

========== Files/Folders - Created Within 90 Days ==========

[2010/07/16 19:31:46 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\temp
[2010/07/16 18:43:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/16 16:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/07/16 12:05:21 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/15 22:28:08 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\avenger
[2010/07/15 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\tdsskiller
[2010/07/15 21:48:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/11 21:57:54 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Adobe
[2010/07/01 23:21:15 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/01 23:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpaceMonger
[2010/07/01 23:03:26 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Player Classic
[2010/06/29 19:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/06/29 19:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/06/26 18:32:12 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/06/22 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\NDS
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Apple Computer
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple Computer
[2010/06/21 00:07:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/21 00:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/21 00:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/21 00:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/06/21 00:02:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple
[2010/06/21 00:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/20 23:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/06/20 23:57:04 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\skypePM
[2010/06/20 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/20 23:51:36 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Skype
[2010/06/20 23:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/20 23:51:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/20 23:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/06/20 10:02:47 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 10:00:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\InstallShield
[2010/06/20 09:59:57 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/06/19 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Chromium
[2010/06/19 22:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/06/19 22:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/06/19 22:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/06/19 22:20:31 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/19 22:20:22 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/06/19 22:20:22 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/19 22:20:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/06/19 22:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/06/19 22:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/06/19 22:14:46 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/06/19 22:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/19 22:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/19 22:04:27 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Malwarebytes
[2010/06/19 22:04:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/19 22:04:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/19 22:03:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinRAR
[2010/06/19 22:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/06/19 21:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Macromedia
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Adobe
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Mozilla
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Mozilla
[2010/06/19 21:41:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/06/19 21:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/06/19 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/06/19 21:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\sysreset
[2010/06/19 21:37:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Google
[2010/06/19 21:31:49 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Toshiba
[2010/06/19 21:31:48 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Documents\My Google Gadgets
[2010/06/19 21:31:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Google
[2010/06/19 21:31:35 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Symantec
[2010/06/19 21:31:17 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Searches
[2010/06/19 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Identities
[2010/06/19 21:31:07 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Contacts
[2010/06/19 21:31:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\VirtualStore
[2010/06/19 21:30:38 | 000,000,000 | --SD | C] -- C:\Users\DONGS\AppData\Roaming\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Videos
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Saved Games
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Pictures
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Music
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Links
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Favorites
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents\Downloads
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Desktop
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Temporary Internet Files
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Templates
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Start Menu
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\SendTo
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Recent
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\PrintHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\NetHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Videos
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Pictures
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Music
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\My Documents
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Local Settings
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\History
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Cookies
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -H-D | C] -- C:\Users\DONGS\AppData
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Center Programs
[2010/06/19 21:18:56 | 000,000,000 | ---D | C] -- C:\DOCS
[2010/06/19 21:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared
[2010/06/19 21:05:59 | 000,020,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\jswpslwf.sys
[2010/06/19 21:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Jumpstart
[2010/06/19 21:03:15 | 000,919,552 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2010/06/19 21:03:14 | 000,516,096 | ---- | C] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2010/06/19 21:03:14 | 000,393,216 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2010/06/19 21:03:14 | 000,053,248 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2010/06/19 21:03:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2010/06/19 21:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2010/06/19 21:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/06/19 21:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2010/06/19 21:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/06/19 20:58:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2010/06/19 20:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ltmoh
[2010/06/19 20:53:59 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/06/19 20:52:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/06/19 20:52:09 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010/06/19 20:52:09 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010/06/19 20:52:09 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010/06/19 20:52:08 | 006,037,504 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010/06/19 20:52:08 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010/06/19 20:52:08 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2010/06/19 20:52:08 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2010/06/19 20:48:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/06/19 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2010/06/19 20:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/19 20:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/06/19 20:39:36 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/06/19 20:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/06/19 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/06/19 20:31:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/06/19 20:27:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/16 19:33:25 | 001,310,720 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT
[2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 19:31:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/07/16 19:30:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 19:30:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 19:30:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/16 19:30:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/16 19:30:10 | 3080,736,768 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/16 19:29:21 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 19:29:21 | 000,065,536 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/16 19:29:18 | 001,662,686 | -H-- | M] () -- C:\Users\DONGS\AppData\Local\IconCache.db
[2010/07/16 18:52:54 | 000,717,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/16 18:52:54 | 000,608,136 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/16 18:52:54 | 000,114,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/16 18:50:51 | 062,063,449 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/07/16 18:41:17 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/07/16 16:46:24 | 189,900,636 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/07/16 12:05:21 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/07/15 22:55:55 | 000,002,129 | ---- | M] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:33:58 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/07/15 22:27:59 | 000,724,952 | ---- | M] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:25:01 | 000,981,780 | ---- | M] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/15 11:31:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/07/13 17:33:55 | 000,232,396 | ---- | M] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/13 01:32:58 | 000,014,336 | ---- | M] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/06 19:50:58 | 005,849,808 | ---- | M] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | M] () -- C:\Users\DONGS\NDS.lnk
[2010/07/02 20:38:00 | 000,002,053 | ---- | M] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/07/02 20:38:00 | 000,002,015 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/01 23:21:21 | 000,000,004 | ---- | M] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:07:17 | 000,000,757 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | M] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/21 12:44:24 | 000,069,398 | ---- | M] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:30:06 | 001,467,044 | ---- | M] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | M] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | M] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | M] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/20 01:27:34 | 000,012,732 | ---- | M] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/20 01:26:50 | 000,001,641 | ---- | M] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:46:48 | 000,001,938 | ---- | M] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:32 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:20:31 | 000,001,618 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:04:21 | 000,000,813 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:53:46 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:40:59 | 000,000,863 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:36 | 000,082,720 | ---- | M] () -- C:\Users\DONGS\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/19 21:31:05 | 000,000,016 | RHS- | M] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 000,000,020 | -HS- | M] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:26:32 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/06/19 21:01:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:47:06 | 000,316,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/19 17:18:52 | 000,000,005 | RHS- | M] () -- C:\Windows\System32\drivers\taishop.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

Here's the last part:

========== Files Created - No Company Name ==========

[2010/07/16 18:20:34 | 3080,736,768 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/16 16:45:52 | 189,900,636 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/07/15 22:55:55 | 000,002,129 | ---- | C] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:27:59 | 000,724,952 | ---- | C] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:24:58 | 000,981,780 | ---- | C] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/11 11:02:44 | 000,232,396 | ---- | C] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/06 19:50:58 | 005,849,808 | ---- | C] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | C] () -- C:\Users\DONGS\NDS
[2010/07/01 23:21:21 | 000,000,004 | ---- | C] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:03:00 | 000,000,757 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | C] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/21 12:44:24 | 000,069,398 | ---- | C] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | C] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | C] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | C] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:10:48 | 001,467,044 | ---- | C] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 01:27:32 | 000,012,732 | ---- | C] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/19 22:54:02 | 000,014,336 | ---- | C] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 22:46:48 | 000,001,938 | ---- | C] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:48 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/06/19 22:35:32 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:22:34 | 000,002,053 | ---- | C] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/06/19 22:22:34 | 000,002,015 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/19 22:21:18 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/06/19 22:21:17 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/06/19 22:20:31 | 000,001,618 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:20:15 | 062,063,449 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/19 22:05:29 | 000,001,641 | ---- | C] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:04:21 | 000,000,813 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:40:59 | 000,000,863 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:05 | 000,000,016 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 001,310,720 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/19 21:30:38 | 000,262,144 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG1
[2010/06/19 21:30:38 | 000,065,536 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/19 21:30:38 | 000,000,258 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/06/19 21:30:38 | 000,000,240 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/06/19 21:30:38 | 000,000,020 | -HS- | C] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:30:38 | 000,000,000 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG2
[2010/06/19 21:23:37 | 000,000,715 | ---- | C] () -- C:\Users\Public\Desktop\TOSHIBA Resources.lnk
[2010/06/19 21:23:35 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Voice & Video Calls.lnk
[2010/06/19 21:01:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:54:38 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2010/06/19 20:54:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2010/06/19 20:54:38 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2010/06/19 20:54:38 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2010/06/19 20:53:28 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2010/06/19 17:18:52 | 000,000,005 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/08/18 11:36:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/18 11:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/18 11:07:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/18 11:07:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/18 11:07:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 18:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 09:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/07/13 17:35:39 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/07/16 15:08:28 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/07/01 23:21:15 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/16 13:01:32 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 09:59:57 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/07/16 19:29:22 | 000,013,694 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/07/15 22:30:28 | 000,007,596 | ---- | M] () -- C:\avenger.txt
[2008/01/20 19:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/08/18 10:51:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/07/16 18:44:37 | 000,025,206 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/07/16 19:30:10 | 3080,736,768 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/16 19:30:09 | 3396,612,096 | -HS- | M] () -- C:\pagefile.sys
[2010/07/15 22:25:35 | 000,053,786 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_15.07.2010_22.25.16_log.txt

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/11/02 05:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 05:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 05:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/20 19:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/20 19:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/08/18 10:51:06 | 012,820,480 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/08/18 10:51:02 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/08/18 10:51:06 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008/08/18 10:51:12 | 017,186,816 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008/08/18 10:51:13 | 006,635,520 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2008/01/20 19:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 19:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 02:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >

 

And finally, here's the Extras.txt:

OTL Extras logfile created on: 7/16/2010 7:32:42 PM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\DONGS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 14.73 Gb Free Space | 9.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONGS-PC
Current User Name: DONGS
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [SpaceMonger] -- "C:\Program Files\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0525BFBD-36F5-45D9-B382-3647377CD6D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D9FE94B-65DD-4F58-8C24-1F5ABC5962A0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1549B4DF-1C0F-4033-AE28-418E772A7D6E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{1B4A6172-3336-41C3-990C-34DD20B3EB0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3792957D-ACB3-4634-8C44-62D1356B3EF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39225936-07E2-4AF1-81CC-5BC8E0B2461C}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{42D3AFE0-40E9-4551-ACFE-966AE8A675BA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4A4849B1-A56F-4BCD-A142-8CD757771DC1}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{4AB4EAF7-1851-46D7-A33D-D086444A224A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{506472AA-5C5E-441A-A5F8-BF6CCBCB3765}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5353A56E-3467-4C84-9BD9-D9E9345A10E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{54DFBF3E-7CFD-4E2C-9109-9C905F4AC3B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77AACB4B-CBFC-4E38-B9EA-7177E04E40AF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7A09797D-1CEA-4130-951B-EDABA80AED17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C260838-C098-43C8-999D-E771A169B328}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9481AE0C-624E-4E6D-94E9-C463F600655C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9C326C4-4835-4E12-9AE1-DC19BE69C764}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{BB4BD7BB-2629-44F3-ADEC-24A8EAF8870F}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{BE8F77DD-D102-48ED-A32D-51AE3C084086}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7390C28-C125-4993-9310-4D9EA68E9328}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DECCAE71-22A6-466E-8820-D61B33675865}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{EAC2C2F0-66B1-4C44-B4A1-739285877727}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EEB9D54D-E2B3-4A09-BB7B-2DA1EB2B4878}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{8C23CEE0-FD8F-4B5F-83C2-31D9D5782934}C:\program files\sysreset\mirc.exe" = protocol=6 | dir=in | app=c:\program files\sysreset\mirc.exe |
"TCP Query User{DE3AC39A-0B01-4E4D-AB59-0C8523A475A4}C:\program files\steam\steamapps\ignorantlemon\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\ignorantlemon\team fortress 2\hl2.exe |
"UDP Query User{666C2D78-2D48-4F40-85C5-83C13D21E8F5}C:\program files\sysreset\mirc.exe" = protocol=17 | dir=in | app=c:\program files\sysreset\mirc.exe |
"UDP Query User{A4B7F252-B780-4034-BCCF-82B8B179A3A3}C:\program files\steam\steamapps\ignorantlemon\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\ignorantlemon\team fortress 2\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{224821ED-CADA-4A8A-AC8D-3734CC0F0931}" = Amazon Links
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{73B52EA8-8A5C-4FF5-A9F2-1A0F3259C3D2}" = TOSHIBA Application Disc Creator
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}" = Adobe Flash Player 9 ActiveX
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99D518AB-77F2-405B-B52A-18FC22394CF8}" = NetZero Internet Access Installer
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E1E56B8A-1AAF-422A-91DB-625059FB9863}" = TOSHIBA Desktop Links
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"foobar2000" = foobar2000 v1.0.3
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HitmanPro35" = Hitman Pro 3.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Picasa2" = Picasa 2
"SpaceMonger" = SpaceMonger 2.1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chromium" = Chromium
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/9/2010 10:51:32 PM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = 496: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 7/9/2010 10:53:53 PM | Computer Name = DONGS-PC | Source = LoadPerf | ID = 3014
Description =

Error - 7/9/2010 10:53:53 PM | Computer Name = DONGS-PC | Source = LoadPerf | ID = 3009
Description =

Error - 7/9/2010 10:58:13 PM | Computer Name = DONGS-PC | Source = LoadPerf | ID = 3001
Description =

Error - 7/11/2010 5:49:40 AM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/11/2010 5:49:40 AM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1420

Error - 7/11/2010 5:49:40 AM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1420

Error - 7/11/2010 7:06:44 PM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/11/2010 7:06:44 PM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1202

Error - 7/11/2010 7:06:44 PM | Computer Name = DONGS-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1202

[ System Events ]
Error - 7/16/2010 7:58:44 PM | Computer Name = DONGS-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 7/16/2010 7:58:44 PM | Computer Name = DONGS-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 7/16/2010 7:58:43 PM | Computer Name = DONGS-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 7/16/2010 9:20:42 PM | Computer Name = DONGS-PC | Source = HTTP | ID = 15016
Description =

Error - 7/16/2010 9:33:10 PM | Computer Name = DONGS-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 7/16/2010 9:41:13 PM | Computer Name = DONGS-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 7/16/2010 9:45:44 PM | Computer Name = DONGS-PC | Source = DCOM | ID = 10010
Description =

Error - 7/16/2010 9:46:43 PM | Computer Name = DONGS-PC | Source = HTTP | ID = 15016
Description =

Error - 7/16/2010 10:29:17 PM | Computer Name = DONGS-PC | Source = DCOM | ID = 10010
Description =

Error - 7/16/2010 10:30:14 PM | Computer Name = DONGS-PC | Source = HTTP | ID = 15016
Description =


< End of report >

 

Here is the first OTL log:

All processes killed
========== OTL ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\DONGS\AppData\Local\Temp\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Users\DONGS\AppData\Roaming\Symantec\NPMDataStore folder moved successfully.
C:\Users\DONGS\AppData\Roaming\Symantec folder moved successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DONGS
->Temp folder emptied: 43225 bytes
->Temporary Internet Files folder emptied: 110507 bytes
->Java cache emptied: 410499 bytes
->FireFox cache emptied: 42920332 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 44042 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: DONGS
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.0 log created on 07162010_200038

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

 

OTL logfile created on: 7/16/2010 8:04:33 PM - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\DONGS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 10.08 Gb Free Space | 6.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONGS-PC
Current User Name: DONGS
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
PRC - [2010/07/16 12:05:26 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/07/16 12:05:21 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/16 12:05:21 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/16 12:04:33 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/16 12:04:31 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/29 20:58:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/29 19:28:16 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/06/21 11:26:31 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\DONGS\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/04/01 18:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/25 15:05:58 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/06/02 13:26:48 | 000,505,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008/05/09 11:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/04/24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 13:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 19:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/08/21 11:31:36 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-022208-143751)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 18:43:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/09 18:00:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/02 17:26:08 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/12/06 18:12:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/08 23:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/08 23:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Swagbucks.com "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.4chan.org/frames/ "
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.10
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.9
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.27
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/15 22:14:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 20:58:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 20:58:35 | 000,000,000 | ---D | M]

[2010/06/19 21:43:29 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Extensions
[2010/07/16 19:59:49 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions
[2010/07/01 23:33:18 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/14 22:10:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/06/26 19:52:43 | 000,000,000 | ---D | M] (4chan) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/01 23:16:00 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\foxmarks@kei.com
[2010/07/01 23:33:19 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\isreaditlater@ideashower.com
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\pmog@gamelayers.com
[2010/07/01 23:34:31 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\smarterwiki@wikiatic.com
[2010/07/11 00:58:55 | 000,001,540 | ---- | M] () -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\searchplugins\swagbuckscom.xml
[2010/07/16 19:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/20 23:51:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/19 22:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/16 19:59:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/06/22 04:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/16 20:00:44 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.255.112.14 85.255.112.5 1.2.3.4
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Have to split the file again...

 

========== Files/Folders - Created Within 90 Days ==========

[2010/07/16 20:00:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/16 19:59:31 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2010/07/16 19:59:31 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2010/07/16 19:59:31 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2010/07/16 19:31:46 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\temp
[2010/07/16 18:43:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/16 16:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/07/16 12:05:21 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/15 22:28:08 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\avenger
[2010/07/15 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\tdsskiller
[2010/07/15 21:48:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/11 21:57:54 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Adobe
[2010/07/01 23:21:15 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/01 23:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpaceMonger
[2010/07/01 23:03:26 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Player Classic
[2010/06/29 19:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/06/29 19:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/06/26 18:32:12 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/06/22 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\NDS
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Apple Computer
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple Computer
[2010/06/21 00:07:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/21 00:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/21 00:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/21 00:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/06/21 00:02:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple
[2010/06/21 00:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/20 23:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/06/20 23:57:04 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\skypePM
[2010/06/20 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/20 23:51:36 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Skype
[2010/06/20 23:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/20 23:51:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/20 23:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/06/20 10:02:47 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 10:00:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\InstallShield
[2010/06/20 09:59:57 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/06/19 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Chromium
[2010/06/19 22:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/06/19 22:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/06/19 22:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/06/19 22:20:31 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/19 22:20:22 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/06/19 22:20:22 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/19 22:20:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/06/19 22:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/06/19 22:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/06/19 22:14:46 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/06/19 22:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/19 22:10:34 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2010/06/19 22:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/19 22:04:27 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Malwarebytes
[2010/06/19 22:04:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/19 22:04:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/19 22:03:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinRAR
[2010/06/19 22:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/06/19 21:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Macromedia
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Adobe
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Mozilla
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Mozilla
[2010/06/19 21:41:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/06/19 21:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/06/19 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/06/19 21:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\sysreset
[2010/06/19 21:37:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Google
[2010/06/19 21:31:49 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Toshiba
[2010/06/19 21:31:48 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Documents\My Google Gadgets
[2010/06/19 21:31:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Google
[2010/06/19 21:31:17 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Searches
[2010/06/19 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Identities
[2010/06/19 21:31:07 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Contacts
[2010/06/19 21:31:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\VirtualStore
[2010/06/19 21:30:38 | 000,000,000 | --SD | C] -- C:\Users\DONGS\AppData\Roaming\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Videos
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Saved Games
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Pictures
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Music
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Links
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Favorites
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents\Downloads
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Desktop
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Temporary Internet Files
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Templates
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Start Menu
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\SendTo
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Recent
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\PrintHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\NetHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Videos
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Pictures
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Music
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\My Documents
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Local Settings
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\History
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Cookies
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -H-D | C] -- C:\Users\DONGS\AppData
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Center Programs
[2010/06/19 21:18:56 | 000,000,000 | ---D | C] -- C:\DOCS
[2010/06/19 21:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared
[2010/06/19 21:05:59 | 000,020,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\jswpslwf.sys
[2010/06/19 21:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Jumpstart
[2010/06/19 21:03:15 | 000,919,552 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2010/06/19 21:03:14 | 000,516,096 | ---- | C] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2010/06/19 21:03:14 | 000,393,216 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2010/06/19 21:03:14 | 000,053,248 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2010/06/19 21:03:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2010/06/19 21:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2010/06/19 21:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/06/19 21:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2010/06/19 21:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/06/19 20:58:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2010/06/19 20:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ltmoh
[2010/06/19 20:53:59 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/06/19 20:52:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/06/19 20:52:09 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010/06/19 20:52:09 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010/06/19 20:52:09 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010/06/19 20:52:08 | 006,037,504 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010/06/19 20:52:08 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010/06/19 20:52:08 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2010/06/19 20:52:08 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2010/06/19 20:48:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/06/19 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2010/06/19 20:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/19 20:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/06/19 20:39:36 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/06/19 20:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/06/19 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/06/19 20:31:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/06/19 20:27:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 90 Days ==========

[2010/07/16 20:05:03 | 001,310,720 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT
[2010/07/16 20:01:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 20:01:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 20:01:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/16 20:01:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/16 20:01:52 | 3082,813,440 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/16 20:00:58 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 20:00:58 | 000,065,536 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/16 20:00:44 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/07/16 19:37:59 | 000,717,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/16 19:37:59 | 000,608,136 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/16 19:37:59 | 000,114,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 19:31:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/07/16 19:29:18 | 001,662,686 | -H-- | M] () -- C:\Users\DONGS\AppData\Local\IconCache.db
[2010/07/16 18:50:51 | 062,063,449 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/07/16 18:41:17 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/07/16 16:46:24 | 189,900,636 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/07/16 12:05:21 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/07/15 22:55:55 | 000,002,129 | ---- | M] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:33:58 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/07/15 22:27:59 | 000,724,952 | ---- | M] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:25:01 | 000,981,780 | ---- | M] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/15 11:31:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/07/13 17:33:55 | 000,232,396 | ---- | M] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/13 01:32:58 | 000,014,336 | ---- | M] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/06 19:50:58 | 005,849,808 | ---- | M] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | M] () -- C:\Users\DONGS\NDS.lnk
[2010/07/02 20:38:00 | 000,002,053 | ---- | M] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/07/02 20:38:00 | 000,002,015 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/01 23:21:21 | 000,000,004 | ---- | M] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:07:17 | 000,000,757 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | M] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/22 04:36:38 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2010/06/22 04:36:37 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2010/06/22 04:36:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2010/06/22 04:36:29 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2010/06/21 12:44:24 | 000,069,398 | ---- | M] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:30:06 | 001,467,044 | ---- | M] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | M] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | M] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | M] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/20 01:27:34 | 000,012,732 | ---- | M] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/20 01:26:50 | 000,001,641 | ---- | M] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:46:48 | 000,001,938 | ---- | M] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:32 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:20:31 | 000,001,618 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:04:21 | 000,000,813 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:53:46 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:40:59 | 000,000,863 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:36 | 000,082,720 | ---- | M] () -- C:\Users\DONGS\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/19 21:31:05 | 000,000,016 | RHS- | M] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 000,000,020 | -HS- | M] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:26:32 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/06/19 21:01:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:47:06 | 000,316,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/19 17:18:52 | 000,000,005 | RHS- | M] () -- C:\Windows\System32\drivers\taishop.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2010/07/16 18:20:34 | 3082,813,440 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/16 16:45:52 | 189,900,636 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/07/15 22:55:55 | 000,002,129 | ---- | C] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:27:59 | 000,724,952 | ---- | C] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:24:58 | 000,981,780 | ---- | C] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/11 11:02:44 | 000,232,396 | ---- | C] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/06 19:50:58 | 005,849,808 | ---- | C] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | C] () -- C:\Users\DONGS\NDS
[2010/07/01 23:21:21 | 000,000,004 | ---- | C] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:03:00 | 000,000,757 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | C] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/21 12:44:24 | 000,069,398 | ---- | C] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | C] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | C] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | C] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:10:48 | 001,467,044 | ---- | C] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 01:27:32 | 000,012,732 | ---- | C] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/19 22:54:02 | 000,014,336 | ---- | C] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 22:46:48 | 000,001,938 | ---- | C] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:48 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/06/19 22:35:32 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:22:34 | 000,002,053 | ---- | C] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/06/19 22:22:34 | 000,002,015 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/19 22:21:18 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/06/19 22:21:17 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/06/19 22:20:31 | 000,001,618 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:20:15 | 062,063,449 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/19 22:05:29 | 000,001,641 | ---- | C] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:04:21 | 000,000,813 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:40:59 | 000,000,863 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:05 | 000,000,016 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 001,310,720 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/19 21:30:38 | 000,262,144 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG1
[2010/06/19 21:30:38 | 000,065,536 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/19 21:30:38 | 000,000,258 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/06/19 21:30:38 | 000,000,240 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/06/19 21:30:38 | 000,000,020 | -HS- | C] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:30:38 | 000,000,000 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG2
[2010/06/19 21:23:37 | 000,000,715 | ---- | C] () -- C:\Users\Public\Desktop\TOSHIBA Resources.lnk
[2010/06/19 21:23:35 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Voice & Video Calls.lnk
[2010/06/19 21:01:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:54:38 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2010/06/19 20:54:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2010/06/19 20:54:38 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2010/06/19 20:54:38 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2010/06/19 20:53:28 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2010/06/19 17:18:52 | 000,000,005 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/08/18 11:36:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/18 11:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/18 11:07:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/18 11:07:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/18 11:07:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 18:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 09:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/07/13 17:35:39 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/07/16 15:08:28 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/07/01 23:21:15 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/16 13:01:32 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 09:59:57 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/07/16 20:00:59 | 000,014,070 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

 

The redirection is gone! Thank you very much. I shall mail my firstborn son to you in tribute to your technical prowess. Have to split up the OTL logfile again though:

OTL logfile created on: 7/16/2010 8:24:02 PM - Run 3
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\DONGS\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 9.97 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONGS-PC
Current User Name: DONGS
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
PRC - [2010/07/16 12:05:26 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/07/16 12:05:21 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/16 12:05:21 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/16 12:04:33 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/07/16 12:04:31 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/06/29 20:58:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/29 19:28:16 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/06/21 11:26:31 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\DONGS\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/04/01 18:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/25 15:05:58 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/06/02 13:26:48 | 000,505,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008/05/09 11:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/04/24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 13:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 19:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/16 12:05:18 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/16 12:04:33 | 000,921,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/04/01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/08/21 11:31:36 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-022208-143751)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/02/06 13:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/07/28 15:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/06/12 18:43:16 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008/04/15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/09 18:00:04 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/02 17:26:08 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/12/06 18:12:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/08 23:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/08 23:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Swagbucks.com "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.4chan.org/frames/ "
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.10
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.9
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.27
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/15 22:14:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 20:58:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 20:58:35 | 000,000,000 | ---D | M]

[2010/06/19 21:43:29 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Extensions
[2010/07/16 19:59:49 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions
[2010/07/01 23:33:18 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/14 22:10:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/06/26 19:52:43 | 000,000,000 | ---D | M] (4chan) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/07/10 18:38:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/01 23:16:00 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\foxmarks@kei.com
[2010/07/01 23:33:19 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\isreaditlater@ideashower.com
[2010/07/06 20:40:12 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\pmog@gamelayers.com
[2010/07/01 23:34:31 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\extensions\smarterwiki@wikiatic.com
[2010/07/11 00:58:55 | 000,001,540 | ---- | M] () -- C:\Users\DONGS\AppData\Roaming\Mozilla\Firefox\Profiles\04n9lkkk.default\searchplugins\swagbuckscom.xml
[2010/07/16 19:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/20 23:51:27 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/19 22:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/16 19:59:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/06/22 04:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/16 20:00:44 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 90 Days ==========

[2010/07/16 20:00:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/16 19:59:31 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\System32\javaws.exe
[2010/07/16 19:59:31 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\javaw.exe
[2010/07/16 19:59:31 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\System32\java.exe
[2010/07/16 19:31:46 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/16 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\temp
[2010/07/16 18:43:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/16 16:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/07/16 12:05:21 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/15 22:28:08 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\avenger
[2010/07/15 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Desktop\tdsskiller
[2010/07/15 21:48:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/11 21:57:54 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Adobe
[2010/07/01 23:21:15 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/01 23:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\SpaceMonger
[2010/07/01 23:03:26 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Player Classic
[2010/06/29 19:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/06/29 19:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/06/26 18:32:12 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/06/22 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\NDS
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Apple Computer
[2010/06/21 00:08:17 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple Computer
[2010/06/21 00:07:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/21 00:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/21 00:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/21 00:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/21 00:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/06/21 00:02:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Apple
[2010/06/21 00:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/20 23:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/06/20 23:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/06/20 23:57:04 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\skypePM
[2010/06/20 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/20 23:51:36 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Skype
[2010/06/20 23:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/20 23:51:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/20 23:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/06/20 10:02:47 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 10:00:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\InstallShield
[2010/06/20 09:59:57 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/06/19 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Chromium
[2010/06/19 22:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/06/19 22:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/06/19 22:35:26 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/06/19 22:20:31 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/19 22:20:22 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/06/19 22:20:22 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/19 22:20:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/06/19 22:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/06/19 22:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/06/19 22:14:46 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/06/19 22:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/19 22:10:34 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2010/06/19 22:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/06/19 22:04:27 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Malwarebytes
[2010/06/19 22:04:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/19 22:04:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/19 22:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/19 22:03:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\WinRAR
[2010/06/19 22:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/06/19 21:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Macromedia
[2010/06/19 21:46:13 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Adobe
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Mozilla
[2010/06/19 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Mozilla
[2010/06/19 21:41:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/06/19 21:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/06/19 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/06/19 21:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\sysreset
[2010/06/19 21:37:39 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Google
[2010/06/19 21:31:49 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Toshiba
[2010/06/19 21:31:48 | 000,000,000 | ---D | C] -- C:\Users\DONGS\Documents\My Google Gadgets
[2010/06/19 21:31:43 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Google
[2010/06/19 21:31:17 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Searches
[2010/06/19 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Identities
[2010/06/19 21:31:07 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Contacts
[2010/06/19 21:31:05 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\VirtualStore
[2010/06/19 21:30:38 | 000,000,000 | --SD | C] -- C:\Users\DONGS\AppData\Roaming\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Videos
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Saved Games
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Pictures
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Music
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Links
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Favorites
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents\Downloads
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Documents
[2010/06/19 21:30:38 | 000,000,000 | R--D | C] -- C:\Users\DONGS\Desktop
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Temporary Internet Files
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Templates
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Start Menu
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\SendTo
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Recent
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\PrintHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\NetHood
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Videos
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Pictures
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Documents\My Music
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\My Documents
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Local Settings
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\History
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Cookies
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -HSD | C] -- C:\Users\DONGS\AppData\Local\Application Data
[2010/06/19 21:30:38 | 000,000,000 | -H-D | C] -- C:\Users\DONGS\AppData
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Local\Microsoft
[2010/06/19 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\DONGS\AppData\Roaming\Media Center Programs
[2010/06/19 21:18:56 | 000,000,000 | ---D | C] -- C:\DOCS
[2010/06/19 21:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared
[2010/06/19 21:05:59 | 000,020,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\jswpslwf.sys
[2010/06/19 21:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\Jumpstart
[2010/06/19 21:03:15 | 000,919,552 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2010/06/19 21:03:14 | 000,516,096 | ---- | C] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2010/06/19 21:03:14 | 000,393,216 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2010/06/19 21:03:14 | 000,053,248 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2010/06/19 21:03:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2010/06/19 21:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2010/06/19 21:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/06/19 21:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2010/06/19 21:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010/06/19 20:58:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2010/06/19 20:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\ltmoh
[2010/06/19 20:53:59 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/06/19 20:52:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/06/19 20:52:09 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010/06/19 20:52:09 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010/06/19 20:52:09 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010/06/19 20:52:08 | 006,037,504 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010/06/19 20:52:08 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010/06/19 20:52:08 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2010/06/19 20:52:08 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2010/06/19 20:48:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/06/19 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2010/06/19 20:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/06/19 20:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/19 20:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/06/19 20:39:36 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/06/19 20:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/06/19 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/06/19 20:31:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/06/19 20:27:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 90 Days ==========

[2010/07/16 20:25:22 | 001,310,720 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT
[2010/07/16 20:22:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 20:22:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/16 20:22:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/16 20:22:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/16 20:22:20 | 3082,813,440 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/16 20:19:39 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 20:19:39 | 000,065,536 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/16 20:19:34 | 001,663,044 | -H-- | M] () -- C:\Users\DONGS\AppData\Local\IconCache.db
[2010/07/16 20:09:34 | 000,717,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/16 20:09:34 | 000,608,136 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/16 20:09:34 | 000,114,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/16 20:00:44 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/07/16 19:31:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\DONGS\Desktop\OTL.exe
[2010/07/16 19:31:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/07/16 18:50:51 | 062,063,449 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/07/16 18:41:17 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/07/16 16:46:24 | 189,900,636 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/16 12:05:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/07/16 12:05:21 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/07/16 12:04:33 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/07/15 22:55:55 | 000,002,129 | ---- | M] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:33:58 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/07/15 22:27:59 | 000,724,952 | ---- | M] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:25:01 | 000,981,780 | ---- | M] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/15 11:31:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/07/13 17:33:55 | 000,232,396 | ---- | M] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/13 01:32:58 | 000,014,336 | ---- | M] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/06 19:50:58 | 005,849,808 | ---- | M] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | M] () -- C:\Users\DONGS\NDS.lnk
[2010/07/02 20:38:00 | 000,002,053 | ---- | M] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/07/02 20:38:00 | 000,002,015 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/07/01 23:21:21 | 000,000,004 | ---- | M] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:07:17 | 000,000,757 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | M] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/22 04:36:38 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\System32\javaws.exe
[2010/06/22 04:36:37 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\javaw.exe
[2010/06/22 04:36:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\System32\java.exe
[2010/06/22 04:36:29 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\System32\deployJava1.dll
[2010/06/21 12:44:24 | 000,069,398 | ---- | M] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:30:06 | 001,467,044 | ---- | M] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | M] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | M] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | M] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 10:05:14 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/06/20 01:27:34 | 000,012,732 | ---- | M] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/20 01:26:50 | 000,001,641 | ---- | M] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:46:48 | 000,001,938 | ---- | M] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:32 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:20:31 | 000,001,618 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:04:21 | 000,000,813 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:53:46 | 000,524,288 | -HS- | M] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:40:59 | 000,000,863 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | M] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:36 | 000,082,720 | ---- | M] () -- C:\Users\DONGS\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/19 21:31:05 | 000,000,016 | RHS- | M] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 000,000,020 | -HS- | M] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:26:32 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/06/19 21:01:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:47:06 | 000,316,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/19 17:18:52 | 000,000,005 | RHS- | M] () -- C:\Windows\System32\drivers\taishop.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2010/07/16 18:20:34 | 3082,813,440 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/16 16:45:52 | 189,900,636 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/07/15 22:55:55 | 000,002,129 | ---- | C] () -- C:\Users\DONGS\Documents\Attach.zip
[2010/07/15 22:27:59 | 000,724,952 | ---- | C] () -- C:\Users\DONGS\Desktop\avenger.zip
[2010/07/15 22:24:58 | 000,981,780 | ---- | C] () -- C:\Users\DONGS\Desktop\tdsskiller.zip
[2010/07/11 11:02:44 | 000,232,396 | ---- | C] () -- C:\Users\DONGS\Desktop\Minecraft.exe
[2010/07/06 19:50:58 | 005,849,808 | ---- | C] () -- C:\Users\DONGS\EBOOT.BIN
[2010/07/06 10:37:58 | 000,000,426 | ---- | C] () -- C:\Users\DONGS\NDS
[2010/07/01 23:21:21 | 000,000,004 | ---- | C] () -- C:\Windows\System32\wnsm2i.rdb
[2010/06/29 19:03:00 | 000,000,757 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/27 10:14:25 | 000,032,846 | ---- | C] () -- C:\Users\DONGS\Documents\mgs.fpl
[2010/06/21 12:44:24 | 000,069,398 | ---- | C] () -- C:\Users\DONGS\Documents\beatmania.fpl
[2010/06/21 12:29:49 | 000,005,525 | ---- | C] () -- C:\Users\DONGS\Documents\DnD podcast.fpl
[2010/06/21 00:11:02 | 000,084,028 | ---- | C] () -- C:\Users\DONGS\Documents\comedy.fpl
[2010/06/21 00:10:56 | 000,070,235 | ---- | C] () -- C:\Users\DONGS\Documents\***@tfw.fpl
[2010/06/21 00:10:48 | 001,467,044 | ---- | C] () -- C:\Users\DONGS\Documents\everything.fpl
[2010/06/21 00:07:23 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/21 00:04:00 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/06/20 23:57:05 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/06/20 23:51:06 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/20 01:27:32 | 000,012,732 | ---- | C] () -- C:\Users\DONGS\Documents\cc_20100620_012730.reg
[2010/06/19 22:54:02 | 000,014,336 | ---- | C] () -- C:\Users\DONGS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 22:46:48 | 000,001,938 | ---- | C] () -- C:\Users\DONGS\Desktop\Chromium.lnk
[2010/06/19 22:46:48 | 000,001,910 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2010/06/19 22:35:48 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/06/19 22:35:32 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/06/19 22:22:34 | 000,002,053 | ---- | C] () -- C:\Users\DONGS\Desktop\Google Chrome.lnk
[2010/06/19 22:22:34 | 000,002,015 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/19 22:21:18 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000UA.job
[2010/06/19 22:21:17 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-321911073-2565416866-1713073674-1000Core.job
[2010/06/19 22:20:31 | 000,001,618 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/06/19 22:20:22 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/06/19 22:20:15 | 062,063,449 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/19 22:05:29 | 000,001,641 | ---- | C] () -- C:\Users\DONGS\Desktop\CCleaner.lnk
[2010/06/19 22:04:21 | 000,000,813 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:04:21 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 22:02:23 | 000,147,368 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/19 21:56:15 | 000,000,691 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\sysreset.lnk
[2010/06/19 21:40:59 | 000,000,863 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2010/06/19 21:40:59 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/06/19 21:40:24 | 000,001,759 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/19 21:40:24 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/19 21:31:05 | 000,000,016 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2010/06/19 21:30:38 | 001,310,720 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/06/19 21:30:38 | 000,524,288 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/19 21:30:38 | 000,262,144 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG1
[2010/06/19 21:30:38 | 000,065,536 | -HS- | C] () -- C:\Users\DONGS\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/19 21:30:38 | 000,000,258 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/06/19 21:30:38 | 000,000,240 | ---- | C] () -- C:\Users\DONGS\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/06/19 21:30:38 | 000,000,020 | -HS- | C] () -- C:\Users\DONGS\ntuser.ini
[2010/06/19 21:30:38 | 000,000,000 | -H-- | C] () -- C:\Users\DONGS\ntuser.dat.LOG2
[2010/06/19 21:23:37 | 000,000,715 | ---- | C] () -- C:\Users\Public\Desktop\TOSHIBA Resources.lnk
[2010/06/19 21:23:35 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Voice & Video Calls.lnk
[2010/06/19 21:01:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010/06/19 20:54:38 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2010/06/19 20:54:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2010/06/19 20:54:38 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2010/06/19 20:54:38 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2010/06/19 20:53:28 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2010/06/19 17:18:52 | 000,000,005 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/08/18 11:36:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/18 11:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/18 11:07:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/18 11:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/18 11:07:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/18 11:07:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 18:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 09:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/07/13 17:35:39 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\.minecraft
[2010/07/16 15:08:28 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\foobar2000
[2010/07/01 23:21:15 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\SpaceMonger
[2010/07/16 13:01:32 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\uTorrent
[2010/06/20 09:59:57 | 000,000,000 | ---D | M] -- C:\Users\DONGS\AppData\Roaming\WinBatch
[2010/07/16 20:19:56 | 000,014,446 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >