Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Getting Hijacked and Redirecting Results

Started by DurtJ , Nov 08 2009 11:38 AM

  • Please log in to reply

#1
DurtJ
Posted 08 November 2009 - 11:38 AM

DurtJ

    New Member

  • Member
  • Pip
  • 6 posts
Like the title says I am getting hijacked results on google. I know theres quite a few threads regarding this but I'm assuming everyones removal is a little different? I have already tried MalwareBytes AntiMalware and Spybot. I am also using a fairly fresh install of Windows 7. Here is my HijackThis log. Thank you very much for any help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:37:12 AM, on 11/8/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\CTXFIHLP.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Travis\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [scwsDraw] rundll32.exe "C:\Users\Travis\AppData\Local\scwsDraw\scwsDraw.dll", DllInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8596 bytes
  • 0

Advertisements

#2
kahdah
Posted 08 November 2009 - 12:55 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello DurtJ

Welcome to G2Go. :)
=====================
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %SYSTEMDRIVE%\eventlog.dll /s /md5
    %SYSTEMDRIVE%\scecli.dll /s /md5
    %SYSTEMDRIVE%\netlogon.dll /s /md5
    %SYSTEMDRIVE%\cngaudit.dll /s /md5
    %SYSTEMDRIVE%\sceclt.dll /s /md5
    %SYSTEMDRIVE%\ntelogon.dll /s /md5
    %SYSTEMDRIVE%\logevent.dll /s /md5
    %SYSTEMDRIVE%\iaStor.sys /s /md5
    %SYSTEMDRIVE%\nvstor.sys /s /md5
    %SYSTEMDRIVE%\atapi.sys /s /md5
    %SYSTEMDRIVE%\IdeChnDr.sys /s /md5
    %SYSTEMDRIVE%\viasraid.sys /s /md5
    %SYSTEMDRIVE%\AGP440.sys /s /md5
    %SYSTEMDRIVE%\vaxscsi.sys /s /md5

  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#3
DurtJ
Posted 08 November 2009 - 01:14 PM

DurtJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks very much for the reply. Here are the results. OTL.txt:

OTL logfile created on: 11/8/2009 11:07:26 AM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Users\Travis\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.73 Gb Available Physical Memory | 68.23% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.50 Gb Total Space | 313.61 Gb Free Space | 33.67% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 109.49 Gb Free Space | 23.51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TRAVIS-PC
Current User Name: Travis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Travis\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\CTXFIHLP.EXE (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTXFISPI.EXE (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)


========== Modules (SafeList) ==========

MOD - C:\Users\Travis\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\vssapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\vsstrace.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\spp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srclient.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\atl.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (Creative ALchemy AL1 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TVersityMediaServer) -- C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (DAUpdaterSvc) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (VSS) -- C:\Windows\Vss [2009/07/13 19:20:14 | 00,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009/07/13 19:20:14 | 00,000,000 | ---D | M]
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Bonjour Service) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (NMIndexingService) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)


========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\HA20X2K.SYS (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\EMUPIA2K.SYS (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\CTSFM2K.SYS (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\CTPRXY2K.SYS (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\CTOSS2K.SYS (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) -- C:\Windows\SysNative\drivers\CTAUD2K.SYS (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\CTAC32K.SYS (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.DLL) -- C:\Windows\SysNative\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.DLL) -- C:\Windows\SysNative\CTHWIUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.DLL) -- C:\Windows\SysNative\CT20XUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (CSC) -- C:\Windows\CSC [2009/10/23 22:03:24 | 00,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 99 A3 17 21 5B CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://google.ca"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/06 19:57:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/11/06 19:57:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009/10/24 19:09:02 | 00,000,000 | ---D | M]

[2009/10/24 07:19:55 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Mozilla\Extensions
[2009/10/24 07:19:55 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/08 09:31:42 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\vk84478y.default\extensions
[2009/10/24 07:30:53 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\vk84478y.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/24 18:50:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/11/06 19:57:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/24 18:50:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/06 19:57:00 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/06 19:57:00 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2009/10/24 18:50:29 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2009/10/24 07:27:29 | 00,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/11/06 19:57:00 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/24 18:07:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/08/24 10:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/24 10:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2009/08/24 10:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/24 10:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/24 10:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009/08/24 10:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/24 10:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (348943 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 11961 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [scwsDraw] C:\Users\Travis\AppData\Local\scwsDraw\scwsDraw.DLL ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c4f19474-c1ea-11de-9e99-001e8c2e2182}\Shell - "" = AutoRun
O33 - MountPoints2\{c4f19474-c1ea-11de-9e99-001e8c2e2182}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/13 19:20:14 | 00,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/11/07 07:50:35 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Malwarebytes
[2009/11/07 07:50:32 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/11/07 07:50:31 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/11/07 07:50:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/07 07:50:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/07 07:50:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/11/05 16:44:58 | 00,000,000 | ---D | C] -- C:\Program Files\UlisesSoft
[2009/11/03 21:52:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/11/03 21:52:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/11/03 21:52:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/11/03 19:47:51 | 00,000,000 | ---D | C] -- C:\Users\Travis\Documents\BioWare
[2009/11/03 19:47:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/03 19:47:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/03 17:58:50 | 09,272,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/11/03 17:58:49 | 05,958,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/11/02 22:15:19 | 00,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2009/11/02 22:15:10 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/11/02 22:15:10 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/11/02 22:04:53 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2009/11/01 17:04:14 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Nero
[2009/11/01 13:35:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2009/11/01 13:34:39 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Download Manager
[2009/11/01 13:09:33 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\GrabIt
[2009/11/01 13:06:03 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt
[2009/11/01 12:50:39 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Newsbin
[2009/11/01 12:50:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NewsBin
[2009/11/01 11:11:48 | 00,000,000 | ---D | C] -- C:\Extract
[2009/11/01 11:06:03 | 00,000,000 | ---D | C] -- C:\@Usenet
[2009/11/01 10:44:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Bandwidth Monitor Pro
[2009/11/01 10:32:34 | 00,000,000 | ---D | C] -- C:\Users\Travis\Documents\Newsbin Download
[2009/10/31 15:30:26 | 00,000,000 | ---D | C] -- C:\ProgramData\NewsBin
[2009/10/31 15:30:26 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\NewsBin
[2009/10/31 15:30:26 | 00,000,000 | ---D | C] -- C:\ProgramData\NewsBin
[2009/10/31 15:27:36 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\scwsDraw
[2009/10/30 18:05:14 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\vlc
[2009/10/30 18:04:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2009/10/26 19:02:27 | 00,000,000 | ---D | C] -- C:\Users\Travis\Documents\My Games
[2009/10/26 06:39:45 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2009/10/25 21:00:59 | 05,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2009/10/25 21:00:59 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2009/10/25 21:00:59 | 02,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2009/10/25 21:00:59 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2009/10/25 21:00:59 | 00,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2009/10/25 21:00:59 | 00,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2009/10/25 21:00:59 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2009/10/25 21:00:59 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2009/10/25 21:00:59 | 00,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2009/10/25 21:00:59 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2009/10/25 21:00:58 | 05,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2009/10/25 21:00:58 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2009/10/25 21:00:58 | 02,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2009/10/25 21:00:58 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2009/10/25 21:00:58 | 00,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2009/10/25 21:00:58 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2009/10/25 21:00:58 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2009/10/25 21:00:58 | 00,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2009/10/25 21:00:58 | 00,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2009/10/25 21:00:58 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2009/10/25 21:00:57 | 01,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2009/10/25 21:00:57 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2009/10/25 21:00:57 | 00,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2009/10/25 21:00:57 | 00,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2009/10/25 21:00:57 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2009/10/25 21:00:57 | 00,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2009/10/25 21:00:57 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2009/10/25 21:00:57 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2009/10/25 21:00:57 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2009/10/25 21:00:57 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2009/10/25 21:00:57 | 00,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2009/10/25 21:00:57 | 00,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2009/10/25 21:00:57 | 00,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2009/10/25 21:00:57 | 00,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2009/10/25 21:00:57 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2009/10/25 21:00:57 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2009/10/25 21:00:57 | 00,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2009/10/25 21:00:57 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2009/10/25 21:00:56 | 04,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2009/10/25 21:00:56 | 04,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2009/10/25 21:00:56 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2009/10/25 21:00:56 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2009/10/25 21:00:56 | 01,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2009/10/25 21:00:56 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2009/10/25 21:00:56 | 00,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2009/10/25 21:00:56 | 00,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2009/10/25 21:00:56 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2009/10/25 21:00:56 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2009/10/25 21:00:56 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2009/10/25 21:00:56 | 00,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2009/10/25 21:00:56 | 00,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2009/10/25 21:00:56 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2009/10/25 21:00:56 | 00,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2009/10/25 21:00:56 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2009/10/25 21:00:55 | 04,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2009/10/25 21:00:55 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2009/10/25 21:00:55 | 01,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2009/10/25 21:00:55 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2009/10/25 21:00:55 | 00,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2009/10/25 21:00:55 | 00,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2009/10/25 21:00:55 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2009/10/25 21:00:55 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2009/10/25 21:00:55 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2009/10/25 21:00:55 | 00,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2009/10/25 21:00:55 | 00,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2009/10/25 21:00:55 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2009/10/25 21:00:54 | 05,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2009/10/25 21:00:54 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2009/10/25 21:00:54 | 02,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2009/10/25 21:00:54 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2009/10/25 21:00:54 | 00,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2009/10/25 21:00:54 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2009/10/25 21:00:54 | 00,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2009/10/25 21:00:54 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2009/10/25 21:00:53 | 05,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2009/10/25 21:00:53 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2009/10/25 21:00:53 | 01,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2009/10/25 21:00:53 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2009/10/25 21:00:53 | 00,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2009/10/25 21:00:53 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2009/10/25 21:00:53 | 00,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2009/10/25 21:00:53 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2009/10/25 21:00:52 | 04,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2009/10/25 21:00:52 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2009/10/25 21:00:52 | 01,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2009/10/25 21:00:52 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2009/10/25 21:00:52 | 00,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2009/10/25 21:00:52 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2009/10/25 21:00:52 | 00,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2009/10/25 21:00:52 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2009/10/25 21:00:52 | 00,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2009/10/25 21:00:52 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2009/10/25 21:00:52 | 00,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2009/10/25 21:00:52 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2009/10/25 21:00:51 | 04,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2009/10/25 21:00:51 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2009/10/25 21:00:51 | 01,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2009/10/25 21:00:51 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2009/10/25 21:00:51 | 00,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2009/10/25 21:00:51 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2009/10/25 21:00:51 | 00,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2009/10/25 21:00:51 | 00,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2009/10/25 21:00:51 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2009/10/25 21:00:51 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2009/10/25 21:00:50 | 04,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2009/10/25 21:00:50 | 03,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2009/10/25 21:00:50 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2009/10/25 21:00:50 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2009/10/25 21:00:50 | 00,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2009/10/25 21:00:50 | 00,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2009/10/25 21:00:50 | 00,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2009/10/25 21:00:50 | 00,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2009/10/25 21:00:50 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2009/10/25 21:00:50 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2009/10/25 21:00:50 | 00,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2009/10/25 21:00:50 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2009/10/25 21:00:49 | 00,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2009/10/25 21:00:49 | 00,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2009/10/25 21:00:49 | 00,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2009/10/25 21:00:49 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2009/10/25 21:00:49 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2009/10/25 21:00:49 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2009/10/25 21:00:49 | 00,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2009/10/25 21:00:49 | 00,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2009/10/25 21:00:49 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2009/10/25 21:00:49 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2009/10/25 21:00:46 | 03,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2009/10/25 21:00:45 | 03,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2009/10/25 21:00:45 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2009/10/25 21:00:45 | 00,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2009/10/25 21:00:45 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2009/10/25 21:00:45 | 00,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2009/10/25 21:00:45 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2009/10/25 21:00:44 | 03,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2009/10/25 21:00:44 | 03,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2009/10/25 21:00:44 | 03,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2009/10/25 21:00:44 | 03,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2009/10/25 21:00:44 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2009/10/25 21:00:44 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2009/10/25 21:00:44 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2009/10/25 21:00:43 | 03,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2009/10/25 21:00:43 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2009/10/25 21:00:11 | 00,000,000 | ---D | C] -- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2009/10/25 20:53:09 | 00,000,000 | ---D | C] -- C:\Games
[2009/10/25 20:49:31 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/10/25 20:49:31 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/10/25 20:49:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2009/10/25 20:49:27 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2009/10/25 20:31:33 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\DAEMON Tools Lite
[2009/10/25 20:05:11 | 01,297,408 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpotiop1.dll
[2009/10/25 20:05:11 | 00,861,184 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpowiav1.dll
[2009/10/25 20:05:11 | 00,498,176 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpovst01.dll
[2009/10/25 20:05:05 | 00,130,048 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpz3l4v2.dll
[2009/10/25 20:00:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2009/10/25 20:00:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2009/10/25 10:37:51 | 00,000,000 | ---D | C] -- C:\Comics
[2009/10/25 09:42:59 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Apps
[2009/10/25 09:40:32 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Ahead
[2009/10/25 09:38:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2009/10/25 09:38:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2009/10/25 09:38:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2009/10/25 09:38:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2009/10/25 09:36:51 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2009/10/25 09:36:51 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2009/10/25 09:35:36 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\ESET
[2009/10/25 09:34:29 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2009/10/25 09:34:29 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2009/10/25 09:34:29 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\SysWow64\pthreadGC2.dll
[2009/10/25 09:34:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2009/10/25 09:34:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TVersity Codec Pack
[2009/10/25 09:34:06 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TVersity
[2009/10/25 09:14:02 | 14,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/10/25 09:13:57 | 11,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/10/25 09:13:56 | 01,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2009/10/25 09:13:56 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009/10/25 09:13:56 | 00,982,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/10/25 09:13:55 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/10/25 09:13:55 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/10/25 09:13:55 | 00,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2009/10/25 09:13:55 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009/10/25 09:13:55 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2009/10/25 09:13:55 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009/10/25 09:13:55 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2009/10/25 09:13:55 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009/10/25 09:13:54 | 12,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/10/25 09:13:54 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/10/24 19:16:34 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Winamp
[2009/10/24 19:16:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2009/10/24 19:09:34 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\ESET
[2009/10/24 19:09:02 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/10/24 19:09:02 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/10/24 19:09:02 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/10/24 18:55:08 | 00,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2009/10/24 18:55:08 | 00,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2009/10/24 18:55:07 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Azureus
[2009/10/24 18:52:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2009/10/24 18:50:38 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/10/24 18:50:38 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/10/24 18:50:38 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/10/24 18:50:38 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/10/24 18:50:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/10/24 18:31:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CDisplay
[2009/10/24 18:13:12 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Apple Computer
[2009/10/24 18:13:11 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Apple Computer
[2009/10/24 18:12:35 | 00,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2009/10/24 18:12:35 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2009/10/24 18:12:35 | 00,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2009/10/24 18:12:35 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2009/10/24 18:11:12 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/10/24 18:10:59 | 00,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2009/10/24 18:10:59 | 00,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2009/10/24 18:10:59 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/24 18:10:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2009/10/24 18:07:17 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/10/24 18:07:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2009/10/24 18:06:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/10/24 18:06:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/10/24 18:06:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2009/10/24 18:05:35 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Apple
[2009/10/24 18:05:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2009/10/24 18:04:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/10/24 18:04:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/10/24 18:04:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/10/24 18:04:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2009/10/24 17:43:58 | 00,000,000 | ---D | C] -- C:\Burner
[2009/10/24 17:30:16 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2009/10/24 17:30:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2009/10/24 17:30:10 | 00,000,000 | ---D | C] -- C:\Intel
[2009/10/24 17:23:56 | 00,000,000 | ---D | C] -- C:\Program Files\Creative
[2009/10/24 17:15:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2009/10/24 17:15:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2009/10/24 17:12:55 | 00,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2009/10/24 17:12:55 | 00,000,000 | ---D | C] -- C:\ProgramData\Creative
[2009/10/24 17:12:55 | 00,000,000 | ---D | C] -- C:\ProgramData\Creative
[2009/10/24 17:11:44 | 00,188,064 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTOPT352.dll
[2009/10/24 17:11:44 | 00,171,680 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTOPT352.dll
[2009/10/24 17:11:44 | 00,061,440 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTChkAud.dll
[2009/10/24 17:11:44 | 00,049,664 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTChkAud.dll
[2009/10/24 17:11:44 | 00,042,496 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\AddCat.exe
[2009/10/24 17:11:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2009/10/24 17:11:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2009/10/24 17:11:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Auzentech
[2009/10/24 17:10:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2009/10/24 17:09:16 | 00,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2009/10/24 17:09:14 | 00,108,032 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2009/10/24 17:08:24 | 00,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2009/10/24 17:08:24 | 00,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2009/10/24 17:08:24 | 00,121,880 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2009/10/24 17:08:24 | 00,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2009/10/24 17:08:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2009/10/24 17:08:15 | 00,012,288 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\INRES.DLL
[2009/10/24 17:08:15 | 00,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRES.DLL
[2009/10/24 17:08:15 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2009/10/24 17:08:15 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2009/10/24 17:08:04 | 01,562,136 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\HA20X2K.SYS
[2009/10/24 17:08:04 | 01,225,216 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTXFISPI.EXE
[2009/10/24 17:08:04 | 00,805,400 | ---- | C] (Creative Labs Inc.) -- C:\Windows\SysWow64\OALInst.exe
[2009/10/24 17:08:04 | 00,688,024 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CTAUD2K.SYS
[2009/10/24 17:08:04 | 00,580,632 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CTAC32K.SYS
[2009/10/24 17:08:04 | 00,569,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\UDAAPO64.DLL
[2009/10/24 17:08:04 | 00,498,176 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\UDAAPO32.DLL
[2009/10/24 17:08:04 | 00,213,016 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CTSFM2K.SYS
[2009/10/24 17:08:04 | 00,194,048 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\CTDVINST.DLL
[2009/10/24 17:08:04 | 00,193,024 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CT_OAL.DLL
[2009/10/24 17:08:04 | 00,182,272 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CT_OAL.DLL
[2009/10/24 17:08:04 | 00,178,712 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CTOSS2K.SYS
[2009/10/24 17:08:04 | 00,137,216 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\SFMS32.DLL
[2009/10/24 17:08:04 | 00,118,296 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\EMUPIA2K.SYS
[2009/10/24 17:08:04 | 00,114,688 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTEMUPIA.DLL
[2009/10/24 17:08:04 | 00,113,152 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\SFMS32.DLL
[2009/10/24 17:08:04 | 00,089,336 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\ctpxst32.exe
[2009/10/24 17:08:04 | 00,083,456 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\PIAPROXY.DLL
[2009/10/24 17:08:04 | 00,080,896 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\PIAPROXY.DLL
[2009/10/24 17:08:04 | 00,077,824 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\EAXAC3.DLL
[2009/10/24 17:08:04 | 00,074,240 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTOSUSER.DLL
[2009/10/24 17:08:04 | 00,073,728 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\CTCOINST.DLL
[2009/10/24 17:08:04 | 00,061,952 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTDPROXY.DLL
[2009/10/24 17:08:04 | 00,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\A3D.DLL
[2009/10/24 17:08:04 | 00,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\UDAPLD64.DLL
[2009/10/24 17:08:04 | 00,051,712 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTASIO.DLL
[2009/10/24 17:08:04 | 00,048,640 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\AC3API.DLL
[2009/10/24 17:08:04 | 00,048,400 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\AddCat.exe
[2009/10/24 17:08:04 | 00,047,104 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTXFIREG.EXE
[2009/10/24 17:08:04 | 00,044,544 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\DEVREG.DLL
[2009/10/24 17:08:04 | 00,043,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTXFISPK.DLL
[2009/10/24 17:08:04 | 00,041,984 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTXFIBTN.DLL
[2009/10/24 17:08:04 | 00,039,424 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTXFISPK.DLL
[2009/10/24 17:08:04 | 00,036,864 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\DEVREG.DLL
[2009/10/24 17:08:04 | 00,023,552 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CTXFIHLP.EXE
[2009/10/24 17:08:04 | 00,016,408 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\PFMODNT.SYS
[2009/10/24 17:08:04 | 00,015,896 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\drivers\CTPRXY2K.SYS
[2009/10/24 17:08:04 | 00,015,360 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\CT20XSPI.DLL
[2009/10/24 17:08:04 | 00,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\KILLAPPS.EXE
[2009/10/24 17:08:04 | 00,010,752 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\SFMAN32.DLL
[2009/10/24 17:08:04 | 00,010,240 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\SFMAN32.DLL
[2009/10/24 17:08:03 | 01,714,176 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTXFISPI.EXE
[2009/10/24 17:08:03 | 01,417,752 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CTEXFIFX.DLL
[2009/10/24 17:08:03 | 00,202,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CT20XUT.DLL
[2009/10/24 17:08:03 | 00,117,760 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTEMUPIA.DLL
[2009/10/24 17:08:03 | 00,099,064 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\ctpxst64.exe
[2009/10/24 17:08:03 | 00,094,744 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CTHWIUT.DLL
[2009/10/24 17:08:03 | 00,089,088 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTOSUSER.DLL
[2009/10/24 17:08:03 | 00,072,704 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTMLFX64.DLL
[2009/10/24 17:08:03 | 00,067,584 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTDPROXY.DLL
[2009/10/24 17:08:03 | 00,055,808 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTASIO.DLL
[2009/10/24 17:08:03 | 00,048,128 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTXFIREG.EXE
[2009/10/24 17:08:03 | 00,047,104 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTXFIBTN.DLL
[2009/10/24 17:08:03 | 00,024,576 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CTXFIHLP.EXE
[2009/10/24 17:08:03 | 00,019,456 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\CT20XSPI.DLL
[2009/10/24 17:08:03 | 00,000,000 | ---D | C] -- C:\Download
[2009/10/24 10:25:28 | 00,000,000 | ---D | C] -- C:\MP3
[2009/10/24 10:22:26 | 00,000,000 | ---D | C] -- C:\Images
[2009/10/24 07:33:58 | 00,000,000 | ---D | C] -- C:\Azureus
[2009/10/24 07:28:50 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\WinRAR
[2009/10/24 07:28:28 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/10/24 07:27:44 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Foxit
[2009/10/24 07:27:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2009/10/24 07:27:22 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\ImgBurn
[2009/10/24 07:27:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2009/10/24 07:23:57 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Logitech
[2009/10/24 07:23:52 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Leadertech
[2009/10/24 07:23:48 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/10/24 07:23:48 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/10/24 07:23:03 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2009/10/24 07:23:00 | 00,190,992 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\BtCoreIf.dll
[2009/10/24 07:22:59 | 00,235,536 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\KemUtil.dll
[2009/10/24 07:22:59 | 00,235,536 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\kemutb.dll
[2009/10/24 07:22:59 | 00,159,248 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\KemWnd.dll
[2009/10/24 07:22:59 | 00,096,272 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\KemXML.dll
[2009/10/24 07:22:56 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/10/24 07:22:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2009/10/24 07:22:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2009/10/24 07:22:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2009/10/24 07:22:53 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2009/10/24 07:19:43 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Mozilla
[2009/10/24 07:19:43 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Mozilla
[2009/10/24 07:19:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2009/10/24 07:17:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2009/10/24 07:17:14 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/10/24 07:17:14 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/10/24 07:16:55 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2009/10/24 07:16:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2009/10/24 07:16:53 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/10/24 07:16:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2009/10/24 07:16:49 | 00,541,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe
[2009/10/24 07:16:35 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/10/24 07:07:18 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Microsoft Games
[2009/10/24 07:01:50 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2009/10/24 07:01:50 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Macromedia
[2009/10/24 07:01:50 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Adobe
[2009/10/24 07:00:51 | 00,000,000 | ---D | C] -- C:\@Travis
[2009/10/24 06:43:11 | 00,000,000 | R--D | C] -- C:\Users\Travis\Searches
[2009/10/24 06:43:04 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Identities
[2009/10/24 06:43:03 | 00,000,000 | R--D | C] -- C:\Users\Travis\Contacts
[2009/10/24 06:43:01 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\VirtualStore
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Templates
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Start Menu
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\SendTo
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Recent
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\PrintHood
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\NetHood
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Documents\My Videos
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Documents\My Pictures
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Documents\My Music
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\My Documents
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Local Settings
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Cookies
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\Application Data
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\AppData\Local\Temporary Internet Files
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\AppData\Local\History
[2009/10/24 06:42:53 | 00,000,000 | -HSD | C] -- C:\Users\Travis\AppData\Local\Application Data
[2009/10/24 06:42:52 | 00,000,000 | --SD | C] -- C:\Users\Travis\AppData\Roaming\Microsoft
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Videos
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Saved Games
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Pictures
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Music
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Links
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Favorites
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Downloads
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Documents
[2009/10/24 06:42:52 | 00,000,000 | R--D | C] -- C:\Users\Travis\Desktop
[2009/10/24 06:42:52 | 00,000,000 | -H-D | C] -- C:\Users\Travis\AppData
[2009/10/24 06:42:52 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Roaming\Media Center Programs
[2009/10/24 06:42:52 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Temp
[2009/10/24 06:42:52 | 00,000,000 | ---D | C] -- C:\Users\Travis\AppData\Local\Microsoft
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\Recovery
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\Documents and Settings
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2009/10/24 06:40:54 | 00,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2009/10/24 06:40:51 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/10/23 23:01:51 | 00,000,000 | -HSD | C] -- C:\Boot
[2009/10/23 22:03:27 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/10/23 22:03:24 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/10/14 05:08:14 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/10/14 04:52:35 | 00,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/10/14 04:52:32 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/14 04:52:32 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/14 04:51:47 | 26,575,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009/10/14 04:51:32 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009/10/14 04:51:32 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/10/14 04:51:32 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/14 04:51:32 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/14 04:11:25 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/08 11:08:02 | 04,718,592 | -HS- | M] () -- C:\Users\Travis\NTUSER.DAT
[2009/11/08 09:25:20 | 00,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/08 09:25:20 | 00,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/08 09:24:40 | 00,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/11/08 09:24:40 | 00,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/11/08 09:24:40 | 00,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/11/08 09:20:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/08 09:20:14 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/08 09:20:10 | 32,205,29152 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/08 00:10:31 | 00,060,888 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/11/08 00:10:31 | 00,060,888 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/11/08 00:10:31 | 00,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/11/08 00:10:13 | 03,118,652 | -H-- | M] () -- C:\Users\Travis\AppData\Local\IconCache.db
[2009/11/03 22:08:01 | 00,348,943 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2009/11/02 22:15:08 | 00,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2009/11/02 20:42:06 | 00,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/10/31 18:51:37 | 00,000,440 | RHS- | M] () -- C:\Users\Travis\ntuser.pol
[2009/10/26 17:35:18 | 00,001,354 | ---- | M] () -- C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2009/10/26 06:33:01 | 00,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/25 20:49:29 | 00,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/10/25 20:32:30 | 00,871,408 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2009/10/25 20:00:57 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009/10/25 09:39:19 | 00,001,024 | ---- | M] () -- C:\Users\Travis\.rnd
[2009/10/25 09:34:30 | 00,002,390 | ---- | M] () -- C:\Users\Travis\Desktop\TVersity.lnk
[2009/10/24 22:38:32 | 00,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2009/10/24 22:38:32 | 00,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2009/10/24 18:50:28 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/10/24 18:50:28 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/10/24 18:50:28 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/10/24 18:50:28 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/10/24 17:30:10 | 00,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2009/10/24 17:24:46 | 00,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2009/10/24 17:24:46 | 00,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2009/10/24 17:24:46 | 00,121,880 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2009/10/24 17:24:46 | 00,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2009/10/24 17:24:39 | 00,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2009/10/24 17:24:32 | 00,000,029 | ---- | M] () -- C:\Windows\sfbm.INI
[2009/10/24 17:13:28 | 00,524,288 | -HS- | M] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009/10/24 17:13:28 | 00,524,288 | -HS- | M] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009/10/24 17:13:28 | 00,065,536 | -HS- | M] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009/10/24 07:24:18 | 00,057,560 | ---- | M] () -- C:\Users\Travis\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/24 07:23:12 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2009/10/24 07:23:12 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009/10/24 07:23:00 | 00,001,751 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/10/24 06:42:53 | 00,000,020 | -HS- | M] () -- C:\Users\Travis\ntuser.ini
[2009/10/24 06:41:10 | 00,171,136 | RHS- | M] () -- C:\w7ldr
[2009/10/23 23:01:52 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/10/23 22:06:36 | 00,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2009/10/23 22:06:36 | 00,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2009/10/19 06:46:09 | 09,272,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/19 06:10:10 | 05,958,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/02 22:15:08 | 00,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2009/10/31 18:51:37 | 00,000,440 | RHS- | C] () -- C:\Users\Travis\ntuser.pol
[2009/10/26 17:35:18 | 00,001,354 | ---- | C] () -- C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2009/10/25 20:49:29 | 00,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/10/25 20:32:30 | 00,871,408 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2009/10/25 20:00:57 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009/10/25 09:39:17 | 00,001,024 | ---- | C] () -- C:\Users\Travis\.rnd
[2009/10/25 09:34:30 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/10/25 09:34:30 | 00,002,390 | ---- | C] () -- C:\Users\Travis\Desktop\TVersity.lnk
[2009/10/25 09:34:30 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/10/24 17:30:10 | 00,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/10/24 17:25:17 | 00,060,888 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/10/24 17:25:17 | 00,060,888 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/10/24 17:25:17 | 00,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2009/10/24 17:25:17 | 00,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2009/10/24 17:25:17 | 00,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000006-00000000-00000002-00001102-00000005-0034415A}.rfx
[2009/10/24 17:24:32 | 00,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2009/10/24 17:13:25 | 03,118,652 | -H-- | C] () -- C:\Users\Travis\AppData\Local\IconCache.db
[2009/10/24 17:11:47 | 00,191,488 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2009/10/24 17:11:47 | 00,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/10/24 17:11:47 | 00,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2009/10/24 17:11:47 | 00,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/10/24 17:11:47 | 00,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2009/10/24 17:11:44 | 00,006,130 | ---- | C] () -- C:\Windows\SysNative\CTOPT352.cat
[2009/10/24 17:11:44 | 00,006,010 | ---- | C] () -- C:\Windows\SysWow64\CTOPT352.cat
[2009/10/24 17:08:15 | 00,003,072 | ---- | C] () -- C:\Windows\SysNative\CTXFIRES.DLL
[2009/10/24 17:08:15 | 00,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2009/10/24 17:08:04 | 07,572,224 | ---- | C] () -- C:\Windows\SysWow64\CT8MGM.SF2
[2009/10/24 17:08:04 | 07,572,224 | ---- | C] () -- C:\Windows\SysNative\CT8MGM.SF2
[2009/10/24 17:08:04 | 04,174,814 | ---- | C] () -- C:\Windows\SysWow64\CT4MGM.SF2
[2009/10/24 17:08:04 | 04,174,814 | ---- | C] () -- C:\Windows\SysNative\CT4MGM.SF2
[2009/10/24 17:08:04 | 02,167,684 | ---- | C] () -- C:\Windows\SysWow64\CT2MGM.SF2
[2009/10/24 17:08:04 | 02,167,684 | ---- | C] () -- C:\Windows\SysNative\CT2MGM.SF2
[2009/10/24 17:08:04 | 01,048,576 | ---- | C] () -- C:\Windows\SysWow64\CT1MGM.ROM
[2009/10/24 17:08:04 | 01,048,576 | ---- | C] () -- C:\Windows\SysNative\CT1MGM.ROM
[2009/10/24 17:08:04 | 00,323,856 | ---- | C] () -- C:\Windows\SysWow64\CTDLANG.DAT
[2009/10/24 17:08:04 | 00,323,856 | ---- | C] () -- C:\Windows\SysNative\CTDLANG.DAT
[2009/10/24 17:08:04 | 00,056,405 | ---- | C] () -- C:\Windows\SysWow64\CTDNLSTR.DAT
[2009/10/24 17:08:04 | 00,056,405 | ---- | C] () -- C:\Windows\SysNative\CTDNLSTR.DAT
[2009/10/24 17:08:04 | 00,018,432 | ---- | C] () -- C:\Windows\SysNative\REGPLIB.EXE
[2009/10/24 17:08:04 | 00,008,704 | ---- | C] () -- C:\Windows\SysNative\ENLOCSTR.EXE
[2009/10/24 17:08:04 | 00,008,382 | ---- | C] () -- C:\Windows\SysWow64\UDAAPO64.UDA
[2009/10/24 17:08:04 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ENLOCSTR.EXE
[2009/10/24 17:08:04 | 00,005,530 | ---- | C] () -- C:\Windows\SysWow64\CTMLFX64.UDA
[2009/10/24 17:08:04 | 00,003,128 | ---- | C] () -- C:\Windows\SysNative\XFi.bmp
[2009/10/24 17:08:04 | 00,000,766 | ---- | C] () -- C:\Windows\SysNative\SBXFi.ico
[2009/10/24 17:08:04 | 00,000,307 | ---- | C] () -- C:\Windows\SysWow64\KILL.INI
[2009/10/24 17:08:04 | 00,000,307 | ---- | C] () -- C:\Windows\SysNative\KILL.INI
[2009/10/24 17:08:04 | 00,000,059 | ---- | C] () -- C:\Windows\SysNative\DEFAULT8.SFM
[2009/10/24 17:08:04 | 00,000,059 | ---- | C] () -- C:\Windows\SysNative\DEFAULT4.SFM
[2009/10/24 17:08:04 | 00,000,059 | ---- | C] () -- C:\Windows\SysNative\DEFAULT.SFM
[2009/10/24 17:08:04 | 00,000,052 | ---- | C] () -- C:\Windows\SysNative\ctzapxx.ini
[2009/10/24 17:08:03 | 00,042,724 | ---- | C] () -- C:\Windows\SysNative\auzen.ini
[2009/10/24 07:24:18 | 00,057,560 | ---- | C] () -- C:\Users\Travis\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/24 07:23:12 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2009/10/24 07:23:12 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009/10/24 07:23:00 | 00,001,751 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/10/24 06:42:53 | 00,524,288 | -HS- | C] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009/10/24 06:42:53 | 00,000,020 | -HS- | C] () -- C:\Users\Travis\ntuser.ini
[2009/10/24 06:42:52 | 04,718,592 | -HS- | C] () -- C:\Users\Travis\NTUSER.DAT
[2009/10/24 06:42:52 | 00,524,288 | -HS- | C] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009/10/24 06:42:52 | 00,065,536 | -HS- | C] () -- C:\Users\Travis\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009/10/24 06:41:10 | 00,171,136 | RHS- | C] () -- C:\w7ldr
[2009/10/23 23:01:52 | 00,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2009/10/23 23:01:51 | 00,383,562 | RHS- | C] () -- C:\bootmgr
[2009/10/23 22:03:09 | 32,205,29152 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/02 23:21:54 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/08/02 23:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/08/02 23:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/07/13 21:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009/07/13 21:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 21:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 21:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 20:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/07/13 18:34:57 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009/07/13 18:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/07/13 15:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2009/11/06 19:48:15 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Azureus
[2009/10/25 20:52:21 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\DAEMON Tools Lite
[2009/10/24 19:09:34 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\ESET
[2009/10/24 07:27:44 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Foxit
[2009/11/01 13:09:35 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\GrabIt
[2009/10/24 07:27:22 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\ImgBurn
[2009/10/24 07:23:52 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\Leadertech
[2009/11/01 12:49:20 | 00,000,000 | ---D | M] -- C:\Users\Travis\AppData\Roaming\NewsBin
[2009/11/08 09:20:16 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/13 21:08:49 | 00,009,918 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009/07/13 17:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 17:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 17:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009/07/13 17:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009/07/13 17:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 17:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 17:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/13 17:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009/07/13 17:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 17:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 17:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009/07/13 17:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009/07/13 17:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 17:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009/07/13 17:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 17:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009/07/13 17:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 17:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< End of report >





**************************************************************************
And extras.txt

OTL Extras logfile created on: 11/8/2009 11:07:26 AM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Users\Travis\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.73 Gb Available Physical Memory | 68.23% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.50 Gb Total Space | 313.61 Gb Free Space | 33.67% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 109.49 Gb Free Space | 23.51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TRAVIS-PC
Current User Name: Travis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Program Files (x86)\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Program Files (x86)\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{5759E649-E281-46C2-BB4B-50413623DCDF}" = iTunes
"{83B8C63E-241F-4969-91AF-5FDC79D48D1C}" = ESET Smart Security
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE282C23-5484-47FF-B2C1-EBEA5C891033}" = Nero 8
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{DA7D5E4A-7AEA-45BE-AA03-3748282DFB09}" = Auzen X-Fi Prelude 7.1
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CDisplay_is1" = CDisplay 1.8
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"DTS Connect Pack" = DTS Connect Pack
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"Foxit Reader" = Foxit Reader
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HijackThis" = HijackThis 2.0.2
"ImgBurn" = ImgBurn
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"NewsBin5" = NewsBin Pro
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"TVersity Codec Pack" = TVersity Codec Pack 1.2
"TVersity Media Server" = TVersity Media Server 1.7.2.1 Beta
"VLC media player" = VLC media player 1.0.2
"Winamp" = Winamp

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/30/2009 3:30:06 AM | Computer Name = Travis-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 10/31/2009 12:11:48 AM | Computer Name = Travis-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Borderlands.exe, version: 1.0.0.0, time
stamp: 0x4ab92d4f Faulting module name: Borderlands.exe, version: 1.0.0.0, time
stamp: 0x4ab92d4f Exception code: 0xc0000005 Fault offset: 0x009f697e Faulting process
id: 0x98c Faulting application start time: 0x01ca59d846e6026b Faulting application
path: C:\Games\Borderlands\Binaries\Borderlands.exe Faulting module path: C:\Games\Borderlands\Binaries\Borderlands.exe
Report
Id: 81cdedec-c5d3-11de-a454-001e8c2e2182

Error - 10/31/2009 11:15:42 PM | Computer Name = Travis-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 11/1/2009 5:03:31 PM | Computer Name = Travis-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3576 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: e28 Start
Time: 01ca5b33f41cbee2 Termination Time: 0 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: fe80bbe9-c729-11de-a77a-001e8c2e2182

Error - 11/1/2009 5:04:14 PM | Computer Name = Travis-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3576 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 53c Start
Time: 01ca5b36c5f6289f Termination Time: 6053 Application Path: C:\Program Files
(x86)\Mozilla Firefox\firefox.exe Report Id: 16bc2503-c72a-11de-a77a-001e8c2e2182


Error - 11/1/2009 5:40:33 PM | Computer Name = Travis-PC | Source = Application Hang | ID = 1002
Description = The program setup.exe version 11.10.5.3 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: e2c Start Time:
01ca5b3b3e82c060 Termination Time: 0 Application Path: C:\Extract\Drivers\MarvellYukon_Ethernet_V111053_Windows7\setup.exe

Report
Id:

Error - 11/1/2009 5:42:06 PM | Computer Name = Travis-PC | Source = Application Hang | ID = 1002
Description = The program setup.exe version 11.10.5.3 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1238 Start Time:
01ca5b3c15bf05f6 Termination Time: 0 Application Path: C:\Extract\Drivers\MarvellYukon_Ethernet_V111053_Windows7\setup.exe

Report
Id:

Error - 11/2/2009 12:08:09 AM | Computer Name = Travis-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 1.9.1.3576, time
stamp: 0x4ad8b0e7 Faulting module name: FOXITR~1.OCX, version: 1.0.0.1, time stamp:
0x495057f6 Exception code: 0xc0000005 Fault offset: 0x00002c8e Faulting process id:
0x914 Faulting application start time: 0x01ca5b720520fdd6 Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX
Report
Id: 5464d3f5-c765-11de-8583-001e8c2e2182

Error - 11/2/2009 12:19:40 PM | Computer Name = Travis-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error - 11/3/2009 2:15:19 AM | Computer Name = Travis-PC | Source = MsiInstaller | ID = 1013
Description =

[ System Events ]
Error - 11/4/2009 9:50:25 PM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 11/5/2009 2:11:18 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7034
Description = The TVersityMediaServer service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/5/2009 2:11:18 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 11/5/2009 11:18:35 AM | Computer Name = Travis-PC | Source = NetBT | ID = 4321
Description = The name "TRAVIS-PC :0" could not be registered on the interface
with IP address 192.168.1.101. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 11/5/2009 11:18:42 AM | Computer Name = Travis-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{782301D5-2B19-4AE1-B02C-341AE3369E89}
because another computer on the network has the same name. The server could not
start.

Error - 11/5/2009 11:18:42 AM | Computer Name = Travis-PC | Source = NetBT | ID = 4321
Description = The name "TRAVIS-PC :20" could not be registered on the interface
with IP address 192.168.1.101. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 11/6/2009 2:29:47 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7034
Description = The TVersityMediaServer service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/6/2009 2:29:47 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 11/6/2009 11:27:40 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7034
Description = The TVersityMediaServer service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/6/2009 11:27:40 AM | Computer Name = Travis-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.


< End of report >
  • 0

#4
kahdah
Posted 08 November 2009 - 02:03 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok please do the following.
Back up your Firefox data and then uninstall Firefox.
Then navigate to C:\Program Files and delete the entire Firefox folder then reboot and see if you are still getting redirected.
  • 0

#5
DurtJ
Posted 11 November 2009 - 10:47 PM

DurtJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks again for the reply. I reinstalled firefox a couple days ago and I thought I was in the clear until I just got a couple of the hijacked results. Anything else I can do?
  • 0

#6
kahdah
Posted 12 November 2009 - 07:01 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

  • 0

#7
DurtJ
Posted 13 November 2009 - 07:51 PM

DurtJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Here is the contents of the log

GooredFix by jpshortstuff (09.11.09.1)
Log created at 17:51 on 13/11/2009 (Travis)
Firefox version 3.5.5 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [01:43 10/11/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(Key not found)

-=E.O.F=-

Thanks again.
  • 0

#8
kahdah
Posted 14 November 2009 - 05:48 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
If you are only getting it through firefox then Firefox is still infected.
Did you delete the firefox folder as well after uninstalling it?
If not uninstall it again then delete anything that says Mozilla in the name in the
C:\Program Files folder and this folder as well C:\Program Files (x86)\Mozilla Firefox
Then you can reinstall it again fresh then you should not have any redirects.
  • 0

#9
DurtJ
Posted 15 November 2009 - 11:38 AM

DurtJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I uninstalled Firefox again, cookies and everything. Then deleted the Mozilla folder. I searched for any files name mozilla and firefox on my computer as well and deleted them all. I reinstalled Firefox and I am still getting redirected. I am not even sure if it is just redirecting me with Firefox, as I do not use IE. Is there anything else I can do?
  • 0

#10
kahdah
Posted 15 November 2009 - 11:53 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Check it with IE please.
  • 0

#11
DurtJ
Posted 15 November 2009 - 06:32 PM

DurtJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I do not believe IE is getting hijacked as I tried it for approx 50 google searches and did not get one. Firefox was able to get one within 5 clicks. If it helps, everytime it happens on my "back" button it displays a page entitled "Redirect". If it helps even more, this is what the url was for when it started to redirect me.

hxxp://6789.****.primosearch.com/jum...&terms=meta
  • 0

#12
kahdah
Posted 16 November 2009 - 08:44 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok please post an updated OTL log please.
Also please avoid posting links to redirects as it can infect others I have deactivated the link.
Thanks. :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP