Here is the aswMRB log:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-03 17:42:04
-----------------------------
17:42:04.019 OS Version: Windows x64 6.0.6002 Service Pack 2
17:42:04.019 Number of processors: 4 586 0x1707
17:42:04.019 ComputerName: MANNERING-PC UserName: Steve
17:42:05.396 Initialize success
17:42:08.914 AVAST engine defs: 12050301
17:42:14.358 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-3
17:42:14.361 Disk 0 Vendor: ST3400620AS 3.AAD Size: 381554MB BusType: 3
17:42:14.363 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-4
17:42:14.366 Disk 1 Vendor: WDC_WD1002FAEX-00Y9A0 01.01V01 Size: 953869MB BusType: 3
17:42:14.369 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
17:42:14.372 Disk 2 Vendor: ST3500320AS SD15 Size: 476940MB BusType: 3
17:42:14.376 Disk 3 \Device\Harddisk3\DR3 -> \Device\Scsi\JRAID1Port4Path0Target0Lun0
17:42:14.380 Disk 3 Vendor: SAMSUNG_ Size: 114498MB BusType: 1
17:42:14.424 Disk 1 MBR read successfully
17:42:14.428 Disk 1 MBR scan
17:42:14.433 Disk 1 Windows VISTA default MBR code
17:42:14.437 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 2048
17:42:14.453 Disk 1 scanning C:\Windows\system32\drivers
17:42:21.212 Service scanning
17:42:32.410 Modules scanning
17:42:32.411 Disk 1 trace - called modules:
17:42:32.429 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:42:32.430 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80068575a0]
17:42:32.430 3 CLASSPNP.SYS[fffffa6000d5ac33] -> nt!IofCallDriver -> [0xfffffa8004c4d9b0]
17:42:32.431 5 acpi.sys[fffffa60008f2fde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-4[0xfffffa8004c42940]
17:42:33.628 AVAST engine scan C:\Windows
17:42:37.134 AVAST engine scan C:\Windows\system32
17:44:35.695 AVAST engine scan C:\Windows\system32\drivers
17:44:50.370 AVAST engine scan C:\Users\Tod
17:48:33.772 AVAST engine scan C:\ProgramData
17:52:10.269 Scan finished successfully
18:02:15.979 Disk 1 MBR has been saved successfully to "C:\Users\Tod\Desktop\MBR.dat"
18:02:15.985 The log file has been saved successfully to "C:\Users\Tod\Desktop\aswMBR.txt"
Here's the OTL.txt log:
OTL logfile created on: 03/05/2012 6:04:31 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Tod\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 2.60 Gb Available Physical Memory | 64.99% Memory free
8.18 Gb Paging File | 5.81 Gb Available in Paging File | 71.05% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 700.80 Gb Free Space | 75.23% Space Free | Partition Type: NTFS
Drive E: | 372.61 Gb Total Space | 354.69 Gb Free Space | 95.19% Space Free | Partition Type: NTFS
Drive F: | 78.12 Gb Total Space | 37.99 Gb Free Space | 48.63% Space Free | Partition Type: NTFS
Drive G: | 387.63 Gb Total Space | 380.06 Gb Free Space | 98.05% Space Free | Partition Type: NTFS
Drive H: | 111.80 Gb Total Space | 111.49 Gb Free Space | 99.72% Space Free | Partition Type: NTFS
Computer Name: MANNING-PC | User Name: Tod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tod\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe (Alcatel-Lucent)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Windows\SysWOW64\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll ()
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll ()
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll ()
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll ()
MOD - C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
MOD - C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll ()
MOD - C:\Windows\SysWOW64\AsIO.dll ()
MOD - C:\Program Files\ASUS\Six Engine\pngio.dll ()
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (ndassvc) -- C:\Program Files\NDAS\System\ndassvc.exe (XIMETA, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (hap17v2k) -- C:\Windows\SysNative\drivers\hap17v2k.sys (Creative Technology Ltd)
DRV:64bit: - (hap16v2k) -- C:\Windows\SysNative\drivers\hap16v2k.sys (Creative Technology Ltd)
DRV:64bit: - (ha10kx2k) -- C:\Windows\SysNative\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTERFXFX.SYS) -- C:\Windows\SysNative\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV:64bit: - (CTERFXFX) -- C:\Windows\SysNative\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX.SYS) -- C:\Windows\SysNative\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX) -- C:\Windows\SysNative\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX.SYS) -- C:\Windows\SysNative\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX) -- C:\Windows\SysNative\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV:64bit: - (COMMONFX.SYS) -- C:\Windows\SysNative\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV:64bit: - (COMMONFX) -- C:\Windows\SysNative\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV:64bit: - (lfsfilt) -- C:\Windows\SysNative\DRIVERS\lfsfilt.sys (XIMETA, Inc.)
DRV:64bit: - (lpx) -- C:\Windows\SysNative\DRIVERS\lpx6x.sys (XIMETA, Inc.)
DRV:64bit: - (ndasbus) -- C:\Windows\SysNative\DRIVERS\ndasbus.sys (XIMETA, Inc.)
DRV:64bit: - (ndasfat) -- C:\Windows\SysNative\DRIVERS\ndasfat.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (ndasfs) -- C:\Windows\SysNative\DRIVERS\ndasfs.sys (XIMETA, Inc.)
DRV:64bit: - (ndasrofs) -- C:\Windows\SysNative\DRIVERS\ndasrofs.sys (XIMETA, Inc.)
DRV:64bit: - (ndasscsi) -- C:\Windows\SysNative\DRIVERS\ndasscsi.sys (XIMETA, Inc.)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (SaiH0461) -- C:\Windows\SysNative\DRIVERS\SaiH0461.sys (Saitek)
DRV:64bit: - (CTHWIUT.DLL) -- C:\Windows\SysNative\CTHWIUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.DLL) -- C:\Windows\SysNative\CT20XUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX.DLL) -- C:\Windows\SysNative\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEDSPSY.DLL) -- C:\Windows\SysNative\CTEDSPSY.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPIO.DLL) -- C:\Windows\SysNative\CTEDSPIO.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPFX.DLL) -- C:\Windows\SysNative\CTEDSPFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEAPSFX.DLL) -- C:\Windows\SysNative\CTEAPSFX.DLL (Creative Technology Ltd)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 5E 40 A0 9B 07 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {5EEF6327-6F66-4C37-AF65-D435397B4B39}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5EEF6327-6F66-4C37-AF65-D435397B4B39}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_enCA417
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.mytelus.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tod\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tod\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/22 20:46:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/02 19:49:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/22 20:54:12 | 000,000,000 | ---D | M]
[2011/03/17 22:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tod\AppData\Roaming\Mozilla\Extensions
[2011/05/07 20:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tod\AppData\Roaming\Mozilla\Firefox\Profiles\4kfxj1s5.default\extensions
[2012/04/22 21:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/07 18:06:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/11 16:06:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/16 15:41:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_enCA417
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tod\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Tod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Tod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Tod\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Tod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TELUS_McciTrayApp] C:\Program Files\TELUS\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Tod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02463494-57D4-4586-AD19-9F63FC6F579D}: DhcpNameServer = 192.168.1.254 75.153.176.9
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-tt2010 - No CLSID value found
O18:64bit: - Protocol\Handler\intu-tt2011 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-tt2010 {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files (x86)\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-tt2011 {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - C:\Program Files (x86)\TurboTax 2011\ic2011pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ba0adc00-7474-11e0-8a07-0022154749fa}\Shell - "" = AutoRun
O33 - MountPoints2\{ba0adc00-7474-11e0-8a07-0022154749fa}\Shell\AutoRun\command - "" = M:\laucher.exe
O33 - MountPoints2\{ba0adc66-7474-11e0-8a07-0022154749fa}\Shell - "" = AutoRun
O33 - MountPoints2\{ba0adc66-7474-11e0-8a07-0022154749fa}\Shell\AutoRun\command - "" = N:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/03 17:44:01 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Tod\Desktop\OTL.exe
[2012/05/03 17:41:40 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Tod\Desktop\aswMBR.exe
[2012/05/02 17:54:10 | 000,000,000 | ---D | C] -- C:\Users\Tod\AppData\Roaming\Malwarebytes
[2012/05/02 17:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/02 17:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/02 17:53:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/02 17:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/02 17:41:55 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Tod\Desktop\TFC.exe
[2012/04/28 09:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TurboTax 2011
[2012/04/23 16:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/23 16:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/23 16:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/23 16:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/04/22 22:59:39 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/22 22:59:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/22 22:59:36 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/22 22:59:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/22 22:59:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/22 22:59:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/22 22:59:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/22 22:59:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/22 22:59:34 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/22 22:59:34 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/22 22:59:33 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/22 22:43:36 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/22 22:43:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/22 22:43:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/22 22:43:25 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/22 22:22:16 | 002,002,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/04/22 22:22:16 | 001,555,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/22 22:22:16 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/04/22 22:22:15 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/04/22 22:22:15 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/04/22 22:22:12 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/04/22 22:22:10 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/04/22 22:22:10 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/04/22 22:22:09 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/04/22 22:22:09 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/04/22 22:19:51 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/04/22 22:19:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/04/22 22:19:46 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/04/22 21:59:17 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/04/22 21:59:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/04/22 21:59:06 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/04/22 21:58:08 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012/04/22 21:58:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012/04/22 21:58:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012/04/22 21:58:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012/04/22 21:58:06 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012/04/22 21:51:06 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012/04/22 21:51:06 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012/04/22 20:46:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/05/03 18:02:15 | 000,000,512 | ---- | M] () -- C:\Users\Tod\Desktop\MBR.dat
[2012/05/03 17:49:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/03 17:44:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Tod\Desktop\OTL.exe
[2012/05/03 17:41:20 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Tod\Desktop\aswMBR.exe
[2012/05/03 17:39:38 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513721917-566077972-59493417-1000UA.job
[2012/05/03 17:39:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/03 16:18:12 | 000,035,184 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000001-00001102-00000004-20011102}.rfx
[2012/05/03 16:18:12 | 000,035,184 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000001-00001102-00000004-20011102}.rfx
[2012/05/03 16:18:12 | 000,029,508 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000005-00000000-00000001-00001102-00000004-20011102}.rfx
[2012/05/03 16:18:12 | 000,029,508 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000005-00000000-00000001-00001102-00000004-20011102}.rfx
[2012/05/03 16:18:12 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000001-00001102-00000004-20011102}.rfx
[2012/05/03 15:37:33 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513721917-566077972-59493417-1000Core.job
[2012/05/03 15:33:53 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd2103d4777730.job
[2012/05/03 15:33:39 | 000,002,070 | ---- | M] () -- C:\Users\Tod\Desktop\Google Chrome.lnk
[2012/05/03 15:33:39 | 000,002,032 | ---- | M] () -- C:\Users\Tod\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/02 20:43:16 | 000,005,923 | ---- | M] () -- C:\Users\Tod\Desktop\Computer Desk.jpg
[2012/05/02 20:18:28 | 000,004,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 20:18:28 | 000,004,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 18:24:39 | 000,716,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/02 18:24:39 | 000,616,582 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/02 18:24:39 | 000,113,838 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/02 18:17:57 | 4294,041,600 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/02 18:07:55 | 004,931,577 | ---- | M] () -- C:\Windows\{00000005-00000000-00000001-00001102-00000004-20011102}.CDF
[2012/05/02 18:07:55 | 004,931,577 | ---- | M] () -- C:\Windows\{00000005-00000000-00000001-00001102-00000004-20011102}.BAK
[2012/05/02 17:53:24 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/02 17:42:01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Tod\Desktop\TFC.exe
[2012/05/02 17:40:50 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/30 19:41:39 | 000,726,414 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/30 19:35:03 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/04/30 19:35:03 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/04/28 10:10:41 | 000,392,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/28 09:17:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax Canada 2011.lnk
[2012/04/23 16:19:55 | 000,001,732 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/23 16:14:12 | 000,001,006 | ---- | M] () -- C:\Users\Tod\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/04/22 21:03:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/03 18:02:15 | 000,000,512 | ---- | C] () -- C:\Users\Tod\Desktop\MBR.dat
[2012/05/02 20:43:34 | 000,005,923 | ---- | C] () -- C:\Users\Tod\Desktop\Computer Desk.jpg
[2012/05/02 17:53:24 | 000,000,986 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/28 09:17:26 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax Canada 2011.lnk
[2012/04/23 16:19:55 | 000,001,732 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/22 20:47:39 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd2103d4777730.job
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/11 04:42:10 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/09/11 04:42:10 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/06/01 16:26:46 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2011/02/28 13:27:57 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/02/14 16:26:51 | 000,007,680 | ---- | C] () -- C:\Users\Tod\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/03 18:45:18 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2011/02/03 18:45:15 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/02/03 18:45:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/01/30 13:47:30 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/01/30 11:44:53 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011/01/30 11:44:24 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011/01/30 11:43:43 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011/01/30 11:43:43 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011/01/30 10:34:33 | 000,029,698 | ---- | C] () -- C:\Windows\SysWow64\ck2ifpi.dll
[2011/01/30 10:34:33 | 000,026,626 | ---- | C] () -- C:\Windows\SysWow64\kn2iwin.dll
[2011/01/30 10:33:57 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2011/01/29 23:42:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/29 23:14:01 | 000,726,414 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/29 16:14:42 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/01/29 16:14:42 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/01/29 15:57:40 | 000,031,976 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/01/29 15:57:25 | 000,031,585 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/01/29 15:57:24 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2011/01/29 15:46:49 | 000,000,732 | ---- | C] () -- C:\Users\Tod\AppData\Local\d3d9caps64.dat
========== Alternate Data Streams ==========
@Alternate Data Stream - 152 bytes -> C:\Users\Tod\Desktop\greenest city grant.JPG:�3or4kl4x13tuuug3Byamue2s4b
< End of report >