Thx Craig
OTL logfile created on: 23/11/2010 21:27:21 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Naybad\Desktop
64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 33.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 236.92 Gb Free Space | 50.87% Space Free | Partition Type: NTFS
Computer Name: NAYBAD-PC | User Name: Naybad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Naybad\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
PRC - C:\Program Files (x86)\Razer\Arctosa\razertra.exe ()
PRC - C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe ()
PRC - C:\Program Files\ASUS\TurboV\TurboV.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe ()
PRC - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
PRC - C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Razer\DeathAdder\razertra.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Naybad\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (PnkBstrB) -- C:\Windows\SysNative\PnkBstrB.exe File not found
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV:64bit: - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV:64bit: - (nHancer) -- C:\Program Files\nHancer\nHancerService.exe (KSE - Korndörfer Software Engineering)
SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG8\Toolbar\ToolbarBroker.exe ()
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (avg8emc) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (PublicPreviewTurbineMessageService) -- C:\Program Files (x86)\Turbine\Turbine Download Manager - Lamannia\TurbineMessageService.exe (Turbine, Inc.)
SRV - (PublicPreviewTurbineNetworkService) -- C:\Program Files (x86)\Turbine\Turbine Download Manager - Lamannia\TurbineNetworkService.exe (Turbine, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (vsdatant7) -- C:\Windows\SysNative\drivers\vsdatant.win7.sys File not found
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI\Sandra.sys File not found
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\DRIVERS\EIO64.sys File not found
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys File not found
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\DRIVERS\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\Drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Arctosa) -- C:\Windows\SysNative\drivers\Arctosa.sys (Razer USA Ltd.)
DRV:64bit: - (mv64xx) -- C:\Windows\SysNative\DRIVERS\mv64xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\DRIVERS\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (DAdderFltr) -- C:\Windows\SysNative\drivers\dadder.sys (Razer (Asia-Pacific) Pte Ltd)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (RTCore64) -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys ()
DRV - (WinRing0_1_2_0) -- C:\Users\Naybad\overclocking\RealTemp_3.00-[Guru3D.com]\WinRing0x64.sys (OpenLibSys.org)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (ENTECH64) -- C:\Windows\SysWOW64\drivers\Entech64.sys (EnTech Taiwan)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 5B EC F5 46 20 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm Security Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {91da5e8a-3318-4f8c-b67e-5964de3ab546}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.260.0
FF - prefs.js..keyword.URL: "http://search.condui...d=CT2645238&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2009/12/21 22:39:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010/10/28 20:30:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2010/11/22 22:38:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 19:50:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 19:50:20 | 000,000,000 | ---D | M]
[2009/01/10 22:12:35 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\Mozilla\Extensions
[2010/11/22 22:50:06 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\extensions
[2010/04/28 16:52:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/18 15:17:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/08/23 19:57:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/11/22 22:38:15 | 000,000,000 | ---D | M] (ZoneAlarm Security Toolbar) -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
[2010/08/19 21:08:14 | 000,000,939 | ---- | M] () -- C:\Users\Naybad\AppData\Roaming\Mozilla\Firefox\Profiles\k0s5cxug.default\searchplugins\conduit.xml
[2010/11/13 20:25:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/23 18:40:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/23 19:56:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/13 20:25:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/30 18:44:19 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/09/30 18:44:19 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/09/30 18:44:19 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/09/30 18:44:19 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 21:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files (x86)\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ()
O4 - HKLM..\Run: [Arctosa] C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Naybad\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Naybad\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2ceb4756-9e61-11df-90a5-0023549b730e}\Shell\AutoRun\command - "" = G:\PMBP_Win.exe -- File not found
O33 - MountPoints2\{643468e6-df9a-11dd-90b1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{643468e6-df9a-11dd-90b1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{643468e6-df9a-11dd-90b1-806e6f6e6963}\Shell\dinstall\command - "" = D:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Launch.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/11/22 23:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/11/22 23:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/11/22 22:39:10 | 000,000,000 | ---D | C] -- C:\Users\Naybad\Documents\ForceField Shared Files
[2010/11/22 22:38:56 | 000,000,000 | ---D | C] -- C:\Users\Naybad\AppData\Roaming\CheckPoint
[2010/11/22 22:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/11/22 22:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm_Security
[2010/11/22 22:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010/11/22 22:34:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2010/11/22 22:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2010/11/22 22:33:12 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010/11/22 22:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010/11/22 21:00:54 | 000,000,000 | ---D | C] -- C:\Users\Naybad\AppData\Roaming\Malwarebytes
[2010/11/22 21:00:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/22 21:00:25 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/22 21:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/22 21:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/22 20:57:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/22 20:38:25 | 000,000,000 | ---D | C] -- C:\Users\Naybad\Desktop\Trojan horse dropper.generic2.cyj [Solved]_files
[2010/11/22 20:37:25 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Naybad\Desktop\OTL.exe
[2010/11/16 22:21:13 | 000,034,032 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2010/11/16 22:20:30 | 000,027,176 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2010/11/16 22:20:30 | 000,013,352 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2010/11/16 22:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/23 21:22:26 | 000,811,458 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/23 21:22:26 | 000,681,528 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/23 21:22:26 | 000,140,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/23 21:15:24 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/23 21:15:24 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/23 21:15:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/23 21:15:00 | 3211,911,168 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/22 22:39:57 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/11/22 22:36:52 | 000,000,901 | ---- | M] () -- C:\Users\Naybad\Desktop\ZoneAlarm Security.lnk
[2010/11/22 21:00:28 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/22 20:38:31 | 000,986,823 | ---- | M] () -- C:\Users\Naybad\Desktop\Trojan horse dropper.generic2.cyj [Solved].htm
[2010/11/22 20:37:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Naybad\Desktop\OTL.exe
[2010/11/22 20:06:58 | 067,949,024 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/11/16 22:28:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010/11/16 22:28:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010/11/16 22:22:40 | 000,001,080 | ---- | M] () -- C:\Users\Naybad\Desktop\Update Service.lnk
[2010/11/16 22:21:13 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2010/11/16 22:20:30 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2010/11/16 22:20:30 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2010/11/02 20:14:10 | 000,004,158 | ---- | M] () -- C:\Users\Naybad\.recently-used.xbel
[2010/10/25 18:36:10 | 000,373,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/22 22:36:52 | 000,000,901 | ---- | C] () -- C:\Users\Naybad\Desktop\ZoneAlarm Security.lnk
[2010/11/22 22:34:26 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2010/11/22 21:00:28 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/22 20:38:24 | 000,986,823 | ---- | C] () -- C:\Users\Naybad\Desktop\Trojan horse dropper.generic2.cyj [Solved].htm
[2010/11/16 22:28:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010/11/16 22:28:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010/11/16 22:22:40 | 000,001,080 | ---- | C] () -- C:\Users\Naybad\Desktop\Update Service.lnk
[2010/11/02 20:14:10 | 000,004,158 | ---- | C] () -- C:\Users\Naybad\.recently-used.xbel
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/03/14 10:26:07 | 000,437,838 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistMSI6BE4.txt
[2010/03/14 10:26:07 | 000,012,730 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistUI6BE4.txt
[2010/01/15 13:52:09 | 000,430,730 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistMSI55DE.txt
[2010/01/15 13:52:09 | 000,011,384 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistUI55DE.txt
[2009/11/22 22:58:46 | 000,471,328 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistMSI7D0D.txt
[2009/11/22 22:58:46 | 000,011,368 | ---- | C] () -- C:\Users\Naybad\AppData\Local\dd_vcredistUI7D0D.txt
[2009/10/17 13:04:19 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/17 13:03:25 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/10/17 12:47:33 | 000,034,990 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/16 22:12:23 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/10/13 18:29:10 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/08/02 23:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/06/13 15:38:49 | 000,000,057 | ---- | C] () -- C:\Windows\PT2Key-eng.ini
[2009/04/30 19:04:41 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009/02/05 19:54:13 | 000,002,032 | ---- | C] () -- C:\Users\Naybad\AppData\Local\d3d9caps.dat
[2009/01/25 17:19:53 | 000,000,094 | ---- | C] () -- C:\Users\Naybad\AppData\Local\fusioncache.dat
[2009/01/17 16:50:28 | 000,018,944 | ---- | C] () -- C:\Users\Naybad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/15 22:35:53 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009/01/11 17:24:37 | 000,777,882 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/01/10 21:17:17 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/01/10 21:17:17 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/01/10 20:55:40 | 000,039,527 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/01/10 20:54:31 | 000,038,786 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/01/10 20:53:14 | 000,002,188 | ---- | C] () -- C:\Users\Naybad\AppData\Local\d3d9caps64.dat
[2008/01/21 02:47:53 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/12/28 07:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2004/10/11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\ASUSASV2.DLL
========== LOP Check ==========
[2010/09/30 18:36:36 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\ActiveMaths
[2009/06/12 22:46:24 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\AVGTOOLBAR
[2010/11/22 22:38:56 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\CheckPoint
[2010/02/25 21:46:20 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\DeepBurner
[2010/11/02 20:27:42 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\gtk-2.0
[2009/10/17 13:20:09 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\nHancer
[2009/01/10 22:12:15 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\Razer
[2009/02/06 16:14:03 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\Red Alert 3 Demo
[2009/11/22 22:59:35 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\runic games
[2009/01/10 21:12:48 | 000,000,000 | ---D | M] -- C:\Users\Naybad\AppData\Roaming\TMP
[2010/11/22 23:22:05 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >