Here is the OTL.txt:
OTL logfile created on: 3/28/2013 11:04:48 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user1\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19401)
Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 66.94% Memory free
5.73 Gb Paging File | 4.56 Gb Available in Paging File | 79.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.03 Gb Total Space | 47.15 Gb Free Space | 21.14% Space Free | Partition Type: NTFS
Drive D: | 9.85 Gb Total Space | 1.32 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Computer Name: GLENGLENKO | User Name: user1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/28 09:38:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user1\Downloads\OTL.exe
PRC - [2013/02/19 17:47:38 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/02/19 17:47:38 | 000,968,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/01/26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\user1\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/01/27 09:24:22 | 002,077,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/12/13 19:20:40 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/12/13 19:20:33 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/12/13 07:53:40 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/12/13 07:53:37 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/12/13 07:53:36 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/12/13 07:48:09 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/04/11 14:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/26 16:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
========== Modules (No Company Name) ==========
MOD - [2013/02/19 17:47:38 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/02/19 17:47:38 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2008/06/12 13:17:08 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
========== Services (SafeList) ==========
SRV - [2013/03/13 20:03:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/19 17:47:38 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/10 21:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/05/17 15:41:56 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010/12/13 07:53:40 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/26 16:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/21 10:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/02/19 17:47:38 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/16 09:20:41 | 000,226,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/13 09:59:41 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/05/08 19:34:24 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/12/13 07:53:36 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/10 03:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/28 02:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/25 06:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/19 08:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3D454AFF-6E01-437B-90B1-2D4F2B069DE3}: "URL" = http://ph.search.yah...h_fr_005&fr=chr
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pa&d=2011-12-02 19:34:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rm=1&toolbar=BT
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...pa&d=2011-12-02 19:34:53&v=14.2.0.1&pid=avg&sg=&sap=hp"
FF - prefs.js..extensions.enabledItems: [emailprotected]:3.2.3.3
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.3.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.911
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: avg@toolbar:9.0.0.18.1
FF - prefs.js..keyword.URL: "http://ph.search.yah...8&&fr=ytff-&p="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user1\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user1\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\user1\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[emailprotected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/08/05 02:35:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/13 10:00:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013/02/19 17:48:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/13 20:18:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/20 14:22:48 | 000,000,000 | ---D | M]
[2009/11/19 18:47:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user1\AppData\Roaming\mozilla\Extensions
[2012/10/20 15:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user1\AppData\Roaming\mozilla\Firefox\Profiles\5axg0byw.default\extensions
[2009/11/20 18:08:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\user1\AppData\Roaming\mozilla\Firefox\Profiles\5axg0byw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/07/07 22:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user1\AppData\Roaming\mozilla\Firefox\Profiles\5axg0byw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/11/26 18:31:21 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\user1\AppData\Roaming\mozilla\Firefox\Profiles\5axg0byw.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2010/11/26 18:31:21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\user1\AppData\Roaming\mozilla\Firefox\Profiles\5axg0byw.default\extensions\[emailprotected]
[2013/03/20 14:22:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/12 11:48:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/07/18 14:24:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/02/19 17:48:12 | 000,003,714 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...pa&d=2011-12-02 19:34:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.c...earchTerms}&o=1
CHR - homepage: http://isearch.avg.c...pa&d=2011-12-02 19:34:53&v=14.2.0.1&pid=avg&sg=&sap=hp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user1\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user1\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user1\AppData\Local\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Users\user1\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\user1\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Troll Emoticons = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\5.1.8_0\
CHR - Extension: Night Time In New York City = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek\1.2_0\
CHR - Extension: AVG Security Toolbar = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: Gmail = C:\Users\user1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\user1\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
F3 - HKCU WinNT: Load - (C:\Users\user1\LOCALS~1\Temp\msiailei.scr) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E26D1994-3780-4DFE-9AED-5FCB34F7800F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\user1\Pictures\nba\Dwyane_Wade_21198.jpg
O24 - Desktop BackupWallPaper: C:\Users\user1\Pictures\nba\Dwyane_Wade_21198.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/14 08:55:32 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/08/05 02:03:40 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1ac545c2-281b-11df-81a8-001d7277b757}\Shell\AutoRun\command - "" = F:\MAKSIMALNO///minimalno.exe
O33 - MountPoints2\{1ac545c2-281b-11df-81a8-001d7277b757}\Shell\open\command - "" = F:\MAKSIMALNO///minimalno.exe
O33 - MountPoints2\{22146e7f-154f-11df-9228-001d7277b757}\Shell\1\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{22146e7f-154f-11df-9228-001d7277b757}\Shell\2\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{22146e7f-154f-11df-9228-001d7277b757}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Recycle.exe
O33 - MountPoints2\{2c3d3017-a350-11de-8b4a-001d7277b757}\Shell\AutoRun\command - "" = F:\kasper/kasper32.exe
O33 - MountPoints2\{2c3d3017-a350-11de-8b4a-001d7277b757}\Shell\explore\command - "" = F:\.////////kasper/\\\\\kasper32.exe
O33 - MountPoints2\{2c3d3017-a350-11de-8b4a-001d7277b757}\Shell\open\command - "" = F:\kasper/////////kasper32.exe
O33 - MountPoints2\{4c362f38-77ec-11de-952a-001d7277b757}\Shell\auto\command - "" = Scrap
O33 - MountPoints2\{4c362f38-77ec-11de-952a-001d7277b757}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Scrap
O33 - MountPoints2\{4c362f38-77ec-11de-952a-001d7277b757}\Shell\explore\command - "" = Scrap
O33 - MountPoints2\{4c362f38-77ec-11de-952a-001d7277b757}\Shell\open\command - "" = Scrap
O33 - MountPoints2\{5f3a416a-0bdc-11df-bc8a-001d7277b757}\Shell\AutoRun\command - "" = H:\svchost.exe
O33 - MountPoints2\{725cd502-1458-11df-871c-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{725cd502-1458-11df-871c-001d7277b757}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{790cc640-2b48-11df-8f0d-001d7277b757}\Shell\AutoRun\command - "" = G:\usecure/usecure32.exe
O33 - MountPoints2\{790cc640-2b48-11df-8f0d-001d7277b757}\Shell\explore\command - "" = G:\usecure/usecure32.exe
O33 - MountPoints2\{790cc640-2b48-11df-8f0d-001d7277b757}\Shell\open\command - "" = G:\usecure/usecure32.exe
O33 - MountPoints2\{a6e22e69-0a59-11df-b868-001d7277b757}\Shell\AutoRun\command - "" = bitdecoy/bitdecoy32.exe
O33 - MountPoints2\{a6e22e69-0a59-11df-b868-001d7277b757}\Shell\explore\command - "" = bitdecoy/bitdecoy32.exe
O33 - MountPoints2\{a6e22e69-0a59-11df-b868-001d7277b757}\Shell\open\command - "" = .\bitdecoy/bitdecoy32.exe
O33 - MountPoints2\{a762aee0-e51d-11de-ac60-001d7277b757}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\dirsystem.cmd
O33 - MountPoints2\{c2c29856-228a-11df-83ee-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{c2c29856-228a-11df-83ee-001d7277b757}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d1f02a2b-b9fc-11de-896a-001d7277b757}\Shell\AutoRun\command - "" = k1d.exe
O33 - MountPoints2\{d1f02a2b-b9fc-11de-896a-001d7277b757}\Shell\open\Command - "" = k1d.exe
O33 - MountPoints2\{d98baa68-b929-11de-b715-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{d98baa68-b929-11de-b715-001d7277b757}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{da77ce07-0d63-11df-969c-001d7277b757}\Shell\AutoRun\command - "" = F:\kasper/kasper32.exe
O33 - MountPoints2\{da77ce07-0d63-11df-969c-001d7277b757}\Shell\explore\command - "" = F:\.////////kasper/\\\\\kasper32.exe
O33 - MountPoints2\{da77ce07-0d63-11df-969c-001d7277b757}\Shell\open\command - "" = F:\kasper/////////kasper32.exe
O33 - MountPoints2\{dae8c2b8-5c5b-11de-93e6-001d7277b757}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL LAQig.eXe
O33 - MountPoints2\{e4a6b499-b222-11de-b88e-001d7277b757}\Shell\AutoRun\command - "" = ucure/ucure32.exe
O33 - MountPoints2\{e4a6b499-b222-11de-b88e-001d7277b757}\Shell\explore\command - "" = ucure/ucure32.exe
O33 - MountPoints2\{e4a6b499-b222-11de-b88e-001d7277b757}\Shell\open\command - "" = ucure/ucure32.exe
O33 - MountPoints2\{e8279ed4-6590-11de-b3bd-001d7277b757}\Shell\AuTopLaY\cOmmAnD - "" = I:\xmagx.pif
O33 - MountPoints2\{e8279ed4-6590-11de-b3bd-001d7277b757}\Shell\AutoRun\command - "" = I:\xmagx.pif
O33 - MountPoints2\{e8279ed4-6590-11de-b3bd-001d7277b757}\Shell\EXpLorE\CoMmAnD - "" = I:\xmagx.pif
O33 - MountPoints2\{e8279ed4-6590-11de-b3bd-001d7277b757}\Shell\opeN\ComMaND - "" = I:\xmagx.pif
O33 - MountPoints2\{e8279ed9-6590-11de-b3bd-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{e8279ed9-6590-11de-b3bd-001d7277b757}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{fc900ec8-df15-11de-95d8-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{fc900ec8-df15-11de-95d8-001d7277b757}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fc900ed4-df15-11de-95d8-001d7277b757}\Shell - "" = AutoRun
O33 - MountPoints2\{fc900ed4-df15-11de-95d8-001d7277b757}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/28 09:12:45 | 000,000,000 | ---D | C] -- C:\Users\user1\AppData\Roaming\Malwarebytes
[2013/03/28 09:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/28 09:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/28 09:12:34 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/03/28 09:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/14 03:07:18 | 000,000,000 | ---D | C] -- C:\04df8eaf191cfaf31908aceb4d
[2013/03/13 22:50:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/13 09:45:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/13 09:45:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/13 09:45:02 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/13 09:45:02 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/13 09:45:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/03/13 09:45:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/03/13 09:45:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/13 09:45:01 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/13 09:45:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/03/13 09:44:56 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/03/13 09:44:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/03/13 09:44:55 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013/03/13 09:44:55 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/13 09:44:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/13 09:44:53 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/13 09:44:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/13 09:44:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/13 09:44:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/11 09:03:00 | 027,215,683 | ---- | C] (Computers and Structures, Inc.) -- C:\Users\user1\Desktop\CSI ETABS 9.7 Portable.exe
[2013/03/11 08:45:21 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/11 08:44:44 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/11 08:44:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/11 08:44:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/09 18:48:20 | 000,000,000 | ---D | C] -- C:\Users\user1\AppData\Local\Xenocode
[2013/03/04 12:07:31 | 000,000,000 | ---D | C] -- C:\FRST
[2013/03/02 15:11:58 | 000,000,000 | ---D | C] -- C:\TEMP
[2013/03/02 12:43:41 | 000,000,000 | ---D | C] -- C:\Users\user1\AppData\Roaming\{C64C782F-F116-458F-971F-3CFEC4CD44CF}
[2013/02/28 19:54:02 | 000,000,000 | ---D | C] -- C:\Users\user1\AppData\Roaming\{35DE4F28-A4BE-4F10-A49C-975D40B597D0}
[2013/02/28 19:53:05 | 000,000,000 | ---D | C] -- C:\Users\user1\AppData\Roaming\{E0F63152-C24E-4A21-83E2-41B815A52919}
[2013/02/28 17:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/02/28 17:52:40 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
========== Files - Modified Within 30 Days ==========
[2013/03/28 11:00:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/28 10:41:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3340730019-3293077109-2200735973-1000UA.job
[2013/03/28 10:08:25 | 000,401,540 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/03/28 10:05:20 | 000,401,540 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/03/28 10:05:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/28 10:05:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/28 10:04:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/28 10:04:36 | 2951,073,792 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/28 09:53:48 | 114,850,794 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2013/03/28 09:12:38 | 000,000,890 | ---- | M] () -- C:\Users\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/03/27 19:41:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3340730019-3293077109-2200735973-1000Core.job
[2013/03/27 16:39:28 | 000,097,298 | ---- | M] () -- C:\Users\user1\Desktop\Untitled.jpg
[2013/03/26 13:08:58 | 000,655,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/26 13:08:58 | 000,137,294 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/23 23:57:22 | 000,206,848 | ---- | M] () -- C:\Users\user1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/14 21:26:27 | 000,000,114 | ---- | M] () -- C:\Windows\System32\prsgrc.tgz
[2013/03/14 21:26:26 | 000,000,218 | ---- | M] () -- C:\Windows\System32\svat0iq.tgz
[2013/03/14 21:26:26 | 000,000,204 | ---- | M] () -- C:\Windows\System32\svat0iq.dll
[2013/03/14 21:26:26 | 000,000,100 | ---- | M] () -- C:\Windows\System32\prsgrc.dll
[2013/03/14 00:52:56 | 000,002,084 | ---- | M] () -- C:\Users\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/14 00:52:56 | 000,002,082 | ---- | M] () -- C:\Users\user1\Desktop\Google Chrome.lnk
[2013/03/13 20:02:51 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/13 20:02:51 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/11 08:44:30 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/11 08:44:29 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/11 08:44:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/11 08:44:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/11 08:44:27 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/03/11 08:44:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/03/05 18:21:45 | 000,008,523 | -H-- | M] () -- C:\Users\user1\Documents\acaddoc.lsp
[2013/02/28 10:49:23 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
========== Files Created - No Company Name ==========
[2013/03/28 09:12:38 | 000,000,890 | ---- | C] () -- C:\Users\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/03/27 16:39:27 | 000,097,298 | ---- | C] () -- C:\Users\user1\Desktop\Untitled.jpg
[2013/03/05 18:21:45 | 000,008,523 | -H-- | C] () -- C:\Users\user1\Documents\acaddoc.lsp
[2013/02/28 17:52:42 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/08/18 11:10:33 | 000,144,540 | ---- | C] () -- C:\Windows\hpwins16.dat
[2011/05/12 13:42:31 | 000,000,327 | ---- | C] () -- C:\Windows\SAFEv8.ini
[2011/05/12 13:37:29 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\u3rpij6.dll
[2011/05/12 13:37:28 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\hpdlnno.dll
[2011/05/12 13:37:28 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\fdcuoct.dll
[2011/05/12 13:37:26 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\hycc0i8.dll
[2011/05/12 13:37:23 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\l0ebt1m.dll
[2011/05/12 13:37:19 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\ls3v6ks.dll
[2011/05/12 13:00:21 | 000,000,271 | ---- | C] () -- C:\Windows\ETABS.ini
[2011/04/17 09:29:52 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2011/04/16 14:24:44 | 000,026,840 | ---- | C] () -- C:\Users\user1\AppData\Roaming\UserTile.png
[2010/12/20 12:47:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/03 07:21:04 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/08 16:40:01 | 000,197,632 | ---- | C] () -- C:\Program Files\patchw32.dll
[2009/10/08 16:40:01 | 000,168,029 | ---- | C] () -- C:\Program Files\std2004patch.exe
[2009/08/25 06:06:34 | 000,000,680 | ---- | C] () -- C:\Users\user1\AppData\Local\d3d9caps.dat
[2008/11/14 22:56:38 | 000,002,060 | ---- | C] () -- C:\Users\user1\AppData\Roaming\wklnhst.dat
[2008/11/12 21:56:03 | 000,401,540 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/11/12 21:55:01 | 000,401,540 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/11/12 20:23:18 | 000,206,848 | ---- | C] () -- C:\Users\user1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 20:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 14:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 14:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:679ABA25
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1
< End of report >