Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

slow system


  • Please log in to reply

#1
starcraft

starcraft

    Member

  • Member
  • PipPip
  • 78 posts
screen shot to system info >>> http://i6.photobucke...2000/system.gif

im finding my computer running rather sluggish , i dont think its my specs as you can see i have 6gig ram and an i7 920 cpu and atg times i have barely anything running and certain games i play are very sluggish im using the nvidia gtx geforce 295 overcloked also and still some games run slow so i am wondering if its a spyware issue

i have added mbam log

thanks for help in advance

Attached Files


  • 0

Advertisements


#2
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
rootkit wont install as it doesnt run on 64bit systems, ive been trying to do this otl a couple of times but another problem i forgot to mention is that i keep getting things not responding all the time, pretty much everything does that from firefox to even just opening a small application like otl or opening a small folder which usually sounds like there is not enough ram , i thought 6gig should be enough ? or is something eating at it? here is the log i finally managed to produce running otl as i said i cant give you the root kit one as it will not run on my OS.

otl gave me 2 logs which i have attached and also pasted below

so any help from here on is appreciated

otl log

OTL logfile created on: 11/22/2009 2:15:56 PM - Run 1
OTL by OldTimer - Version 3.1.6.2 Folder = C:\Users\star1980craft\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 256 512

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233.76 Gb Total Space | 39.77 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 97.28 Gb Free Space | 10.44% Space Free | Partition Type: NTFS
Drive E: | 465.75 Gb Total Space | 261.63 Gb Free Space | 56.17% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STAR1980CRAFT20
Current User Name: star1980craft
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/13 09:18:09 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/02 22:30:42 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/10/31 10:11:29 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2009/10/30 11:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/10/30 11:57:00 | 00,229,936 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLiteShellHlp.exe
PRC - [2009/10/30 11:57:00 | 00,229,936 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLiteShellHlp.exe
PRC - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/10/14 14:55:24 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2009/10/14 14:09:56 | 01,719,568 | ---- | M] (Orbitdownloader.com) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
PRC - [2009/10/08 23:26:47 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Games\Grand Theft Auto IV\RGSC\1_1_3_0\RGSC.exe
PRC - [2009/10/08 23:26:47 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Games\Grand Theft Auto IV\RGSC\1_1_3_0\RGSC.exe
PRC - [2009/10/07 23:58:36 | 01,523,712 | ---- | M] (Nick Connors) -- C:\Users\star1980craft\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe
PRC - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/08/22 18:25:00 | 02,781,184 | ---- | M] () -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe
PRC - [2009/07/01 16:37:06 | 00,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2009/03/31 16:06:26 | 00,050,456 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask2.exe
PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe
PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe
PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe
PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2007/09/02 08:28:52 | 00,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (SafeList) ==========

MOD - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
MOD - [2009/07/14 01:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/07/14 01:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 01:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/07/14 01:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009/07/14 01:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 01:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2008/09/24 14:58:46 | 00,028,672 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\WinHook.dll
MOD - [2007/09/02 08:27:36 | 00,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/08/03 22:10:42 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysNative\Msdtc -- (MSDTC)
SRV:64bit: - [2009/07/14 01:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,374,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 01:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 01:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 01:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 01:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 01:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 01:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2009/07/14 01:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 01:41:13 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2009/07/14 01:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 01:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 01:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 01:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 01:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 01:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 01:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 01:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 01:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 01:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 01:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/10/31 10:12:43 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) -- D:\games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/14 01:39:09 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2009/07/14 01:39:09 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/14 01:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 01:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:30:11 | 00,061,056 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 21:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 20:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/10 20:30:59 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/06/10 20:30:45 | 00,856,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe -- (Fix-It Task Manager)
SRV - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2008/02/20 09:42:38 | 00,354,816 | ---- | M] (Nokia.) -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://uk.foxstart.c.../?rls=en:uk:mf"
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {8FFE139B-90A7-4460-A972-9D2738997F6D}:1.6.2
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.44.19.20090811.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.2009100101
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2009/11/10 10:37:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/16 08:09:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/11/07 02:58:40 | 00,000,000 | ---D | M]

[2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions
[2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/21 18:03:31 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D}
[2009/11/02 19:05:50 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\[email protected]
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\[email protected]
[2009/11/21 18:03:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/11/07 02:58:40 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 22:30:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/02 07:42:41 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2009/11/07 02:58:39 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/07 02:58:39 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/02 22:30:42 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2009/11/07 02:58:39 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2009/11/01 23:04:42 | 00,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/11/01 23:04:42 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 08:01:16 | 00,002,273 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/11/01 23:04:42 | 00,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/11/01 23:04:42 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/01 23:04:42 | 00,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/11/01 23:04:42 | 00,002,014 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\foxstart.xml
[2009/11/01 23:04:42 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009/11/01 23:04:42 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/01 23:04:42 | 00,000,831 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (921 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RGSC] C:\Games\Grand Theft Auto IV\RGSC\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Welcome Center] C:\Windows\system32\OobeFldr.DLL (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/13 00:37:18 | 00,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/12/31 16:46:46 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - E:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SBBD.exe) - C:\Windows\SysWow64\sbbd.exe (Sunbelt Software)
O34 - HKLM BootExecute: (/d) - File not found
O34 - HKLM BootExecute: (\Device\HarddiskVolume1\Program) - File not found
O34 - HKLM BootExecute: (Files) - File not found
O34 - HKLM BootExecute: ((x86)\Common) - File not found
O34 - HKLM BootExecute: (Files\AntiVirus\Definitions) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/14 03:20:14 | 00,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2009/11/21 21:29:35 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Malwarebytes
[2009/11/21 21:29:23 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/11/21 21:29:22 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/11/18 21:15:09 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\Aspyr
[2009/11/18 17:10:27 | 16,207,872 | ---- | C] (Aspyr Media, Inc.) -- C:\Users\star1980craft\Desktop\SWTFU.exe
[2009/11/18 00:29:43 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\Aspyr
[2009/11/12 03:14:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2009/11/12 03:13:47 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\DAEMON Tools Lite
[2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/11/12 02:42:41 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Desktop\booster
[2009/11/12 02:31:04 | 00,082,480 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\sbtis.sys
[2009/11/12 02:04:32 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software
[2009/11/12 02:04:26 | 00,000,000 | RHSD | C] -- C:\_Backup.RC
[2009/11/12 02:03:53 | 00,000,000 | -H-D | C] -- C:\_Backup
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Avanquest
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2009/11/12 02:03:48 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\InstallShield
[2009/11/12 02:03:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AntiVirus
[2009/11/12 02:03:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest
[2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/10 20:52:51 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\BioWare
[2009/11/10 20:50:20 | 09,909,480 | ---- | C] (BioWare) -- C:\Users\star1980craft\Desktop\daorigins.exe
[2009/11/10 20:14:04 | 00,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2009/11/10 20:04:38 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2009/11/10 18:47:48 | 00,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2009/11/10 18:47:48 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Propellerhead Software
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2009/11/10 18:33:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Propellerhead
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2009/11/22 14:16:22 | 01,835,008 | -HS- | M] () -- C:\Users\star1980craft\NTUSER.DAT
[2009/11/22 14:05:33 | 00,001,889 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/22 14:04:40 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/22 14:04:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/22 14:04:21 | 53,568,3071 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/22 10:40:49 | 45,565,874 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/22 05:17:17 | 00,000,041 | ---- | M] () -- C:\Users\star1980craft\Desktop\Filzip.ini
[2009/11/21 21:29:27 | 00,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/21 15:08:20 | 00,098,480 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/11/21 02:26:41 | 01,903,865 | -H-- | M] () -- C:\Users\star1980craft\AppData\Local\IconCache.db
[2009/11/20 23:14:20 | 00,541,317 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2009/11/18 20:50:38 | 00,000,020 | ---- | M] () -- C:\Windows\SysWow64\SYSTEM
[2009/11/18 14:33:04 | 00,000,761 | ---- | M] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk
[2009/11/13 17:43:32 | 00,848,854 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/11/13 17:43:32 | 00,715,306 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/11/13 17:43:32 | 00,142,514 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/11/12 18:34:40 | 00,000,542 | ---- | M] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf
[2009/11/12 03:14:36 | 00,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/11/12 03:14:22 | 00,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2009/11/10 18:47:48 | 00,368,640 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2009/11/10 18:47:48 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2009/11/10 18:33:29 | 00,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Reason.lnk
[2009/11/10 09:11:04 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/22 05:17:16 | 00,000,041 | ---- | C] () -- C:\Users\star1980craft\Desktop\Filzip.ini
[2009/11/21 21:29:27 | 00,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2009/11/18 20:50:38 | 00,000,020 | ---- | C] () -- C:\Windows\SysWow64\SYSTEM
[2009/11/18 14:33:04 | 00,000,761 | ---- | C] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk
[2009/11/12 18:34:39 | 00,000,542 | ---- | C] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf
[2009/11/12 03:14:36 | 00,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/11/10 18:33:29 | 00,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Reason.lnk
[2009/11/10 18:31:42 | 21,810,54464 | ---- | C] () -- C:\Users\star1980craft\Desktop\air-reason4.iso
[2009/10/21 22:02:06 | 00,793,474 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/14 09:03:55 | 00,062,256 | ---- | C] () -- C:\Users\star1980craft\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/14 09:01:17 | 00,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/10/14 09:01:17 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/10/14 09:01:17 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/10/14 09:01:16 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009/10/14 09:01:16 | 00,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/10/14 09:01:14 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/10/14 09:01:14 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/10/08 00:42:09 | 01,903,865 | -H-- | C] () -- C:\Users\star1980craft\AppData\Local\IconCache.db
[2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 05:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009/07/14 05:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 05:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 05:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 04:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/07/14 02:35:42 | 00,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009/07/14 02:34:57 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009/07/14 02:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/07/13 23:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 21:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2009/11/21 04:33:19 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Adobe
[2009/11/12 02:06:38 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Avanquest
[2009/11/18 14:15:19 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\DAEMON Tools Lite
[2009/10/14 09:01:26 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\GrabPro
[2009/10/14 09:03:32 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Identities
[2009/11/12 02:03:48 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\InstallShield
[2009/10/14 09:41:07 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Macromedia
[2009/11/21 21:29:35 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Malwarebytes
[2009/07/14 07:45:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Media Center Programs
[2009/11/04 04:50:11 | 00,000,000 | --SD | M] -- C:\Users\star1980craft\AppData\Roaming\Microsoft
[2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla
[2009/10/09 02:14:13 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Nokia
[2009/10/08 02:05:07 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Notepad++
[2009/11/01 09:43:47 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Nseries
[2009/11/22 14:06:02 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Orbit
[2009/10/09 02:14:13 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\PC Suite
[2009/11/10 18:48:15 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Propellerhead Software
[2009/10/14 09:01:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Real
[2009/11/02 22:30:09 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Sun
[2009/10/27 23:33:14 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/09 17:38:34 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Uniblue
[2009/11/22 14:16:59 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\uTorrent
[2009/11/22 03:55:57 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\vlc
[2009/10/09 18:28:57 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Winamp
[2009/10/14 12:28:03 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\WinRAR
[2009/11/22 14:04:40 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 05:08:49 | 00,013,018 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009/04/11 16:24:20 | 00,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old.000\Windows\System32\scecli.dll
[2009/04/11 16:24:35 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old.000\Windows\SysWOW64\scecli.dll
[2009/04/11 16:24:20 | 00,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[2009/04/11 16:24:35 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.001\Windows\System32\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.001\Windows\SysWOW64\scecli.dll
[2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.001\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.002\Windows\System32\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.002\Windows\SysWOW64\scecli.dll
[2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old.002\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/04/11 16:24:20 | 00,235,520 | -H-- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old\Windows\System32\scecli.dll
[2009/04/11 16:24:35 | 00,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\SysWOW64\scecli.dll
[2009/04/11 16:24:20 | 00,235,520 | -H-- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
[2009/04/11 16:24:35 | 00,177,152 | -H-- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 01:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009/07/14 01:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009/04/11 16:24:53 | 00,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old.000\Windows\System32\netlogon.dll
[2009/04/11 16:23:45 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old.000\Windows\SysWOW64\netlogon.dll
[2009/04/11 16:24:53 | 00,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2009/04/11 16:23:45 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.001\Windows\System32\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.001\Windows\SysWOW64\netlogon.dll
[2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.001\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
[2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.002\Windows\System32\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.002\Windows\SysWOW64\netlogon.dll
[2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows.old.002\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
[2009/04/11 16:24:53 | 00,717,312 | -H-- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old\Windows\System32\netlogon.dll
[2009/04/11 16:23:45 | 00,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\SysWOW64\netlogon.dll
[2009/04/11 16:24:53 | 00,717,312 | -H-- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2009/04/11 16:23:45 | 00,592,896 | -H-- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 01:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2006/11/02 11:16:48 | 00,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\System32\cngaudit.dll
[2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\SysWOW64\cngaudit.dll
[2006/11/02 11:16:48 | 00,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 09:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.001\Windows\System32\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.001\Windows\SysWOW64\cngaudit.dll
[2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.001\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.001\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.002\Windows\System32\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.002\Windows\SysWOW64\cngaudit.dll
[2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows.old.002\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows.old.002\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2006/11/02 11:16:48 | 00,014,848 | -H-- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006/11/02 09:46:03 | 00,011,776 | -H-- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\SysWOW64\cngaudit.dll
[2006/11/02 11:16:48 | 00,014,848 | -H-- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 09:46:03 | 00,011,776 | -H-- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 01:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009/07/14 01:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\drivers\nvstor.sys
[2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvstor.sys
[2006/11/02 12:02:51 | 00,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvstor.sys
[2008/01/21 02:46:02 | 00,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old.000\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\System32\drivers\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.001\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\System32\drivers\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows.old.002\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_63cdbcfd\nvstor.sys
[2006/11/02 12:02:51 | 00,048,232 | -H-- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_a5403adf\nvstor.sys
[2008/01/21 02:46:02 | 00,054,328 | -H-- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows.old\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 01:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\System32\drivers\atapi.sys
[2008/01/21 02:45:58 | 00,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
[2006/11/02 12:01:02 | 00,020,072 | ---- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
[2008/01/21 02:45:58 | 00,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 16:23:06 | 00,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old.000\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\System32\drivers\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.001\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\System32\drivers\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows.old.002\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2008/01/21 02:45:58 | 00,022,584 | -H-- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_1d87dda2\atapi.sys
[2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_b6d20d6f\atapi.sys
[2006/11/02 12:01:02 | 00,020,072 | -H-- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_f8cccc79\atapi.sys
[2008/01/21 02:45:58 | 00,022,584 | -H-- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows.old\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 16:23:06 | 00,020,952 | -H-- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows.old\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 01:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\drivers\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\AGP440.sys
[2006/11/02 12:03:16 | 00,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\System32\DriverStore\FileRepository\machine.inf_eee87d92\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old.000\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\System32\drivers\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.001\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\System32\drivers\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows.old.002\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_986ce78a\AGP440.sys
[2006/11/02 12:03:16 | 00,062,056 | -H-- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_c41411ff\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_eee87d92\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 02:45:58 | 00,064,568 | -H-- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows.old\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 01:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >


EXTRAS --------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 11/22/2009 2:15:56 PM - Run 1
OTL by OldTimer - Version 3.1.6.2 Folder = C:\Users\star1980craft\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 256 512

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233.76 Gb Total Space | 39.77 Gb Free Space | 17.01% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 97.28 Gb Free Space | 10.44% Space Free | Partition Type: NTFS
Drive E: | 465.75 Gb Total Space | 261.63 Gb Free Space | 56.17% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STAR1980CRAFT20
Current User Name: star1980craft
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- Reg Error: Value error.
Directory [Winamp.Enqueue] -- Reg Error: Value error.
Directory [Winamp.Play] -- Reg Error: Value error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- Reg Error: Value error.
Directory [Winamp.Enqueue] -- Reg Error: Value error.
Directory [Winamp.Play] -- Reg Error: Value error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{D86B6C32-49BD-4A02-9C43-14E497018498}" = Windows 7 Manager
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{309A4810-C1A1-4BAC-888A-5BB93BC707F4}" = Nokia NSeries One Touch Access
"{37D33EA0-A902-4925-8081-9AF88CB86EE1}" = Nokia NSeries Content Copier
"{4B6E7269-2948-4E5B-9C82-3B4803AEDD37}" = Nokia NSeries Application Installer
"{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"{4F1DCA42-2030-437C-A94E-736692A499C1}" = Nokia Connectivity Cable Driver
"{5158974E-2D28-4018-9335-7694C2974746}" = Fix-It Utilities 9 Professional
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{649CB8E9-4A54-409C-B0D8-7D6865329D26}" = Nokia Download!
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{97007EE6-18FB-444D-B636-FBD8BB802350}" = PC Connectivity Solution
"{9BB873FA-4907-4BF5-829D-8C18BD68F3A5}" = Nokia Nseries PC Suite
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD64CA10-B597-4C84-869F-1903013E3697}" = Nokia Photos
"{CF3BAA39-989D-4EC4-9224-44D578494B5B}" = Nokia NSeries System Utilities
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FBCED1D8-E731-42B7-AD49-A291175BAA1B}" = ACID Pro 7.0
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArmA 2" = ArmA 2 Uninstall
"AVG9Uninstall" = AVG 9.0
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner_is1" = CCleaner 2.13.720
"CleanUp!" = CleanUp!
"Filzip 3.0.6.93_is1" = Filzip 3.06
"GlowingWorld_is1" = GlowingWorld 3.0
"Grand Theft Auto IV_is1" = Grand Theft Auto IV v1.0 Eng
"ImgBurn" = ImgBurn
"InstallShield_{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.0
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Nokia NSeries Application Installer" = Nokia NSeries Application Installer 6.84.2114
"Nokia NSeries Content Copier" = Nokia NSeries Content Copier 6.84.2114
"Nokia NSeries One Touch Access" = Nokia NSeries One Touch Access 6.84.2114
"Nokia NSeries System Utilities" = Nokia NSeries System Utilities 6.84.2114
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Orbit_is1" = Orbit Downloader
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Reason4_is1" = Reason 4.0
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


PS i have just noticed it only says there is 4gig of total memory which is wrong, mnit should see 6, so maybe i need to change my paging file settings?

Attached Files


  • 0

#3
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,050 posts
Hello starcraft,

Question: I see this in your Firefox?

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"


Can you tell me about them. The reason I ask is that it is similar to an infection called MyWebSearch but when I research it there is not a definitive answer.

Tell me when you come back.

For now

Please run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :processes
    
    :OTL
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\H\Shell - "" = AutoRun
    
    :Services
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
Next

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
So when you return please post
  • OTL fix log
  • OTL scan log - OTL.txt
  • and tell me about those Firefox entries

  • 0

#4
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
thanks for helping me :)

im not sure what they are to be honest on firefox

i done as u asked but while running otl i got an error "scan range error" and it stopped
  • 0

#5
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
i tried again and it worked this time

it takes forever for my pc to shut down though

i just feel so down that everything is so slow after putting so much effort in to upgrading my pc :)

here is the first log

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: star1980craft
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 18506232 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 167722 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 17.84 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.1.11.0 log created on 11282009_032500

Files\Folders moved on Reboot...
C:\Users\star1980craft\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\0d72f73f-1012-4a8a-949a-4a5deb5e5c4e.tmp not found!
File\Folder C:\Windows\temp\104b4645-a3e5-4e4b-8a8e-ed7df67fb87b.tmp not found!
File\Folder C:\Windows\temp\1ee52d6e-91e2-4133-8bd4-f9bd07d9fdb4.tmp not found!
File\Folder C:\Windows\temp\32f47ee6-4a37-43c8-bfc3-2c05eae03dd7.tmp not found!
File\Folder C:\Windows\temp\3d8062ec-2a8b-4ad7-8279-1b55baffc4e4.tmp not found!
File\Folder C:\Windows\temp\4772690f-ad90-426d-b7cb-a8f58eb71178.tmp not found!
File\Folder C:\Windows\temp\484f2707-9ee4-478e-b558-580e3b776cc1.tmp not found!
File\Folder C:\Windows\temp\52902527-cc0f-47eb-a8c1-b58ddd99cea4.tmp not found!
File\Folder C:\Windows\temp\62bf9e51-b7b5-4809-99a9-ebc5ce9d60b5.tmp not found!
File\Folder C:\Windows\temp\68b3e19a-565b-4246-912b-9b84cae403ce.tmp not found!
File\Folder C:\Windows\temp\767b8de8-58f0-4cae-a3f3-651a0c782053.tmp not found!
File\Folder C:\Windows\temp\a3db4f4f-2646-482d-8bdb-de6cef111c58.tmp not found!
File\Folder C:\Windows\temp\ba806874-b8a3-404e-9604-992b31e1bbd9.tmp not found!
File\Folder C:\Windows\temp\c659adf8-ef78-41a5-aea4-7fee4e10574f.tmp not found!
File\Folder C:\Windows\temp\dd7fa7b7-de90-4972-9f3e-1eb72f2b7d63.tmp not found!
File\Folder C:\Windows\temp\e8f6c8cf-f6ba-432a-9129-2a3b7e41838e.tmp not found!
File\Folder C:\Windows\temp\f4b73a3b-ccd0-4b34-9e65-aee72bff55d2.tmp not found!
File\Folder C:\Windows\temp\f4e289ee-9c2d-4d14-8cfe-caf3bfb34203.tmp not found!

Registry entries deleted on Reboot...


and here is the scan log

OTL logfile created on: 11/28/2009 3:36:49 AM - Run 2
OTL by OldTimer - Version 3.1.6.2 Folder = C:\Users\star1980craft\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 9500 15000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233.76 Gb Total Space | 30.83 Gb Free Space | 13.19% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 102.17 Gb Free Space | 10.97% Space Free | Partition Type: NTFS
Drive E: | 465.75 Gb Total Space | 261.56 Gb Free Space | 56.16% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STAR1980CRAFT20
Current User Name: star1980craft
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
PRC - [2009/11/13 22:09:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/11/13 22:09:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/11/13 09:18:09 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/07 02:58:39 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2009/11/04 03:19:19 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 03:19:19 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009/11/04 03:19:19 | 00,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/02 22:30:42 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/10/31 10:11:29 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2009/10/30 11:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/10/14 14:55:24 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2009/10/14 14:09:56 | 01,719,568 | ---- | M] (Orbitdownloader.com) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
PRC - [2009/10/08 23:26:47 | 01,457,064 | ---- | M] (Take-Two Interactive Software, Inc.) -- C:\Games\Grand Theft Auto IV\RGSC\1_1_3_0\RGSC.exe
PRC - [2009/10/07 23:58:36 | 01,523,712 | ---- | M] (Nick Connors) -- C:\Users\star1980craft\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe
PRC - [2009/10/03 03:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009/08/22 18:25:00 | 02,781,184 | ---- | M] () -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe
PRC - [2009/07/01 16:37:06 | 00,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2009/03/31 16:06:26 | 00,050,456 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\MXTask2.exe
PRC - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2007/09/02 08:28:52 | 00,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (SafeList) ==========

MOD - [2009/11/22 06:36:26 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\star1980craft\Downloads\OTL.exe
MOD - [2009/07/14 01:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/07/14 01:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 01:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/07/14 01:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009/07/14 01:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 01:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2008/09/24 14:58:46 | 00,028,672 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\WinHook.dll
MOD - [2007/09/02 08:27:36 | 00,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/08/03 22:10:42 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysNative\Msdtc -- (MSDTC)
SRV:64bit: - [2009/07/14 01:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,374,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 01:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 01:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 01:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 01:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 01:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 01:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 01:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 01:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 01:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2009/07/14 01:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 01:41:13 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2009/07/14 01:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 01:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 01:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 01:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 01:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 01:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 01:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 01:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 01:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 01:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 01:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV - [2009/11/13 22:09:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/11/10 09:11:02 | 02,304,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2009/11/04 03:19:19 | 05,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2009/11/04 03:19:19 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/04 03:19:19 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/10/31 10:12:43 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/10/27 00:19:06 | 00,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) -- D:\games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/14 03:20:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/14 01:39:09 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2009/07/14 01:39:09 | 00,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/14 01:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 01:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:30:11 | 00,061,056 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 21:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 20:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/10 20:30:59 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/06/10 20:30:45 | 00,856,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/03/31 16:06:22 | 00,161,048 | ---- | M] (Avanquest North America, Inc.) -- C:\Program Files (x86)\Avanquest\Fix-It\mxtask.exe -- (Fix-It Task Manager)
SRV - [2008/10/28 16:28:10 | 00,886,056 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Common Files\AntiVirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2008/02/20 09:42:38 | 00,354,816 | ---- | M] (Nokia.) -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/11/26 15:54:58 | 00,082,816 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/11/12 03:14:22 | 00,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/10 09:11:04 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2009/11/04 03:19:20 | 00,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2009/11/04 03:19:20 | 00,201,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (AvgRkx64)
DRV:64bit: - [2009/11/04 03:19:20 | 00,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2009/11/04 03:19:20 | 00,027,144 | ---- | M] (AVG Technologies ) -- C:\Windows\SysNative\drivers\AVGIDSwa.sys -- (AVGIDSErHrw7a)
DRV:64bit: - [2009/11/04 03:19:19 | 00,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009/08/13 21:10:18 | 00,073,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/27 02:54:30 | 00,090,544 | ---- | M] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 01:52:21 | 00,106,576 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 01:52:21 | 00,028,752 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 01:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 00,153,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/07/14 01:48:04 | 00,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 01:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 01:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 01:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 01:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 01:45:55 | 00,200,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 01:45:55 | 00,046,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 01:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 01:45:55 | 00,034,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 01:45:55 | 00,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 01:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 01:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/14 01:43:13 | 00,223,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/14 00:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 00:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 00:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/14 00:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 00:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 00:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 00:07:13 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/14 00:07:00 | 00,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 00:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 00:06:32 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/14 00:06:28 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2009/07/14 00:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 00:05:37 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 00:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 00:01:09 | 00,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/07/14 00:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 00:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 23:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 23:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 23:42:58 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/13 23:42:44 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/13 23:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 23:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 23:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 23:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 23:24:27 | 00,514,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 23:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/10 20:35:42 | 00,187,392 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 20:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/10/09 10:21:04 | 00,082,480 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\sbtis.sys -- (sbtis)
DRV:64bit: - [2008/09/12 11:12:06 | 00,062,512 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2007/11/29 09:40:46 | 00,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2007/11/29 09:40:38 | 00,022,528 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2007/11/29 09:40:38 | 00,017,920 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2007/11/29 09:40:38 | 00,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2007/09/17 13:53:34 | 00,029,184 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009/11/04 03:19:19 | 00,132,616 | ---- | M] (AVG Technologies ) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys -- (AVGIDSDriverw7a)
DRV - [2009/11/04 03:19:19 | 00,035,848 | ---- | M] (AVG Technologies ) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys -- (AVGIDSFilterw7a)
DRV - [2009/10/14 13:44:28 | 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC)
DRV - [2009/10/08 00:17:15 | 00,019,952 | ---- | M] () -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009/07/14 01:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 01:16:19 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009/07/14 01:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 21:28:14 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 21:15:18 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://uk.foxstart.c.../?rls=en:uk:mf"
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: [email protected]:1.19
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {8FFE139B-90A7-4460-A972-9D2738997F6D}:1.6.2
FF - prefs.js..extensions.enabledItems: {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.44.19.20090811.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.2009100101
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2009/11/10 10:37:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/16 08:09:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/11/07 02:58:40 | 00,000,000 | ---D | M]

[2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions
[2009/11/02 08:01:11 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/27 15:08:17 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/11/02 18:50:56 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D}
[2009/11/02 19:05:50 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\[email protected]
[2009/11/02 18:47:18 | 00,000,000 | ---D | M] -- C:\Users\star1980craft\AppData\Roaming\Mozilla\Firefox\Profiles\zesijbsv.default\extensions\[email protected]
[2009/11/27 15:08:17 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/11/07 02:58:40 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/02 22:30:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/02 07:42:41 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2009/11/07 02:58:39 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/07 02:58:39 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2009/11/02 22:30:42 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2009/11/07 02:58:39 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2009/11/01 23:04:42 | 00,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/11/01 23:04:42 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 08:01:16 | 00,002,273 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml
[2009/11/01 23:04:42 | 00,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/11/01 23:04:42 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/01 23:04:42 | 00,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/11/01 23:04:42 | 00,002,014 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\foxstart.xml
[2009/11/01 23:04:42 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009/11/01 23:04:42 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/11/01 23:04:42 | 00,000,831 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (98 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RGSC] C:\Games\Grand Theft Auto IV\RGSC\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Welcome Center] C:\Windows\system32\OobeFldr.DLL (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/13 00:37:18 | 00,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/12/31 16:46:46 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/10/13 00:37:25 | 00,000,000 | -H-D | M] - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SBBD.exe) - C:\Windows\SysWow64\sbbd.exe (Sunbelt Software)
O34 - HKLM BootExecute: (/d) - File not found
O34 - HKLM BootExecute: (\Device\HarddiskVolume1\Program) - File not found
O34 - HKLM BootExecute: (Files) - File not found
O34 - HKLM BootExecute: ((x86)\Common) - File not found
O34 - HKLM BootExecute: (Files\AntiVirus\Definitions) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/28 03:14:06 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/11/26 16:05:32 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\MAGIX_Screenshare
[2009/11/26 16:05:08 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2009/11/26 16:05:04 | 00,618,496 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll
[2009/11/26 16:05:04 | 00,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2009/11/26 16:05:04 | 00,192,512 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll
[2009/11/26 16:05:04 | 00,167,936 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll
[2009/11/26 16:05:04 | 00,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll
[2009/11/26 16:05:04 | 00,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll
[2009/11/26 16:05:04 | 00,098,304 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll
[2009/11/26 16:05:04 | 00,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll
[2009/11/26 16:05:04 | 00,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll
[2009/11/26 16:05:04 | 00,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll
[2009/11/26 16:05:04 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll
[2009/11/26 16:05:04 | 00,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll
[2009/11/26 16:05:04 | 00,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll
[2009/11/26 16:05:04 | 00,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll
[2009/11/26 16:05:04 | 00,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll
[2009/11/26 16:05:04 | 00,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll
[2009/11/26 16:05:04 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll
[2009/11/26 16:05:04 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll
[2009/11/26 16:05:04 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll
[2009/11/26 16:05:04 | 00,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll
[2009/11/26 16:05:04 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll
[2009/11/26 16:05:04 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll
[2009/11/26 16:05:04 | 00,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll
[2009/11/26 16:04:14 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\MAGIX_SamplitudeMusicStudio14Downloadversion
[2009/11/26 16:04:14 | 00,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2009/11/26 16:04:14 | 00,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2009/11/26 16:03:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2009/11/26 16:03:35 | 00,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2009/11/26 16:03:35 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2009/11/26 16:01:22 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\ConvertXtoDVD
[2009/11/26 15:54:58 | 00,082,816 | ---- | C] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2009/11/26 15:54:58 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\star1980craft\AppData\Roaming\pcouffin.sys
[2009/11/26 15:54:58 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\PcSetup
[2009/11/26 15:54:58 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Vso
[2009/11/26 15:54:44 | 00,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\sipr3260.dll
[2009/11/26 15:54:43 | 01,184,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2009/11/26 15:54:43 | 00,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2009/11/26 15:54:43 | 00,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv43260.dll
[2009/11/26 15:54:43 | 00,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv33260.dll
[2009/11/26 15:54:43 | 00,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv23260.dll
[2009/11/26 15:54:43 | 00,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\cook3260.dll
[2009/11/26 15:54:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2009/11/23 22:43:46 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\dvdcss
[2009/11/22 19:09:30 | 00,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2009/11/22 19:08:33 | 13,693,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2009/11/22 19:08:33 | 05,915,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2009/11/22 19:08:33 | 00,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2009/11/22 19:08:33 | 00,076,904 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2009/11/22 19:08:33 | 00,076,392 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2009/11/22 19:08:33 | 00,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2009/11/22 19:08:32 | 19,222,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2009/11/22 19:08:32 | 14,060,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2009/11/22 19:08:32 | 04,241,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2009/11/22 19:08:31 | 11,774,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2009/11/22 19:08:31 | 04,660,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvencodemft.dll
[2009/11/22 19:08:31 | 04,147,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvencodemft.dll
[2009/11/22 19:08:31 | 00,362,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2009/11/22 19:08:31 | 00,289,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2009/11/22 19:08:29 | 11,381,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2009/11/22 19:08:29 | 05,347,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2009/11/22 19:08:29 | 04,001,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2009/11/22 19:08:29 | 02,332,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2009/11/22 19:08:29 | 02,243,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2009/11/22 19:08:29 | 02,028,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2009/11/22 19:08:29 | 01,989,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2009/11/22 19:08:28 | 15,874,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2009/11/22 19:08:28 | 01,541,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2009/11/22 19:08:28 | 01,249,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2009/11/22 19:08:28 | 00,202,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod178.dll
[2009/11/22 19:08:28 | 00,202,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2009/11/22 19:07:20 | 00,020,400 | ---- | C] (EnTech Taiwan) -- C:\Windows\SysWow64\drivers\entech.sys
[2009/11/22 19:07:03 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AquaMark3
[2009/11/21 21:29:35 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Malwarebytes
[2009/11/21 21:29:23 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/11/21 21:29:22 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/21 21:29:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/11/18 21:15:09 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\Aspyr
[2009/11/18 17:10:27 | 16,207,872 | ---- | C] (Aspyr Media, Inc.) -- C:\Users\star1980craft\Desktop\SWTFU.exe
[2009/11/18 00:29:43 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\Aspyr
[2009/11/14 01:23:00 | 13,825,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2009/11/14 01:23:00 | 01,323,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2009/11/14 01:23:00 | 00,886,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2009/11/14 01:23:00 | 00,151,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvsvc.exe
[2009/11/14 01:23:00 | 00,115,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2009/11/12 03:14:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2009/11/12 03:13:47 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\DAEMON Tools Lite
[2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/11/12 03:13:02 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/11/12 02:31:04 | 00,082,480 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\sbtis.sys
[2009/11/12 02:04:32 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software
[2009/11/12 02:04:26 | 00,000,000 | RHSD | C] -- C:\_Backup.RC
[2009/11/12 02:03:53 | 00,000,000 | -H-D | C] -- C:\_Backup
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Avanquest
[2009/11/12 02:03:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2009/11/12 02:03:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2009/11/12 02:03:48 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\InstallShield
[2009/11/12 02:03:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AntiVirus
[2009/11/12 02:03:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest
[2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/10 21:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2009/11/10 20:52:51 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\BioWare
[2009/11/10 20:50:20 | 09,909,480 | ---- | C] (BioWare) -- C:\Users\star1980craft\Desktop\daorigins.exe
[2009/11/10 20:04:38 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2009/11/10 18:47:48 | 00,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2009/11/10 18:47:48 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Propellerhead Software
[2009/11/10 18:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2009/11/10 18:33:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Propellerhead
[2009/11/07 15:15:06 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\vlc
[2009/11/04 03:19:21 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/04 03:19:20 | 00,027,144 | ---- | C] (AVG Technologies ) -- C:\Windows\SysNative\drivers\AVGIDSwa.sys
[2009/11/04 03:19:19 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/04 03:19:19 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/04 00:00:19 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp
[2009/11/04 00:00:19 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp
[2009/11/03 18:44:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/11/03 18:44:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2009/11/03 01:03:12 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\Adobe
[2009/11/03 01:02:51 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Adobe
[2009/11/02 23:55:25 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\MediaMonkey
[2009/11/02 23:55:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMonkey
[2009/11/02 22:32:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2009/11/02 22:30:54 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/11/02 22:30:54 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/11/02 22:30:54 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/11/02 22:30:54 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/11/02 22:30:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/11/02 22:30:09 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Sun
[2009/11/02 22:27:33 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\Downloads
[2009/11/02 07:42:48 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Mozilla
[2009/11/02 02:15:21 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg
[2009/11/02 02:13:43 | 00,470,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2009/11/02 02:13:43 | 00,201,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2009/11/02 02:13:43 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2009/11/02 02:13:41 | 00,422,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2009/11/02 02:13:41 | 00,034,248 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2009/11/02 02:13:41 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg
[2009/11/02 02:13:09 | 00,029,976 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys
[2009/11/02 02:13:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2009/11/02 01:10:50 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\ArmA 2
[2009/11/02 01:10:50 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Local\ArmA 2
[2009/11/02 00:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\Bohemia Interactive
[2009/11/01 15:43:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Filzip
[2009/11/01 09:43:47 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\AppData\Roaming\Nseries
[2009/11/01 09:40:56 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2009/11/01 09:40:56 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2009/10/31 13:52:21 | 00,000,000 | ---D | C] -- C:\Users\star1980craft\Documents\NFS SHIFT
[2009/10/31 13:44:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2009/10/31 13:44:22 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2009/10/31 10:18:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2009/10/31 10:18:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2009/10/31 10:10:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2009/10/31 10:10:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2009/10/31 10:08:18 | 01,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2009/10/31 10:08:18 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2009/10/31 10:08:18 | 00,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2009/10/31 10:08:18 | 00,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2009/10/31 10:08:18 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2009/10/31 10:08:18 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2009/10/31 10:08:18 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2009/10/31 10:08:18 | 00,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2009/10/31 10:08:18 | 00,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2009/10/31 10:08:18 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2009/10/31 10:08:16 | 04,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2009/10/31 10:08:16 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2009/10/31 10:08:13 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2009/10/31 10:08:10 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2009/10/31 08:51:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2009/10/30 15:37:01 | 00,000,000 | ---D | C] -- C:\Program Files\Yamicsoft

========== Files - Modified Within 30 Days ==========

[2009/11/28 03:33:13 | 00,001,889 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/28 03:32:19 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/28 03:32:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/28 03:32:09 | 53,568,3071 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/28 03:25:43 | 01,835,008 | -HS- | M] () -- C:\Users\star1980craft\NTUSER.DAT
[2009/11/28 03:25:37 | 06,291,456 | -H-- | M] () -- C:\Users\star1980craft\AppData\Local\IconCache.db
[2009/11/28 03:25:09 | 00,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2009/11/28 02:57:42 | 00,002,097 | ---- | M] () -- C:\Users\star1980craft\Desktop\Xpadder.ini
[2009/11/27 22:36:30 | 45,823,947 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/27 22:36:30 | 00,544,112 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2009/11/27 22:36:03 | 00,105,805 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/11/26 22:25:38 | 00,000,671 | ---- | M] () -- C:\Users\star1980craft\AppData\Roaming\vso_ts_preview.xml
[2009/11/26 16:11:44 | 00,000,191 | ---- | M] () -- C:\Windows\MusicStudio.INI
[2009/11/26 16:11:39 | 00,000,493 | ---- | M] () -- C:\Windows\win.ini
[2009/11/26 16:10:15 | 00,000,028 | ---- | M] () -- C:\Windows\Robota.INI
[2009/11/26 16:05:24 | 00,005,937 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2009/11/26 16:05:00 | 00,001,342 | ---- | M] () -- C:\Users\Public\Desktop\Samplitude Music Studio 14 Trial.lnk
[2009/11/26 15:54:58 | 00,099,384 | ---- | M] () -- C:\Users\star1980craft\AppData\Roaming\inst.exe
[2009/11/26 15:54:58 | 00,082,816 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin.sys
[2009/11/26 15:54:58 | 00,082,816 | ---- | M] (VSO Software) -- C:\Users\star1980craft\AppData\Roaming\pcouffin.sys
[2009/11/26 15:54:58 | 00,007,859 | ---- | M] () -- C:\Users\star1980craft\AppData\Roaming\pcouffin.cat
[2009/11/26 15:54:58 | 00,001,167 | ---- | M] () -- C:\Users\star1980craft\AppData\Roaming\pcouffin.inf
[2009/11/26 15:54:47 | 00,001,200 | ---- | M] () -- C:\Users\star1980craft\Desktop\ConvertXtoDvd 3.lnk
[2009/11/22 19:07:20 | 00,000,994 | ---- | M] () -- C:\Users\Public\Desktop\AquaMark3.lnk
[2009/11/22 05:17:17 | 00,000,041 | ---- | M] () -- C:\Users\star1980craft\Desktop\Filzip.ini
[2009/11/21 21:29:27 | 00,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2009/11/18 20:50:38 | 00,000,020 | ---- | M] () -- C:\Windows\SysWow64\SYSTEM
[2009/11/18 14:33:04 | 00,000,761 | ---- | M] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk
[2009/11/14 05:15:57 | 19,222,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2009/11/14 05:15:57 | 15,874,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2009/11/14 05:15:57 | 14,060,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2009/11/14 05:15:57 | 13,693,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2009/11/14 05:15:57 | 11,774,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2009/11/14 05:15:57 | 11,381,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2009/11/14 05:15:57 | 09,333,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2009/11/14 05:15:57 | 05,915,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2009/11/14 05:15:57 | 05,347,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2009/11/14 05:15:57 | 04,660,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvencodemft.dll
[2009/11/14 05:15:57 | 04,241,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2009/11/14 05:15:57 | 04,147,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvencodemft.dll
[2009/11/14 05:15:57 | 04,001,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2009/11/14 05:15:57 | 02,332,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2009/11/14 05:15:57 | 02,243,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2009/11/14 05:15:57 | 02,028,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2009/11/14 05:15:57 | 01,989,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2009/11/14 05:15:57 | 01,541,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2009/11/14 05:15:57 | 01,249,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2009/11/14 05:15:57 | 00,930,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2009/11/14 05:15:57 | 00,645,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvudisp.exe
[2009/11/14 05:15:57 | 00,362,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2009/11/14 05:15:57 | 00,289,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2009/11/14 05:15:57 | 00,202,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod178.dll
[2009/11/14 05:15:57 | 00,202,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2009/11/14 05:15:57 | 00,076,904 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2009/11/14 05:15:57 | 00,076,392 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2009/11/14 05:15:57 | 00,011,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2009/11/14 05:15:57 | 00,008,861 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2009/11/14 01:23:30 | 00,270,880 | ---- | M] () -- C:\Windows\SysNative\NvApps.xml
[2009/11/14 01:23:30 | 00,064,882 | ---- | M] () -- C:\Windows\SysNative\NvwsApps.xml
[2009/11/14 01:23:00 | 13,825,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2009/11/14 01:23:00 | 01,323,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2009/11/14 01:23:00 | 00,886,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2009/11/14 01:23:00 | 00,151,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvvsvc.exe
[2009/11/14 01:23:00 | 00,115,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2009/11/13 18:15:00 | 00,645,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2009/11/13 17:43:32 | 00,848,854 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/11/13 17:43:32 | 00,715,306 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/11/13 17:43:32 | 00,142,514 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/11/12 18:34:40 | 00,000,542 | ---- | M] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf
[2009/11/12 03:14:36 | 00,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/11/12 03:14:22 | 00,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2009/11/10 18:47:48 | 00,368,640 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\ReWire.dll
[2009/11/10 18:47:48 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2009/11/10 18:33:29 | 00,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Reason.lnk
[2009/11/10 09:11:04 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2009/11/04 03:19:21 | 00,001,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2009/11/04 03:19:20 | 00,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2009/11/04 03:19:20 | 00,201,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2009/11/04 03:19:20 | 00,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2009/11/04 03:19:20 | 00,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2009/11/04 03:19:20 | 00,027,144 | ---- | M] (AVG Technologies ) -- C:\Windows\SysNative\drivers\AVGIDSwa.sys
[2009/11/04 03:19:20 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2009/11/04 03:19:19 | 00,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys
[2009/11/03 04:41:09 | 18,236,2552 | ---- | M] () -- C:\Users\star1980craft\Documents\BackupRegistry(20091103).reg
[2009/11/03 01:00:59 | 00,001,199 | ---- | M] () -- C:\Users\star1980craft\Desktop\Photoshop CS3.lnk
[2009/11/02 23:55:27 | 00,000,977 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[2009/11/02 22:32:42 | 00,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/02 22:30:42 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/11/02 22:30:42 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/11/02 22:30:42 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/11/02 22:30:42 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/11/02 09:57:00 | 09,909,480 | ---- | M] (BioWare) -- C:\Users\star1980craft\Desktop\daorigins.exe
[2009/11/02 07:42:43 | 00,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/02 02:15:21 | 00,492,629 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2009/11/02 02:13:41 | 06,061,540 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2009/11/02 00:55:54 | 00,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Launch ARMA II.lnk
[2009/11/01 15:43:19 | 00,001,793 | ---- | M] () -- C:\Users\star1980craft\Desktop\Filzip.lnk
[2009/11/01 10:34:31 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
[2009/11/01 10:34:07 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01005.Wdf
[2009/10/31 23:04:42 | 00,000,770 | ---- | M] () -- C:\Users\star1980craft\Desktop\Generic Mod Enabler - Grand Theft Auto IV.lnk
[2009/10/31 10:10:59 | 00,002,525 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/10/30 21:56:33 | 16,207,872 | ---- | M] (Aspyr Media, Inc.) -- C:\Users\star1980craft\Desktop\SWTFU.exe
[2009/10/30 15:15:26 | 00,001,055 | ---- | M] () -- C:\Users\star1980craft\Desktop\Orbit.lnk

========== Files Created - No Company Name ==========

[2009/11/26 16:11:44 | 00,000,191 | ---- | C] () -- C:\Windows\MusicStudio.INI
[2009/11/26 16:10:14 | 00,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2009/11/26 16:05:04 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2009/11/26 16:05:04 | 00,014,182 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib
[2009/11/26 16:05:00 | 00,001,342 | ---- | C] () -- C:\Users\Public\Desktop\Samplitude Music Studio 14 Trial.lnk
[2009/11/26 16:03:55 | 00,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/11/26 16:03:35 | 00,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/11/26 15:55:34 | 00,000,671 | ---- | C] () -- C:\Users\star1980craft\AppData\Roaming\vso_ts_preview.xml
[2009/11/26 15:55:18 | 00,000,034 | ---- | C] () -- C:\Users\star1980craft\AppData\Roaming\pcouffin.log
[2009/11/26 15:54:58 | 00,099,384 | ---- | C] () -- C:\Users\star1980craft\AppData\Roaming\inst.exe
[2009/11/26 15:54:58 | 00,007,859 | ---- | C] () -- C:\Users\star1980craft\AppData\Roaming\pcouffin.cat
[2009/11/26 15:54:58 | 00,001,167 | ---- | C] () -- C:\Users\star1980craft\AppData\Roaming\pcouffin.inf
[2009/11/26 15:54:47 | 00,001,200 | ---- | C] () -- C:\Users\star1980craft\Desktop\ConvertXtoDvd 3.lnk
[2009/11/22 19:08:33 | 00,008,861 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2009/11/22 19:07:20 | 00,000,994 | ---- | C] () -- C:\Users\Public\Desktop\AquaMark3.lnk
[2009/11/22 05:17:16 | 00,000,041 | ---- | C] () -- C:\Users\star1980craft\Desktop\Filzip.ini
[2009/11/21 21:29:27 | 00,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2009/11/20 18:51:48 | 00,000,665 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2009/11/18 20:50:38 | 00,000,020 | ---- | C] () -- C:\Windows\SysWow64\SYSTEM
[2009/11/18 14:33:04 | 00,000,761 | ---- | C] () -- C:\Users\star1980craft\Desktop\Star Wars The Force Unleashed.lnk
[2009/11/14 01:23:30 | 00,270,880 | ---- | C] () -- C:\Windows\SysNative\NvApps.xml
[2009/11/14 01:23:30 | 00,064,882 | ---- | C] () -- C:\Windows\SysNative\NvwsApps.xml
[2009/11/12 18:34:39 | 00,000,542 | ---- | C] () -- C:\Users\star1980craft\Documents\UpdateCheck.rtf
[2009/11/12 03:14:36 | 00,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2009/11/10 18:33:29 | 00,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Reason.lnk
[2009/11/10 18:31:42 | 21,810,54464 | ---- | C] () -- C:\Users\star1980craft\Desktop\air-reason4.iso
[2009/11/04 03:19:21 | 00,001,858 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2009/11/04 03:19:20 | 00,544,112 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2009/11/04 03:19:20 | 00,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2009/11/03 04:41:03 | 18,236,2552 | ---- | C] () -- C:\Users\star1980craft\Documents\BackupRegistry(20091103).reg
[2009/11/03 01:00:59 | 00,001,199 | ---- | C] () -- C:\Users\star1980craft\Desktop\Photoshop CS3.lnk
[2009/11/02 23:55:27 | 00,000,977 | ---- | C] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[2009/11/02 22:32:42 | 00,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/02 07:42:43 | 00,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/02 02:13:41 | 45,823,947 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/02 02:13:41 | 06,061,540 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2009/11/02 02:13:41 | 00,492,629 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2009/11/02 02:13:41 | 00,105,805 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/11/02 00:55:54 | 00,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Launch ARMA II.lnk
[2009/11/01 15:43:19 | 00,001,793 | ---- | C] () -- C:\Users\star1980craft\Desktop\Filzip.lnk
[2009/11/01 10:34:31 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
[2009/11/01 10:34:07 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01005.Wdf
[2009/10/31 23:04:42 | 00,000,770 | ---- | C] () -- C:\Users\star1980craft\Desktop\Generic Mod Enabler - Grand Theft Auto IV.lnk
[2009/10/31 10:10:59 | 00,002,525 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/10/21 22:02:06 | 00,793,474 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/14 09:03:55 | 00,062,256 | ---- | C] () -- C:\Users\star1980craft\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/14 09:01:17 | 00,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/10/14 09:01:17 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/10/14 09:01:17 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/10/14 09:01:16 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009/10/14 09:01:16 | 00,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/10/14 09:01:14 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/10/14 09:01:14 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/10/08 00:42:09 | 06,291,456 | -H-- | C] () -- C:\Users\star1980craft\AppData\Local\IconCache.db
[2009/08/07 19:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 05:32:39 | 00,043,318 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2009/07/14 05:32:39 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 05:32:39 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 05:32:39 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 04:54:24 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/07/14 02:35:42 | 00,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009/07/14 02:34:57 | 00,000,493 | ---- | C] () -- C:\Windows\win.ini
[2009/07/14 02:34:57 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/07/13 23:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 21:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
< End of report >
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,050 posts

im not sure what they are to be honest on firefox


Hmm... let's do this.

It is a pretty big download at 28mb's but is very useful at detecting\cleaning rootkits or whatever it finds.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter
    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • It will by default install it to your desktop folder.Click Next.
  • Hit ok at the prompt for scanning in Safe Mode.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • System Memory
  • Startup Objects
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file, name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0

#7
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
im reading your instructions from my lap top and thought i should let you know that there is no option for the system memory and the way to set it up is slightly different from how you said, im not sure if its because its a newer version or it could be because im on windows 7 but i thought id best let you know

how i changed the settings was clicked on security level then clicked settings, i then clicked the additional tab, ticked the Heuristic analysis box, i then moved the slider from light scan to deep scan, i then ticked the rootkit scan box and the deep scan box, then OK , then START SCAN.

i Hope i have done it correctly, i just thought i should let you know that the way of doing it has changed to be helpful, anyway the scan is running now and i will post the results from my desktop when it's finished

thanks again for your help, its much appreciated
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,050 posts

i Hope i have done it correctly, i just thought i should let you know that the way of doing it has changed to be helpful, anyway the scan is running now and i will post the results from my desktop when it's finished


Thanks starcraft, yes that will be for both the reasons you mentioned.

You did right.

Look forward to the results. Might take a while. :)
  • 0

#9
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
in ur pm u asked something bout BSOD im not sure what that means?

EDIT oh blue screen of death

it just says that its doing a physical memory dump then a timer counts to 99

Edited by starcraft, 03 December 2009 - 12:07 PM.

  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,050 posts
Hello starcraft,

I am not a techie but I wonder if your machine has a technical problem...hardware, memory or driver conflict. Something best taken up in the Vista Operating Systems forum here.

You could try this first though.

Go here for instruction on how to use the Check Disk tool in Windows Vista

You may have to run it two or three times if it says it has found errors.

Come back and tell me if carrying out the disk check makes any difference.
  • 0

#11
starcraft

starcraft

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
hi im on my laptop, i dont know whats going on with my desk top but non of the OS i have installed on it will start atol now, i think i must have a harware issue, ive tried removing and reinstalling all hardware but still noting i get as far as the pc starting up with all the hdd installed then it just stops :)
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,050 posts
Hello starcraft,

i think i must have a harware issue,


Well we didn't find any malware as far as we got.

By the way, did that Kaspersky AVP scan that you ran complete it's scan?

And if so, did it find anything?

If it was clean then you really need technical help. You could try opening a topic in the Windows Vista Operating System forum here. If you do, be sure and tell them that you have been here first.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP