OTL logfile created on: 11/22/2009 2:15:56 PM - Run 1 OTL by OldTimer - Version 3.1.6.2 Folder = C:\Users\star1980craft\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): c:\pagefile.sys 256 512 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 233.76 Gb Total Space | 39.77 Gb Free Space | 17.01% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 97.28 Gb Free Space | 10.44% Space Free | Partition Type: NTFS Drive E: | 465.75 Gb Total Space | 261.63 Gb Free Space | 56.17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: STAR1980CRAFT20 Current User Name: star1980craft Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe PRC - [2009/11/13 09:18:09 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe PRC - [2009/11/02 22:30:42 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe PRC - [2009/10/31 10:11:29 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe PRC - [2009/10/30 11:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2009/10/30 11:57:00 | 00,229,936 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLiteShellHlp.exe PRC - [2009/10/30 11:57:00 | 00,229,936 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLiteShellHlp.exe PRC - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009/10/14 14:55:24 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2009/10/14 14:09:56 | 01,719,568 | ---- | M] (Orbitdownloader.com) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe PRC - [2009/10/08 23:26:47 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Games\Grand Theft Auto IV\RGSC\1_1_3_0\RGSC.exe PRC - [2009/10/08 23:26:47 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Games\Grand Theft Auto IV\RGSC\1_1_3_0\RGSC.exe PRC - [2009/10/07 23:58:36 | 01,523,712 | ---- | M] (Nick Connors) -- C:\Users\star1980craft\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe PRC - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009/08/22 18:25:00 | 02,781,184 | ---- | M] () -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe PRC - [2009/07/01 16:37:06 | 00,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2009/03/31 16:06:26 | 00,050,456 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask2.exe PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe PRC - [2007/09/02 08:28:52 | 00,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe MOD - [2009/07/14 01:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009/07/14 01:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009/07/14 01:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009/07/14 01:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009/07/14 01:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009/07/14 01:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2008/09/24 14:58:46 | 00,028,672 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\WinHook.dll MOD - [2007/09/02 08:27:36 | 00,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009/08/03 22:10:42 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b]64bit:[/b] - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysNative\Msdtc -- (MSDTC) SRV:[b]64bit:[/b] - [2009/07/14 01:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 00,374,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:[b]64bit:[/b] - [2009/07/14 01:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power) SRV:[b]64bit:[/b] - [2009/07/14 01:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify) SRV:[b]64bit:[/b] - [2009/07/14 01:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper) SRV:[b]64bit:[/b] - [2009/07/14 01:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg) SRV:[b]64bit:[/b] - [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2009/07/14 01:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener) SRV:[b]64bit:[/b] - [2009/07/14 01:41:13 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2009/07/14 01:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache) SRV:[b]64bit:[/b] - [2009/07/14 01:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2009/07/14 01:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc) SRV:[b]64bit:[/b] - [2009/07/14 01:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:[b]64bit:[/b] - [2009/07/14 01:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv) SRV:[b]64bit:[/b] - [2009/07/14 01:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC) SRV:[b]64bit:[/b] - [2009/07/14 01:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV) SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc) SRV:[b]64bit:[/b] - [2009/07/14 01:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine) SRV:[b]64bit:[/b] - [2009/07/14 01:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc) SRV - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9) SRV - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2009/10/31 10:12:43 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) -- D:\games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS) SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2009/07/14 01:39:09 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2009/07/14 01:39:09 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2009/07/14 01:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 01:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV - [2009/07/13 20:30:11 | 00,061,056 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009/06/10 21:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/10 20:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2009/06/10 20:30:59 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2009/06/10 20:30:45 | 00,856,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe -- (Fix-It Task Manager) SRV - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe -- (SBAMSvc) SRV - [2008/02/20 09:42:38 | 00,354,816 | ---- | M] (Nokia.) -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.order.2: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "http://uk.foxstart.com/?rls=en:uk:mf" FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: {8FFE139B-90A7-4460-A972-9D2738997F6D}:1.6.2 FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.44.19.20090811.3 FF - prefs.js..extensions.enabledItems: treestyletab@piro.sakura.ne.jp:0.8.2009100101 FF - prefs.js..extensions.enabledItems: updater@foxstart.com:1.1.3 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2009/11/10 10:37:17 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/16 08:09:05 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/11/07 02:58:40 | 00,000,000 | ---D | M] [2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions [2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/11/21 18:03:31 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions [2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC} [2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D} [2009/11/02 19:05:50 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\en-GB@dictionaries.addons.mozilla.org [2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\treestyletab@piro.sakura.ne.jp [2009/11/21 18:03:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2009/11/07 02:58:40 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/11/02 22:30:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2009/11/02 07:42:41 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\updater@foxstart.com [2009/11/07 02:58:39 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll [2009/11/07 02:58:39 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll [2009/11/02 22:30:42 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll [2009/11/07 02:58:39 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll [2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll [2009/11/01 23:04:42 | 00,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml [2009/11/01 23:04:42 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml [2009/11/02 08:01:16 | 00,002,273 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml [2009/11/01 23:04:42 | 00,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml [2009/11/01 23:04:42 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml [2009/11/01 23:04:42 | 00,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml [2009/11/01 23:04:42 | 00,002,014 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\foxstart.xml [2009/11/01 23:04:42 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml [2009/11/01 23:04:42 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml [2009/11/01 23:04:42 | 00,000,831 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: (921 bytes) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 genuine.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 sls.microsoft.com O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [RGSC] C:\Games\Grand Theft Auto IV\RGSC\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [Welcome Center] C:\Windows\system32\OobeFldr.DLL (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8:[b]64bit:[/b] - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:[b]64bit:[/b] - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O20:[b]64bit:[/b] - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/10/13 00:37:18 | 00,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008/12/31 16:46:46 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - E:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\H\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (SBBD.exe) - C:\Windows\SysWow64\sbbd.exe (Sunbelt Software) O34 - HKLM BootExecute: (/d) - File not found O34 - HKLM BootExecute: (\Device\HarddiskVolume1\Program) - File not found O34 - HKLM BootExecute: (Files) - File not found O34 - HKLM BootExecute: ((x86)\Common) - File not found O34 - HKLM BootExecute: (Files\AntiVirus\Definitions) - File not found [b]64bit:[/b] O35 - comfile [open] -- "%1" %* File not found [b]64bit:[/b] O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs:[b]64bit:[/b] Ias - C:\Windows\SysNative\ias [2009/07/14 03:20:14 | 00,000,000 | ---D | M] NetSvcs:[b]64bit:[/b] Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation) NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation) OTL cannot create restorepoints on Vista OSs! [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009/11/21 21:29:35 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Malwarebytes [2009/11/21 21:29:23 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2009/11/21 21:29:22 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2009/11/18 21:15:09 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\Aspyr [2009/11/18 17:10:27 | 16,207,872 | ---- | C] (Aspyr Media, Inc.) -- C:\Users\star1980craft\Desktop\SWTFU.exe [2009/11/18 00:29:43 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\Aspyr [2009/11/12 03:14:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2009/11/12 03:13:47 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\DAEMON Tools Lite [2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2009/11/12 02:42:41 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Desktop\booster [2009/11/12 02:31:04 | 00,082,480 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\sbtis.sys [2009/11/12 02:04:32 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software [2009/11/12 02:04:26 | 00,000,000 | RHSD | C] -- C:\_Backup.RC [2009/11/12 02:03:53 | 00,000,000 | -H-D | C] -- C:\_Backup [2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest [2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Avanquest [2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest [2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software [2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software [2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update [2009/11/12 02:03:48 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\InstallShield [2009/11/12 02:03:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AntiVirus [2009/11/12 02:03:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest [2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare [2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare [2009/11/10 20:52:51 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\BioWare [2009/11/10 20:50:20 | 09,909,480 | ---- | C] (BioWare) -- C:\Users\star1980craft\Desktop\daorigins.exe [2009/11/10 20:14:04 | 00,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP [2009/11/10 20:04:38 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2009/11/10 18:47:48 | 00,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2009/11/10 18:47:48 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software [2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Propellerhead Software [2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software [2009/11/10 18:33:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Propellerhead [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009/11/22 14:16:22 | 01,835,008 | -HS- | M] () -- C:\Users\star1980craft\NTUSER.DAT [2009/11/22 14:05:33 | 00,001,889 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk [2009/11/22 14:04:40 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/11/22 14:04:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/11/22 14:04:21 | 53,568,3071 | -HS- | M] () -- C:\hiberfil.sys [2009/11/22 10:40:49 | 45,565,874 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2009/11/22 05:17:17 | 00,000,041 | ---- | M] () -- C:\Users\star1980craft\Desktop\Filzip.ini [2009/11/21 21:29:27 | 00,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/21 15:08:20 | 00,098,480 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg [2009/11/21 02:26:41 | 01,903,865 | -H-- | M] () -- C:\Users\star1980craft\AppData\Local\IconCache.db [2009/11/20 23:14:20 | 00,541,317 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm [2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk [2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk [2009/11/18 20:50:38 | 00,000,020 | ---- | M] () -- C:\Windows\SysWow64\SYSTEM [2009/11/18 14:33:04 | 00,000,761 | ---- | M] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk [2009/11/13 17:43:32 | 00,848,854 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009/11/13 17:43:32 | 00,715,306 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009/11/13 17:43:32 | 00,142,514 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009/11/12 18:34:40 | 00,000,542 | ---- | M] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf [2009/11/12 03:14:36 | 00,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2009/11/12 03:14:22 | 00,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2009/11/10 18:47:48 | 00,368,640 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll [2009/11/10 18:47:48 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2009/11/10 18:33:29 | 00,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Reason.lnk [2009/11/10 09:11:04 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/11/22 05:17:16 | 00,000,041 | ---- | C] () -- C:\Users\star1980craft\Desktop\Filzip.ini [2009/11/21 21:29:27 | 00,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk [2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk [2009/11/18 20:50:38 | 00,000,020 | ---- | C] () -- C:\Windows\SysWow64\SYSTEM [2009/11/18 14:33:04 | 00,000,761 | ---- | C] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk [2009/11/12 18:34:39 | 00,000,542 | ---- | C] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf [2009/11/12 03:14:36 | 00,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2009/11/10 18:33:29 | 00,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Reason.lnk [2009/11/10 18:31:42 | 21,810,54464 | ---- | C] () -- C:\Users\star1980craft\Desktop\air-reason4.iso [2009/10/21 22:02:06 | 00,793,474 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/10/14 09:03:55 | 00,062,256 | ---- | C] () -- C:\Users\star1980craft\AppData\Local\GDIPFONTCACHEV1.DAT [2009/10/14 09:01:17 | 00,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009/10/14 09:01:17 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009/10/14 09:01:17 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009/10/14 09:01:16 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2009/10/14 09:01:16 | 00,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009/10/14 09:01:14 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009/10/14 09:01:14 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2009/10/08 00:42:09 | 01,903,865 | -H-- | C] () -- C:\Users\star1980craft\AppData\Local\IconCache.db [2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009/07/14 05:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [2009/07/14 05:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/14 05:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/14 05:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/14 04:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009/07/14 02:35:42 | 00,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009/07/14 02:34:57 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini [2009/07/14 02:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [2009/07/13 23:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 21:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [color=#E56717]========== LOP Check ==========[/color] [2009/11/21 04:33:19 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Adobe [2009/11/12 02:06:38 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Avanquest [2009/11/18 14:15:19 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\DAEMON Tools Lite [2009/10/14 09:01:26 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\GrabPro [2009/10/14 09:03:32 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Identities [2009/11/12 02:03:48 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\InstallShield [2009/10/14 09:41:07 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Macromedia [2009/11/21 21:29:35 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Malwarebytes [2009/07/14 07:45:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Media Center Programs [2009/11/04 04:50:11 | 00,000,000 | --SD | M] -- C:\Users\star1980craft\AppData\Roaming\Microsoft [2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla [2009/10/09 02:14:13 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Nokia [2009/10/08 02:05:07 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Notepad++ [2009/11/01 09:43:47 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Nseries [2009/11/22 14:06:02 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Orbit [2009/10/09 02:14:13 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\PC Suite [2009/11/10 18:48:15 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Propellerhead Software [2009/10/14 09:01:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Real [2009/11/02 22:30:09 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Sun [2009/10/27 23:33:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\SUPERAntiSpyware.com [2009/10/09 17:38:34 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Uniblue [2009/11/22 14:16:59 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\uTorrent [2009/11/22 03:55:57 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\vlc [2009/10/09 18:28:57 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Winamp [2009/10/14 12:28:03 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\WinRAR [2009/11/22 14:04:40 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009/07/14 05:08:49 | 00,013,018 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\eventlog.dll /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\scecli.dll /s /md5 >[/color] [2009/04/11 16:24:20 | 00,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old.000\Windows\System32\scecli.dll [2009/04/11 16:24:35 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old.000\Windows\SysWOW64\scecli.dll [2009/04/11 16:24:20 | 00,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll [2009/04/11 16:24:35 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.001\Windows\System32\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.001\Windows\SysWOW64\scecli.dll [2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.001\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.002\Windows\System32\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.002\Windows\SysWOW64\scecli.dll [2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.002\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/04/11 16:24:20 | 00,235,520 | -H-- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old\Windows\System32\scecli.dll [2009/04/11 16:24:35 | 00,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\SysWOW64\scecli.dll [2009/04/11 16:24:20 | 00,235,520 | -H-- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll [2009/04/11 16:24:35 | 00,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [color=#A23BEC]< %SYSTEMDRIVE%\netlogon.dll /s /md5 >[/color] [2009/04/11 16:24:53 | 00,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old.000\Windows\System32\netlogon.dll [2009/04/11 16:23:45 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old.000\Windows\SysWOW64\netlogon.dll [2009/04/11 16:24:53 | 00,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2009/04/11 16:23:45 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.001\Windows\System32\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.001\Windows\SysWOW64\netlogon.dll [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.001\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.002\Windows\System32\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.002\Windows\SysWOW64\netlogon.dll [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.002\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [2009/04/11 16:24:53 | 00,717,312 | -H-- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old\Windows\System32\netlogon.dll [2009/04/11 16:23:45 | 00,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\SysWOW64\netlogon.dll [2009/04/11 16:24:53 | 00,717,312 | -H-- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2009/04/11 16:23:45 | 00,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [color=#A23BEC]< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >[/color] [2006/11/02 11:16:48 | 00,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\System32\cngaudit.dll [2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\SysWOW64\cngaudit.dll [2006/11/02 11:16:48 | 00,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.001\Windows\System32\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.001\Windows\SysWOW64\cngaudit.dll [2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.001\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.002\Windows\System32\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.002\Windows\SysWOW64\cngaudit.dll [2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.002\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2006/11/02 11:16:48 | 00,014,848 | -H-- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old\Windows\System32\cngaudit.dll [2006/11/02 09:46:03 | 00,011,776 | -H-- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\SysWOW64\cngaudit.dll [2006/11/02 11:16:48 | 00,014,848 | -H-- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006/11/02 09:46:03 | 00,011,776 | -H-- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< %SYSTEMDRIVE%\sceclt.dll /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\logevent.dll /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\iaStor.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\nvstor.sys /s /md5 >[/color] [2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\drivers\nvstor.sys [2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvstor.sys [2006/11/02 12:02:51 | 00,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvstor.sys [2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\System32\drivers\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\System32\drivers\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\System32\drivers\nvstor.sys [2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvstor.sys [2006/11/02 12:02:51 | 00,048,232 | -H-- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvstor.sys [2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [color=#A23BEC]< %SYSTEMDRIVE%\atapi.sys /s /md5 >[/color] [2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\System32\drivers\atapi.sys [2008/01/21 02:45:58 | 00,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys [2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys [2006/11/02 12:01:02 | 00,020,072 | ---- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys [2008/01/21 02:45:58 | 00,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\System32\drivers\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\System32\drivers\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\System32\drivers\atapi.sys [2008/01/21 02:45:58 | 00,022,584 | -H-- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys [2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys [2006/11/02 12:01:02 | 00,020,072 | -H-- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys [2008/01/21 02:45:58 | 00,022,584 | -H-- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\viasraid.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\AGP440.sys /s /md5 >[/color] [2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\drivers\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\AGP440.sys [2006/11/02 12:03:16 | 00,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_eee87d92\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\System32\drivers\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\System32\drivers\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\AGP440.sys [2006/11/02 12:03:16 | 00,062,056 | -H-- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_eee87d92\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\viamraid.sys /s /md5 >[/color] [color=#A23BEC]< %SYSTEMDRIVE%\nvata.sys /s /md5 >[/color] < End of report >