Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help please. Slow Computer

Started by kazzman , Oct 26 2010 11:32 PM

  • Please log in to reply

#1
kazzman
Posted 26 October 2010 - 11:32 PM

kazzman

    Member

  • Member
  • PipPip
  • 46 posts
It seems to get bursts of energy, freezes, burst of energy, freezes... MB didn't find anything nor did antivir. Please help me pro guys :D

-------------------------------------------------------------
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4955

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/26/2010 10:24:01 PM
mbam-log-2010-10-26 (22-24-01).txt

Scan type: Quick scan
Objects scanned: 167908
Time elapsed: 6 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
---------------------------------------------------------------------------------------------------

GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-26 22:05:00
Windows 6.1.7600
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x20 0x55 0x30 0x26 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\Daemon Tools\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x70 0xB1 0x28 0xB6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x49 0xBF 0xA6 0xD5 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x20 0x55 0x30 0x26 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\Daemon Tools\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x70 0xB1 0x28 0xB6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x49 0xBF 0xA6 0xD5 ...

---- EOF - GMER 1.0.15 ----

------------------------------------------------------------------------------------------


OTL logfile created on: 10/26/2010 10:24:26 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Brando\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.14 Gb Total Space | 42.44 Gb Free Space | 14.78% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 10.85 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive K: | 149.05 Gb Total Space | 12.92 Gb Free Space | 8.67% Space Free | Partition Type: NTFS
Drive L: | 298.09 Gb Total Space | 0.58 Gb Free Space | 0.20% Space Free | Partition Type: NTFS
Drive M: | 1863.01 Gb Total Space | 1515.76 Gb Free Space | 81.36% Space Free | Partition Type: NTFS

Computer Name: BRANDO-PC | User Name: Brando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/26 22:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
PRC - [2010/10/20 14:04:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/20 14:04:29 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/08/30 08:45:36 | 000,053,088 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\PowerSuite\powersuite.exe
PRC - [2010/08/30 08:45:16 | 000,053,096 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2010/08/13 08:15:30 | 000,056,168 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
PRC - [2010/06/03 13:09:42 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe
PRC - [2010/06/03 11:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) -- C:\Program Files (x86)\GenArts\rlm\rlm.exe
PRC - [2010/05/04 23:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/10 01:38:18 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007/10/24 16:43:48 | 000,139,268 | ---- | M] () -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe


========== Modules (SafeList) ==========

MOD - [2010/10/26 22:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
MOD - [2010/08/20 22:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/03 18:33:28 | 000,751,104 | ---- | M] () [Auto | Running] -- C:\Program Files\GenArts\Monsters-AE64\bin\FlowFinder3MonstersAE64.exe -- (FlowFinder3MonstersAE64)
SRV:64bit: - [2010/05/14 10:58:30 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/10 01:38:18 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/09/22 19:04:18 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/07/01 02:18:36 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/03 13:09:42 | 000,393,216 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe -- (JawsServerAE64)
SRV - [2010/06/03 11:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) [Auto | Running] -- C:\Program Files (x86)\GenArts\rlm\rlm.exe -- (RLM-GenArts)
SRV - [2010/05/04 23:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/10/24 16:43:48 | 000,139,268 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe -- (DCPFLICS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/13 16:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/05/14 18:37:32 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/16 08:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 17:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 17:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/27 07:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2010/04/30 15:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 15:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/05 15:10:42 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://movies.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 69 FE 62 D0 F2 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://movies.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/09 02:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/20 14:04:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/20 14:04:30 | 000,000,000 | ---D | M]

[2010/05/13 16:50:01 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Extensions
[2010/10/25 01:48:23 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions
[2010/05/13 22:05:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/22 12:47:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll

O1 HOSTS File: ([2010/05/14 19:55:41 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...Installer64.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/13 14:18:23 | 000,000,000 | ---D | M] - K:\AUTOMOBILES -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/26 22:06:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 15:57:42 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\Avira
[2010/10/26 15:52:18 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010/10/26 15:52:18 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010/10/26 15:52:18 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010/10/26 15:52:18 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010/10/26 15:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/10/26 15:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/10/20 14:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/10/16 00:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/07 18:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ArchVision
[2010/10/07 18:12:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArchVision
[2010/10/05 22:46:49 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Local\Diagnostics
[2010/09/30 20:52:12 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\Uniblue
[2010/09/30 01:46:40 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\AVG10
[2010/09/30 01:31:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/09/30 01:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/09/30 01:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/09/30 01:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

========== Files - Modified Within 30 Days ==========

[2010/10/26 22:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 15:52:29 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/26 15:36:57 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 15:36:57 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 15:28:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/26 15:28:32 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/25 21:50:28 | 000,044,929 | ---- | M] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/25 14:57:53 | 000,000,447 | ---- | M] () -- C:\Users\Brando\Desktop\fav actors to hire.rtf
[2010/10/14 16:36:21 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/14 16:36:21 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/14 16:36:21 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/13 08:26:46 | 004,848,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/13 02:46:15 | 000,044,619 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 01:49:50 | 000,037,095 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b.jpg
[2010/10/08 17:28:08 | 000,005,309 | ---- | M] () -- C:\Users\Brando\Documents\1.jpg
[2010/10/07 18:12:07 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\ArchVision Content Manager.lnk
[2010/10/06 03:04:05 | 000,771,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2010/10/26 15:52:29 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/25 21:50:25 | 000,044,929 | ---- | C] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/13 02:46:15 | 000,044,619 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 01:49:36 | 000,037,095 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b.jpg
[2010/10/08 17:28:00 | 000,005,309 | ---- | C] () -- C:\Users\Brando\Documents\1.jpg
[2010/10/07 18:12:07 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\ArchVision Content Manager.lnk
[2010/10/02 19:51:34 | 000,000,447 | ---- | C] () -- C:\Users\Brando\Desktop\fav actors to hire.rtf
[2010/08/09 22:29:49 | 007,506,432 | ---- | C] () -- C:\Windows\SysWow64\BLUE1 Render Engine 8BPC.dll
[2010/08/09 22:29:47 | 001,131,520 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Renderer.dll
[2010/08/09 22:29:47 | 000,817,664 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Scene.dll
[2010/08/09 22:29:47 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010/08/09 22:29:47 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\Boris Utilities.dll
[2010/08/09 22:29:47 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Boris Render Node.dll
[2010/08/09 22:14:16 | 000,000,000 | ---- | C] () -- C:\Windows\BorisBLUE2.5.ini
[2010/07/13 18:48:45 | 000,182,644 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\FlamethrowerDriver_Install.log
[2010/07/13 18:48:04 | 000,179,392 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\DXDriver_Install.log
[2010/07/13 18:47:33 | 000,191,088 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\PACEDrivers_Install.log
[2010/06/26 12:50:00 | 000,000,421 | ---- | C] () -- C:\ProgramData\IpodRescue.ini
[2010/06/13 21:08:26 | 005,206,016 | ---- | C] () -- C:\Windows\SysWow64\mkl_genarts.dll
[2010/06/10 02:49:53 | 000,001,456 | ---- | C] () -- C:\Users\Brando\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/06/05 22:43:29 | 000,000,208 | ---- | C] () -- C:\ProgramData\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2010/05/26 19:09:57 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Renderer.dll
[2010/05/26 19:09:57 | 000,813,056 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Scene.dll
[2010/05/26 19:09:57 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Utilities.dll
[2010/05/26 19:09:57 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Render Node.dll
[2010/05/26 19:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO6.0.ini
[2010/05/26 19:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD6.0.ini
[2010/05/26 19:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET6.0.ini
[2010/05/26 19:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES6.0.ini
[2010/05/26 19:09:39 | 018,619,392 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_16Bit.dll
[2010/05/26 19:09:03 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC6.ini
[2010/05/26 19:08:53 | 018,531,840 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_8Bit.dll
[2010/05/26 18:11:03 | 000,000,202 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2010/05/24 22:00:38 | 000,000,024 | -H-- | C] () -- C:\ProgramData\.119889580931711767808769176
[2010/05/24 21:57:52 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.24554863501262644635642126105
[2010/05/18 17:40:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/05/13 22:35:16 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/11 15:48:24 | 000,534,016 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2010/02/28 08:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/10/05 15:09:42 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\PtSSE2.dll
[2009/10/05 15:09:42 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\Cpuinf32.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/29 10:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC XML.ini
[2009/04/09 13:50:14 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\MSL_All-DLL80_x86.dll
[2008/10/23 13:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC7.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO7.0.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptSP7.0.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD7.0.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptJS7.0.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES7.0.ini
[2008/09/16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptEP7.0.ini
[2008/09/16 10:48:52 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET7.0.ini

========== LOP Check ==========

[2010/05/28 19:09:53 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\acccore
[2010/05/13 21:38:07 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Acoustica
[2010/07/01 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Autodesk
[2010/09/30 01:46:40 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\AVG10
[2010/07/13 19:22:16 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Avid
[2010/05/14 18:07:47 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Burn Pro
[2010/06/10 01:53:31 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Canon
[2010/06/12 18:54:08 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/14 18:45:44 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\DAEMON Tools Lite
[2010/05/23 13:48:10 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\DMCache
[2010/07/12 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\EurekaLog
[2010/05/24 22:01:27 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Final Draft
[2010/10/17 13:11:18 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\FrostWire
[2010/08/27 02:58:14 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\MPEG Streamclip
[2010/07/13 19:21:58 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\PACE Anti-Piracy
[2010/05/18 01:12:37 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\RandomControl
[2010/09/08 14:19:19 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2010/07/18 00:33:56 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Right Hemisphere
[2010/05/16 09:41:46 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/05/13 14:55:28 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Template
[2010/09/30 20:53:20 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Uniblue
[2010/05/26 10:24:16 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\URSoft
[2010/10/08 18:04:42 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\uTorrent
[2009/07/13 22:08:49 | 000,020,906 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/05/18 16:38:01 | 000,000,072 | ---- | M] () -- C:\aliens.lic
[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/07/14 00:26:00 | 000,203,836 | RHS- | M] () -- C:\grldr
[2010/10/26 15:28:32 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/28 19:05:08 | 000,000,347 | -H-- | M] () -- C:\IPH.PH
[2009/11/15 16:08:56 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2009/11/15 15:17:09 | 000,000,010 | ---- | M] () -- C:\MOVE_RECOVERY
[2010/10/26 15:28:33 | 332,398,591 | -HS- | M] () -- C:\pagefile.sys
[2009/11/15 16:10:25 | 000,000,163 | ---- | M] () -- C:\power2go.log
[2009/11/15 16:02:33 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log
[2010/07/01 10:40:49 | 000,000,438 | ---- | M] () -- C:\startvrlservice_log.txt
[2010/09/25 23:34:16 | 003,617,871 | ---- | M] () -- C:\vraylog.txt
[2010/05/14 14:59:52 | 000,000,217 | ---- | M] () -- C:\VRSpawner.log

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1224 bytes -> C:\Users\Brando\AppData\Local\aWX1kVkoaFb:CwirMvKqTgjjVqYJxHEZXmzMVL
@Alternate Data Stream - 1161 bytes -> C:\Users\Brando\AppData\Local\ODESvIm1qjPwL:UgxRZEHmtBnpIUSbHp7ZqCY
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >
-----------------------------------------------------------------------------------------

OTL Extras logfile created on: 10/26/2010 10:24:26 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Brando\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.14 Gb Total Space | 42.44 Gb Free Space | 14.78% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 10.85 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive K: | 149.05 Gb Total Space | 12.92 Gb Free Space | 8.67% Space Free | Partition Type: NTFS
Drive L: | 298.09 Gb Total Space | 0.58 Gb Free Space | 0.20% Space Free | Partition Type: NTFS
Drive M: | 1863.01 Gb Total Space | 1515.76 Gb Free Space | 81.36% Space Free | Partition Type: NTFS

Computer Name: BRANDO-PC | User Name: Brando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1BA00585-7306-48AC-B423-D0BDE592B4B7}" = Key Correct
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2F227ACA-204C-4529-BA33-D095C42C72DB}" = Avid Audio Drivers (x64)
"{39BFB02A-9692-0409-A808-3F5C7B1F8953}" = Autodesk 3ds Max 2011 64-bit
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{40E89076-E040-421E-AEB7-D931F8B07401}" = Magic Bullet Mojo
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7563F495-80F5-0409-A514-747C66C22449}" = Autodesk 3ds Max 2011 64-bit Components
"{854855A2-D257-4FA0-A1C3-FB1F75536E4F}" = RH Max Module 6.0 (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{86F96E86-EF51-4F16-9C50-9CE9F599ECC9}" = Primatte Keyer
"{87759E9A-96DB-47FC-85AE-654BF7E7BBFB}" = RPC Plugin for Autodesk 3ds Max 2010 64-bit
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{A31D5812-F0AA-4AFA-B584-C2C4AC141518}" = Boris Continuum Complete 7 Adobe CS5
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AEC9311A-90AC-4083-B3CD-428C3BB3891C}" = Magic Bullet Looks
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{C154E2A6-E640-4253-BFE3-F482A5E2E13F}" = Deep Exploration 6.1 x64
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DBBD4603-C7BF-4FB1-A799-F955FC6EEF33}_is1" = GenArts Monsters GT V6 for After Effects CS5
"{DBF6B4E9-CD43-476A-895D-4D688D41CE63}" = Composite 2011 (64-bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}" = Trapcode Particular
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{EEB7359A-A8CD-4EEE-A3D5-67F8B6A45CFC}" = NVIDIA PhysX Plug-in for Autodesk 3ds Max 64 bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit
"CameraTracker for AE_is1" = CameraTracker 1.0v1 (64 bit) for AE
"GenArts Sapphire AE_is1" = GenArts Sapphire Plug-ins 5.0 for After Effects and Compatible
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"V-Ray for 3dsmax 2011 for x64" = V-Ray for 3dsmax 2011 for x64
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0136596E-8468-491C-B808-8D7611051624}" = Avid MediaLog
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A831BA2-AFE4-42E4-AFD7-D17FE645C564}" = Boris Continuum Complete AE 6
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E6B352F-F91D-43E6-8BB6-B772C32E83A9}" = Avid Media Composer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21598770-C95E-40C4-AC4C-E764DFDA2CFA}" = Avid FilmScribe
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{237C62CD-96C3-4AAC-918F-3D6360135ED0}" = Avid EDL Manager
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC52438-5DE4-4102-846E-64C225A0A04E}" = IP-Clamp Service
"{716AE0DC-5FA3-4633-A9E9-169910D180DE}" = MetaSync
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{78D62D17-D970-42DA-B8CF-5E5576293B33}" = Final Draft 7
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DBFE250-6EF1-406A-A1AC-E2537293630C}" = Boris BLUE
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{ADDCF273-590B-4227-957D-F6380A51C837}" = Avid Log Exchange
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E4032E6D-3AA6-472E-8438-3672A7159516}" = Boris Continuum Complete AE 6
"{E44B5883-878A-4930-B84D-CB4AA15EB00A}" = ArchVision Content Manager
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"4U Download YouTube Video_is1" = 4U Download YouTube Video (version 2.8.2)
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Akamai" = Akamai NetSession Interface
"AlphaPlugins Ice Pattern v 1.2. for Adobe After Effects_is1" = AlphaPlugins IcePattern 1.2 for Adobe After Effects
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"FrostWire" = FrostWire 4.20.6
"GenArts Reprise License Manager Server_is1" = GenArts Sapphire RLM Server 8.0.5.1
"GenArts Sapphire Plug-ins for After Effects_is1" = GenArts Sapphire Plug-ins 2.093 for After Effects and Compatibl
"InstallShield_{1BA00585-7306-48AC-B423-D0BDE592B4B7}" = Key Correct
"InstallShield_{86F96E86-EF51-4F16-9C50-9CE9F599ECC9}" = Primatte Keyer
"InstallShield_{AEC9311A-90AC-4083-B3CD-428C3BB3891C}" = Magic Bullet Looks
"InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}" = Trapcode Particular
"JDownloader" = JDownloader
"Magic Bullet Colorista" = Magic Bullet Colorista
"Magic Bullet Looks" = Magic Bullet Looks
"Magic Bullet Looks AVX" = Magic Bullet Looks AVX
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"PAN Fire 3.0_is1" = PAN Fire 3.0
"PAN Lens Pro III Full Bundle 3.6_is1" = PAN Lens Pro III Full Bundle 3.6
"Panopticum Curtains 1.02 for Adobe After Effects_is1" = Panopticum Curtains 1.02 for Adobe After Effects
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"ProcessScanner_is1" = Uniblue ProcessScanner
"Radium Glow" = Radium Glow
"Red Giant ToonIt" = Red Giant ToonIt
"Red Giant ToonIt AVX" = Red Giant ToonIt AVX
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Trapcode Particular v2" = Trapcode Particular v2
"uTorrent" = µTorrent
"Water v 1.03. for Adobe After Effects_is1" = Water 1.03. for Adobe After Effects
"WFTK" = Canon Utilities WFT Utility
"YU2010_is1" = Your Uninstaller! 2010
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/24/2010 5:09:01 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:09:02 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:09:02 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:09:02 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:09:02 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:09:02 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:33:05 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:33:05 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/24/2010 5:33:06 PM | Computer Name = Brando-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/27/2010 12:04:43 AM | Computer Name = Brando-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 10/26/2010 4:46:43 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 10/26/2010 5:22:55 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 10/26/2010 6:28:31 PM | Computer Name = Brando-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/26/2010 6:28:44 PM | Computer Name = Brando-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aspi32

Error - 10/26/2010 6:52:41 PM | Computer Name = Brando-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Start with the following error:
%%5

Error - 10/26/2010 6:58:40 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 10/26/2010 6:58:42 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 10/26/2010 6:58:44 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 10/26/2010 9:05:39 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 10/26/2010 9:15:54 PM | Computer Name = Brando-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.


< End of report >
  • 0

Advertisements

#2
kahdah
Posted 08 November 2010 - 07:03 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello kazzman

Welcome to G2Go. :D
=====================
Are you still in need of assistance?
If so please open OTL once more and click on the run scan button and post the log please.
  • 0

#3
kazzman
Posted 08 November 2010 - 11:25 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Yes! Thank you so much for responding. Here is the log:


OTL logfile created on: 11/8/2010 9:19:44 PM - Run 2
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Brando\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 29.00% Memory free
7.00 Gb Paging File | 4.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.14 Gb Total Space | 38.39 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 10.85 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive K: | 149.05 Gb Total Space | 12.91 Gb Free Space | 8.66% Space Free | Partition Type: NTFS
Drive L: | 298.09 Gb Total Space | 1.89 Gb Free Space | 0.64% Space Free | Partition Type: NTFS
Drive M: | 1863.01 Gb Total Space | 1179.89 Gb Free Space | 63.33% Space Free | Partition Type: NTFS

Computer Name: BRANDO-PC | User Name: Brando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/28 15:26:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/28 15:26:06 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
PRC - [2010/06/03 12:09:42 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe
PRC - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) -- C:\Program Files (x86)\GenArts\rlm\rlm.exe
PRC - [2010/05/25 02:15:28 | 015,723,008 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\AvidMediaComposer.exe
PRC - [2010/05/25 01:02:50 | 000,296,960 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\SupportingFiles\Utilities\PLutil.exe
PRC - [2010/05/16 21:11:48 | 000,114,688 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\DSM\DSM_Server.exe
PRC - [2010/05/04 22:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 12:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/10 00:38:18 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
PRC - [2010/03/02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2008/06/11 21:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007/10/24 15:43:48 | 000,139,268 | ---- | M] () -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe


========== Modules (SafeList) ==========

MOD - [2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
MOD - [2010/08/20 21:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/03 17:33:28 | 000,751,104 | ---- | M] () [Auto | Running] -- C:\Program Files\GenArts\Monsters-AE64\bin\FlowFinder3MonstersAE64.exe -- (FlowFinder3MonstersAE64)
SRV:64bit: - [2010/05/14 09:58:30 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/10 00:38:18 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/09/22 18:04:18 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/07/01 01:18:36 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/03 12:09:42 | 000,393,216 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe -- (JawsServerAE64)
SRV - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) [Auto | Running] -- C:\Program Files (x86)\GenArts\rlm\rlm.exe -- (RLM-GenArts)
SRV - [2010/05/04 22:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/01 12:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/15 04:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/10/24 15:43:48 | 000,139,268 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe -- (DCPFLICS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/13 15:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/05/14 17:37:32 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/16 07:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/16 13:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 16:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 16:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 12:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 12:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2010/04/30 14:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 14:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/05 14:10:42 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://movies.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 69 FE 62 D0 F2 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://movies.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/09 01:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 15:26:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/28 15:26:09 | 000,000,000 | ---D | M]

[2010/05/13 15:50:01 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Extensions
[2010/11/08 18:37:46 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions
[2010/05/13 21:05:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/22 11:47:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll

O1 HOSTS File: ([2010/05/14 18:55:41 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...Installer64.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/13 13:18:23 | 000,000,000 | ---D | M] - K:\AUTOMOBILES -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/05 22:11:32 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\GridIron Software
[2010/11/05 22:11:32 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Local\GridIron Software
[2010/11/05 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GridIron Software
[2010/11/05 21:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridIron Software
[2010/10/26 21:06:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 14:57:42 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\Avira
[2010/10/26 14:52:18 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010/10/26 14:52:18 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010/10/26 14:52:18 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010/10/26 14:52:18 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010/10/26 14:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/10/26 14:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/10/20 13:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/10/15 23:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

========== Files - Modified Within 30 Days ==========

[2010/11/06 09:35:53 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/06 09:35:53 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/05 22:09:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/05 22:09:53 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/02 22:43:59 | 000,464,220 | ---- | M] () -- C:\Users\Brando\Desktop\zappology.ms
[2010/11/02 21:57:06 | 000,072,930 | ---- | M] () -- C:\Users\Brando\Desktop\test999.ms
[2010/11/02 21:56:45 | 000,072,930 | ---- | M] () -- C:\Users\Brando\Desktop\test.ms
[2010/11/02 17:07:34 | 000,000,030 | ---- | M] () -- C:\Users\Brando\Documents\1A674133-BRANDO-PC.lic
[2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 14:52:29 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/25 20:50:28 | 000,044,929 | ---- | M] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/25 13:57:53 | 000,000,447 | ---- | M] () -- C:\Users\Brando\Desktop\fav actors to hire.rtf
[2010/10/14 15:36:21 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/14 15:36:21 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/14 15:36:21 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/13 07:26:46 | 004,848,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/13 01:46:15 | 000,044,619 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 00:49:50 | 000,037,095 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b.jpg

========== Files Created - No Company Name ==========

[2010/11/02 22:43:59 | 000,464,220 | ---- | C] () -- C:\Users\Brando\Desktop\zappology.ms
[2010/11/02 21:57:06 | 000,072,930 | ---- | C] () -- C:\Users\Brando\Desktop\test999.ms
[2010/11/02 21:54:45 | 000,072,930 | ---- | C] () -- C:\Users\Brando\Desktop\test.ms
[2010/11/02 17:07:33 | 000,000,030 | ---- | C] () -- C:\Users\Brando\Documents\1A674133-BRANDO-PC.lic
[2010/10/26 14:52:29 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/25 20:50:25 | 000,044,929 | ---- | C] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/13 01:46:15 | 000,044,619 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 00:49:36 | 000,037,095 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b.jpg
[2010/08/09 21:29:49 | 007,506,432 | ---- | C] () -- C:\Windows\SysWow64\BLUE1 Render Engine 8BPC.dll
[2010/08/09 21:29:47 | 001,131,520 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Renderer.dll
[2010/08/09 21:29:47 | 000,817,664 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Scene.dll
[2010/08/09 21:29:47 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010/08/09 21:29:47 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\Boris Utilities.dll
[2010/08/09 21:29:47 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Boris Render Node.dll
[2010/08/09 21:14:16 | 000,000,000 | ---- | C] () -- C:\Windows\BorisBLUE2.5.ini
[2010/07/13 17:48:45 | 000,182,644 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\FlamethrowerDriver_Install.log
[2010/07/13 17:48:04 | 000,179,392 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\DXDriver_Install.log
[2010/07/13 17:47:33 | 000,191,088 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\PACEDrivers_Install.log
[2010/06/26 11:50:00 | 000,000,421 | ---- | C] () -- C:\ProgramData\IpodRescue.ini
[2010/06/13 20:08:26 | 005,206,016 | ---- | C] () -- C:\Windows\SysWow64\mkl_genarts.dll
[2010/06/10 01:49:53 | 000,001,456 | ---- | C] () -- C:\Users\Brando\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/06/05 21:43:29 | 000,000,208 | ---- | C] () -- C:\ProgramData\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2010/05/26 18:09:57 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Renderer.dll
[2010/05/26 18:09:57 | 000,813,056 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Scene.dll
[2010/05/26 18:09:57 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Utilities.dll
[2010/05/26 18:09:57 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Render Node.dll
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES6.0.ini
[2010/05/26 18:09:39 | 018,619,392 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_16Bit.dll
[2010/05/26 18:09:03 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC6.ini
[2010/05/26 18:08:53 | 018,531,840 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_8Bit.dll
[2010/05/26 17:11:03 | 000,000,202 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2010/05/24 21:00:38 | 000,000,024 | -H-- | C] () -- C:\ProgramData\.119889580931711767808769176
[2010/05/24 20:57:52 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.24554863501262644635642126105
[2010/05/18 16:40:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/05/13 21:35:16 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/11 14:48:24 | 000,534,016 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2010/03/24 10:53:58 | 001,245,184 | ---- | C] () -- C:\Windows\SysWow64\sm_free3DLL.dll
[2010/03/24 10:53:58 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\libCtilMgr.dll
[2010/03/24 10:53:48 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\cppasn1.dll
[2010/02/28 07:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/10/05 14:09:42 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\PtSSE2.dll
[2009/10/05 14:09:42 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\Cpuinf32.dll
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/29 09:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC XML.ini
[2009/04/09 12:50:14 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\MSL_All-DLL80_x86.dll
[2008/10/23 12:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC7.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptSP7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptJS7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptEP7.0.ini
[2008/09/16 09:48:52 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET7.0.ini

========== LOP Check ==========

[2010/05/28 18:09:53 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\acccore
[2010/05/13 20:38:07 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Acoustica
[2010/07/01 01:18:39 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Autodesk
[2010/09/30 00:46:40 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\AVG10
[2010/07/13 18:22:16 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Avid
[2010/05/14 17:07:47 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Burn Pro
[2010/06/10 00:53:31 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Canon
[2010/06/12 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/14 17:45:44 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\DAEMON Tools Lite
[2010/05/23 12:48:10 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\DMCache
[2010/07/12 11:15:58 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\EurekaLog
[2010/05/24 21:01:27 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Final Draft
[2010/10/31 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\FrostWire
[2010/11/05 22:11:32 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\GridIron Software
[2010/08/27 01:58:14 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\MPEG Streamclip
[2010/07/13 18:21:58 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\PACE Anti-Piracy
[2010/05/18 00:12:37 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\RandomControl
[2010/09/08 13:19:19 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2010/07/17 23:33:56 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Right Hemisphere
[2010/05/16 08:41:46 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/05/13 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Template
[2010/09/30 19:53:20 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Uniblue
[2010/05/26 09:24:16 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\URSoft
[2010/11/02 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\uTorrent
[2009/07/13 21:08:49 | 000,022,666 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 1224 bytes -> C:\Users\Brando\AppData\Local\aWX1kVkoaFb:CwirMvKqTgjjVqYJxHEZXmzMVL
@Alternate Data Stream - 1161 bytes -> C:\Users\Brando\AppData\Local\ODESvIm1qjPwL:UgxRZEHmtBnpIUSbHp7ZqCY
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >
  • 0

#4
kahdah
Posted 09 November 2010 - 06:02 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You have remnants of AVG running in addition to Avira so please use the removal tool found here > http://download.avg....4_2011_1149.exe

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
[2010/05/24 21:00:38 | 000,000,024 | -H-- | C] () -- C:\ProgramData\.119889580931711767808769176
[2010/05/24 20:57:52 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.24554863501262644635642126105
@Alternate Data Stream - 1224 bytes -> C:\Users\Brando\AppData\Local\aWX1kVkoaFb:CwirMvKqTgjjVqYJxHEZXmzMVL
@Alternate Data Stream - 1161 bytes -> C:\Users\Brando\AppData\Local\ODESvIm1qjPwL:UgxRZEHmtBnpIUSbHp7ZqCY

:Files
C:\Users\Brando\AppData\Local\ODESvIm1qjPwL
C:\Users\Brando\AppData\Local\aWX1kVkoaFb

:Commands
[emptytemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
================================Malwarebytes' Anti-Malware=================================
lease download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
================================Online scan=================================
* Go here to run an online scannner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Check next options: Remove found threats and Scan unwanted applications.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

  • 0

#5
kazzman
Posted 09 November 2010 - 11:02 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Thanks Kahdah, This is all I got from the Eset scan, the others are below:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
-------------------------------------------------

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5084

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/9/2010 2:53:48 PM
mbam-log-2010-11-09 (14-53-48).txt

Scan type: Full scan (C:\|D:\|K:\|L:\|M:\|)
Objects scanned: 894911
Time elapsed: 3 hour(s), 28 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
------------------------------------------------------------

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
C:\ProgramData\.119889580931711767808769176 moved successfully.
C:\ProgramData\.24554863501262644635642126105 moved successfully.
ADS C:\Users\Brando\AppData\Local\aWX1kVkoaFb:CwirMvKqTgjjVqYJxHEZXmzMVL deleted successfully.
ADS C:\Users\Brando\AppData\Local\ODESvIm1qjPwL:UgxRZEHmtBnpIUSbHp7ZqCY deleted successfully.
========== FILES ==========
C:\Users\Brando\AppData\Local\ODESvIm1qjPwL folder moved successfully.
C:\Users\Brando\AppData\Local\aWX1kVkoaFb folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 453813504 bytes
->Temporary Internet Files folder emptied: 41381625 bytes
->FireFox cache emptied: 4780944 bytes
->Flash cache emptied: 4302 bytes

User: All Users

User: Brando
->Temp folder emptied: 470578315 bytes
->Temporary Internet Files folder emptied: 48967366 bytes
->Java cache emptied: 62905 bytes
->FireFox cache emptied: 107721329 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 104069 bytes

User: BrandoAdmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Larisa
->Temp folder emptied: 16853828 bytes
->Temporary Internet Files folder emptied: 55210723 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 16376 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49110 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,144.00 mb


OTL by OldTimer - Version 3.2.17.1 log created on 11092010_110829

Files\Folders moved on Reboot...
C:\Users\Brando\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
  • 0

#6
kahdah
Posted 10 November 2010 - 06:49 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Things still running slowly?
Open OTL once more and click on the Run scan button at the top and post the log that opens.

Give me details of how the system is behaving please.
  • 0

#7
kazzman
Posted 10 November 2010 - 12:35 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hello, I asked my wife and she said it is 80% better. That is great. Thank you. I donated to your services, thank you again so so much. It was truly bothersome.


OTL logfile created on: 11/10/2010 10:25:00 AM - Run 3
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Brando\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.14 Gb Total Space | 41.31 Gb Free Space | 14.39% Space Free | Partition Type: NTFS
Drive D: | 10.95 Gb Total Space | 10.85 Gb Free Space | 99.13% Space Free | Partition Type: NTFS
Drive K: | 149.05 Gb Total Space | 12.91 Gb Free Space | 8.66% Space Free | Partition Type: NTFS
Drive L: | 298.09 Gb Total Space | 1.91 Gb Free Space | 0.64% Space Free | Partition Type: NTFS
Drive M: | 1863.01 Gb Total Space | 1169.15 Gb Free Space | 62.76% Space Free | Partition Type: NTFS

Computer Name: BRANDO-PC | User Name: Brando | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/28 15:26:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/28 15:26:06 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
PRC - [2010/06/03 12:09:42 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe
PRC - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) -- C:\Program Files (x86)\GenArts\rlm\rlm.exe
PRC - [2010/05/25 02:15:28 | 015,723,008 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\AvidMediaComposer.exe
PRC - [2010/05/25 01:02:50 | 000,296,960 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\SupportingFiles\Utilities\PLutil.exe
PRC - [2010/05/16 21:11:48 | 000,114,688 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Avid\Avid Media Composer\DSM\DSM_Server.exe
PRC - [2010/05/04 22:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 12:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/10 00:38:18 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
PRC - [2010/03/06 03:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/03/02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2008/06/11 21:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007/10/24 15:43:48 | 000,139,268 | ---- | M] () -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe


========== Modules (SafeList) ==========

MOD - [2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
MOD - [2010/08/20 21:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/03 17:33:28 | 000,751,104 | ---- | M] () [Auto | Running] -- C:\Program Files\GenArts\Monsters-AE64\bin\FlowFinder3MonstersAE64.exe -- (FlowFinder3MonstersAE64)
SRV:64bit: - [2010/05/14 09:58:30 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/10 00:38:18 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe -- (mi-raysat_3dsmax2011_64)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/09/22 18:04:18 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/07/01 01:18:36 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/03 12:09:42 | 000,393,216 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GenArts\Monsters-AE64\bin\JawsServerAE64.exe -- (JawsServerAE64)
SRV - [2010/06/03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) [Auto | Running] -- C:\Program Files (x86)\GenArts\rlm\rlm.exe -- (RLM-GenArts)
SRV - [2010/05/04 22:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/01 12:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/15 04:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/10/24 15:43:48 | 000,139,268 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe -- (DCPFLICS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/14 17:37:32 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/16 07:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/16 13:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 16:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 16:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 12:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 12:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2010/04/30 14:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 14:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/05 14:10:42 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5670
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=DTP&M=GT5670
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://movies.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 69 FE 62 D0 F2 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://movies.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/09 01:33:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 15:26:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/28 15:26:09 | 000,000,000 | ---D | M]

[2010/05/13 15:50:01 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Extensions
[2010/11/09 18:41:42 | 000,000,000 | ---D | M] -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions
[2010/05/13 21:05:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brando\AppData\Roaming\Mozilla\Firefox\Profiles\e4sjtjnc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/22 11:47:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll

O1 HOSTS File: ([2010/05/14 18:55:41 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.m...Installer64.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/13 13:18:23 | 000,000,000 | ---D | M] - K:\AUTOMOBILES -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/09 21:08:30 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Local\Downloaded Installations
[2010/11/09 15:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/11/09 11:08:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/05 22:11:32 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\GridIron Software
[2010/11/05 22:11:32 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Local\GridIron Software
[2010/11/05 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GridIron Software
[2010/11/05 21:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridIron Software
[2010/10/26 21:06:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 14:57:42 | 000,000,000 | ---D | C] -- C:\Users\Brando\AppData\Roaming\Avira
[2010/10/26 14:52:18 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010/10/26 14:52:18 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010/10/26 14:52:18 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010/10/26 14:52:18 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010/10/26 14:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/10/26 14:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/10/26 12:12:26 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/10/26 12:12:25 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/10/26 12:12:25 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/10/26 12:12:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/10/26 12:12:25 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/10/26 12:12:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/10/26 12:12:25 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/10/26 12:11:00 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/10/20 13:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/10/15 23:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/12 14:19:25 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/12 14:19:25 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/12 14:19:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/12 14:19:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/12 14:19:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/12 14:19:23 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/12 14:19:23 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/12 14:19:23 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/12 14:19:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/12 14:19:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/12 14:19:22 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/12 14:19:22 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/12 14:19:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/12 14:19:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/12 13:47:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/12 13:31:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/10/12 13:31:44 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/12 13:31:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/12 13:31:43 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/12 13:31:36 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/10/12 13:31:34 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/12 13:31:34 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/10/12 13:31:33 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/12 13:31:33 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/12 13:31:12 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/12 13:31:11 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/12 13:31:11 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/12 13:31:10 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL

========== Files - Modified Within 30 Days ==========

[2010/11/09 18:09:50 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/09 18:09:50 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/09 18:09:50 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/09 11:18:56 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 11:18:56 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 11:11:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/09 11:11:32 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/02 22:43:59 | 000,464,220 | ---- | M] () -- C:\Users\Brando\Desktop\zappology.ms
[2010/11/02 21:57:06 | 000,072,930 | ---- | M] () -- C:\Users\Brando\Desktop\test999.ms
[2010/11/02 21:56:45 | 000,072,930 | ---- | M] () -- C:\Users\Brando\Desktop\test.ms
[2010/11/02 17:07:34 | 000,000,030 | ---- | M] () -- C:\Users\Brando\Documents\1A674133-BRANDO-PC.lic
[2010/10/26 21:06:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Brando\Desktop\OTL.exe
[2010/10/26 14:52:29 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/25 20:50:28 | 000,044,929 | ---- | M] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/25 13:57:53 | 000,000,447 | ---- | M] () -- C:\Users\Brando\Desktop\fav actors to hire.rtf
[2010/10/13 07:26:46 | 004,848,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/13 01:46:15 | 000,044,619 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 00:49:50 | 000,037,095 | ---- | M] () -- C:\Users\Brando\Desktop\monogram b.jpg

========== Files Created - No Company Name ==========

[2010/11/02 22:43:59 | 000,464,220 | ---- | C] () -- C:\Users\Brando\Desktop\zappology.ms
[2010/11/02 21:57:06 | 000,072,930 | ---- | C] () -- C:\Users\Brando\Desktop\test999.ms
[2010/11/02 21:54:45 | 000,072,930 | ---- | C] () -- C:\Users\Brando\Desktop\test.ms
[2010/11/02 17:07:33 | 000,000,030 | ---- | C] () -- C:\Users\Brando\Documents\1A674133-BRANDO-PC.lic
[2010/10/26 14:52:29 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/10/25 20:50:25 | 000,044,929 | ---- | C] () -- C:\Users\Brando\Desktop\MP_vote_email_top_v3.jpg
[2010/10/13 01:46:15 | 000,044,619 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b2.jpg
[2010/10/13 00:49:36 | 000,037,095 | ---- | C] () -- C:\Users\Brando\Desktop\monogram b.jpg
[2010/08/09 21:29:49 | 007,506,432 | ---- | C] () -- C:\Windows\SysWow64\BLUE1 Render Engine 8BPC.dll
[2010/08/09 21:29:47 | 001,131,520 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Renderer.dll
[2010/08/09 21:29:47 | 000,817,664 | ---- | C] () -- C:\Windows\SysWow64\Boris GL Scene.dll
[2010/08/09 21:29:47 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010/08/09 21:29:47 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\Boris Utilities.dll
[2010/08/09 21:29:47 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\Boris Render Node.dll
[2010/08/09 21:14:16 | 000,000,000 | ---- | C] () -- C:\Windows\BorisBLUE2.5.ini
[2010/07/13 17:48:45 | 000,182,644 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\FlamethrowerDriver_Install.log
[2010/07/13 17:48:04 | 000,179,392 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\DXDriver_Install.log
[2010/07/13 17:47:33 | 000,191,088 | ---- | C] () -- C:\Users\Brando\AppData\Roaming\PACEDrivers_Install.log
[2010/06/26 11:50:00 | 000,000,421 | ---- | C] () -- C:\ProgramData\IpodRescue.ini
[2010/06/13 20:08:26 | 005,206,016 | ---- | C] () -- C:\Windows\SysWow64\mkl_genarts.dll
[2010/06/10 01:49:53 | 000,001,456 | ---- | C] () -- C:\Users\Brando\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/06/05 21:43:29 | 000,000,208 | ---- | C] () -- C:\ProgramData\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2010/05/26 18:09:57 | 001,122,304 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Renderer.dll
[2010/05/26 18:09:57 | 000,813,056 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Scene.dll
[2010/05/26 18:09:57 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Utilities.dll
[2010/05/26 18:09:57 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Boris TTK Render Node.dll
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET6.0.ini
[2010/05/26 18:09:54 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES6.0.ini
[2010/05/26 18:09:39 | 018,619,392 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_16Bit.dll
[2010/05/26 18:09:03 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC6.ini
[2010/05/26 18:08:53 | 018,531,840 | ---- | C] () -- C:\Windows\SysWow64\BCC6_AE_8Bit.dll
[2010/05/26 17:11:03 | 000,000,202 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2010/05/18 16:40:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/05/13 21:35:16 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/11 14:48:24 | 000,534,016 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2010/03/24 10:53:58 | 001,245,184 | ---- | C] () -- C:\Windows\SysWow64\sm_free3DLL.dll
[2010/03/24 10:53:58 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\libCtilMgr.dll
[2010/03/24 10:53:48 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\cppasn1.dll
[2010/02/28 07:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/10/05 14:09:42 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\PtSSE2.dll
[2009/10/05 14:09:42 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\Cpuinf32.dll
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/29 09:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC XML.ini
[2009/04/09 12:50:14 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\MSL_All-DLL80_x86.dll
[2008/10/23 12:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC7.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptSP7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptJS7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES7.0.ini
[2008/09/16 09:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptEP7.0.ini
[2008/09/16 09:48:52 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET7.0.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >
  • 0

#8
kahdah
Posted 10 November 2010 - 05:30 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Great and thank you for your donation :D

Please uninstall your current version of Adobe reader adn then you can download and install the newest version from here > http://get.adobe.com/reader/
=========
  • Double click on OTL to run it.
  • Click on the Cleanup button at the top.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  • This will remove itself and other tools we may have used.
===============Update Java===============

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop.
  • Scroll down to where it says "(JRE) then click on it
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586.exe to install the newest version.
======================Clear out infected System Restore points======================
Then we need to reset your System Restore points.
The link below shows how to do this.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us

If you are using Vista then see this link: http://www.bleepingc...143.html#manual

Delete\uninstall anything else that we have used that is leftover.


After that your all set.


===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance===

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

"How did I get infected in the first place?" Also this one by Tony Klein.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc...



===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased===

Malwarebytes Antimalware
superantispyware

===Free antivirus links===

This is antivirus and antispyware.
Microsoft Security Essentials
This is free antispyware protection and Antivirus protection.
AVG free
This is just antivirus protection.
Antivir
This is antivirus and antispyware protection.
Avast
  • 0

#9
kazzman
Posted 19 November 2010 - 12:20 AM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi, It does seem a little better. It seems that youtube is still loading slower than my friend's and my computer was originally built a little stronger for gaming. Also since I changed the java I am having issues with some editing programs and my yahoo mail is looking like this

<br><div class="gmail_quote">NicOlette Butler<br><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div><div><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"> 323.363.3024<br>

I tried to troubleshoot and do several reboots but I can't seem to figure out what the problem is. Sorry for the trouble :D
  • 0

#10
kahdah
Posted 19 November 2010 - 05:50 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Have you tried to reset IE back to defaults?
Try that please> http://support.micro...b/923737#showme
  • 0

Advertisements

#11
kazzman
Posted 19 November 2010 - 02:46 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
I don't use internet explorere but firefox. I actually just realized that my video renders for the last four days all turned out distorted and I can't seem to fix it. Could java or some of the adjustments you made have effected Adobe After Effects CS5 performance? It won't work since our changes,I'm in big trouble. Help please.
  • 0

#12
kahdah
Posted 19 November 2010 - 03:17 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You can see exactly what was done nothing harmful has been done to the system in fact malware was removed.
If you still have issues then I suggest posting in the forum for further assistance: http://www.geekstogo...2-applications/
They can handle application specific issues.
  • 0

#13
kazzman
Posted 19 November 2010 - 03:31 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hey, Ok thanks. I know you helped :D I was just wondering if I should go back to the old version of Java. I'll give it a go. Thanks again for your help, I really do appreciate it :")
  • 0

#14
kahdah
Posted 19 November 2010 - 03:36 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You could try to go back if you can find a older version of Java but remember it contains exploits that is why I had you update it.
Try installing the x64 bit version of Java as well as the 32 bit.
If you already have the 32 bit then just install the x64 bit it can be found here > http://www.java.com/...va_win64bit.xml
  • 0

#15
kazzman
Posted 19 November 2010 - 03:50 PM

kazzman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hey, I did but no luck :D Thanks though, I'm baffled, don't know what has caused the problems.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP