OTL logs any help pls - Computer Technical Help

FU_Luck · 01-30-2012, 09:50 AM

Hi all

i posted a vague post a few weeks ago about being black screened on start up.
i ran Malware anti malware bytes and superantispyware and i use AVG free edition.For my protection.
after i posted it went
today black screen is back again on start up and i have to restore to previous point to get it to load up.
Also today i have shut google chrome 4 times and when i reload it,it says something about im not using the latest version so my profile cannot be used? i dont know what that means ?

i click on tools on chrome and "about" and it tells me i have latest installed.Facebook logs me out each time i close chrome too even tho i have remain logged in ticked.

any help appreciated im not good with computers sorry

FU_Luck · 01-30-2012, 09:53 AM

OTL logfile created on: 30/01/2012 14:21:20 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vista\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1.94 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 54.71% Memory free
4.11 Gb Paging File | 2.66 Gb Available in Paging File | 64.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.04 Gb Total Space | 67.76 Gb Free Space | 48.05% Space Free | Partition Type: NTFS
Drive E: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VISTA-PC | User Name: Vista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/30 14:19:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vista\Downloads\OTL.exe
PRC - [2011/12/29 18:09:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/07 18:21:50 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/12/07 18:21:44 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/16 14:10:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2011/09/16 14:10:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/19 01:32:24 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/25 07:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/05/25 07:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/05/25 07:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/05/20 15:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/11/17 14:23:58 | 003,965,680 | ---- | M] (Birdstep Technology) -- C:\Program Files\3 Mobile Broadband\3Connect\WilogApp.exe
PRC - [2009/11/17 14:13:48 | 000,667,648 | ---- | M] (Birdstep Technology) -- C:\Program Files\3 Mobile Broadband\3Connect\AutoUpdateSrv.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/19 06:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008/09/19 02:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2006/11/09 09:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/09/18 20:12:12 | 000,843,776 | ---- | M] () -- C:\Windows\vsnpstd3.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/30 12:59:19 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10006.dll
MOD - [2012/01/30 12:59:19 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10007.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/04 19:34:11 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\UIREPAIR.DLL
MOD - [2011/08/04 19:34:10 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10005.dll
MOD - [2006/09/18 20:12:12 | 000,843,776 | ---- | M] () -- C:\Windows\vsnpstd3.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Secunia Update Agent)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/07 18:21:50 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/12/07 18:21:44 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/09/16 14:10:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011/08/19 01:32:24 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/25 07:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/09/19 02:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2008/01/23 23:10:34 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)

========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/12/07 18:22:16 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/16 14:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/09/16 14:10:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/08/04 00:42:13 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/04 00:42:13 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/25 07:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/05/10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/05/20 15:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/09/10 12:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/24 13:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/03/25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/09/04 22:14:42 | 010,186,744 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/04/26 17:18:10 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/04/24 14:09:10 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 07:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 07:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/01 20:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/09/10 20:42:00 | 000,024,808 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sqcaptur.sys -- (DCamUSBSQTECH) Dual-Mode DSC(2770)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.live.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/09/23 05:52:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/22 20:51:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/30 18:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/30 18:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/30 18:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/30 18:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.6\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/12/30 18:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/31 06:41:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Extensions
[2008/12/09 19:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Extensions\ {a463f10c-3994-11da-9945-000d60ca027b}
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012/01/28 14:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\c14tgydr.default\extensions
[2012/01/09 10:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/09 10:54:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/31 06:41:02 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/17 01:38:42 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/12/17 01:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/17 01:38:42 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/12/17 01:38:42 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/12/17 01:38:42 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google

riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: FlashBlock = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffb jijcie\1.2.11.12_0\
CHR - Extension: ******* Plus (Beta) = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: ******* = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.14_0\
CHR - Extension: AVG Safe Search = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1901_0\
CHR - Extension: FlashControl = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckim kipmoe\2.10.1_0\
CHR - Extension: Gmail = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ghrsv.com ([fb-gamefront] * in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{4588BE9E-8F83-48EE-BFEB-06A371E2046A}: NameServer = 83.136.47.249 193.120.14.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{67438000-DF33-48FD-BA4F-24455C76CAB9}: DhcpNameServer = 172.31.140.69 172.30.140.69
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Vista\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vista\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/03/20 17:20:32 | 000,027,750 | R--- | M] () - E:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/11/17 14:01:12 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{003f0a46-e537-11e0-b9a9-bdc3b02499cb}\Shell - "" = AutoRun
O33 - MountPoints2\{003f0a46-e537-11e0-b9a9-bdc3b02499cb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{009a1368-283d-11dd-8066-e27fca059c84}\Shell - "" = AutoRun
O33 - MountPoints2\{009a1368-283d-11dd-8066-e27fca059c84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{009a1388-283d-11dd-8066-e27fca059c84}\Shell - "" = AutoRun
O33 - MountPoints2\{009a1388-283d-11dd-8066-e27fca059c84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{042343b3-a22d-11df-a623-d6ad88e4eacf}\Shell - "" = AutoRun
O33 - MountPoints2\{042343b3-a22d-11df-a623-d6ad88e4eacf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{042343d0-a22d-11df-a623-d6ad88e4eacf}\Shell - "" = AutoRun
O33 - MountPoints2\{042343d0-a22d-11df-a623-d6ad88e4eacf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0ea0b8a1-08a9-11e0-8a61-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0ea0b8a1-08a9-11e0-8a61-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{13ac9d1c-9b4b-11df-999f-de59f1cb2bee}\Shell - "" = AutoRun
O33 - MountPoints2\{13ac9d1c-9b4b-11df-999f-de59f1cb2bee}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{13ac9d35-9b4b-11df-999f-de59f1cb2bee}\Shell - "" = AutoRun
O33 - MountPoints2\{13ac9d35-9b4b-11df-999f-de59f1cb2bee}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1615dda5-19f5-11dd-8155-dd5a186c7a88}\Shell - "" = AutoRun
O33 - MountPoints2\{1615dda5-19f5-11dd-8155-dd5a186c7a88}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{1615ddba-19f5-11dd-8155-dd5a186c7a88}\Shell - "" = AutoRun
O33 - MountPoints2\{1615ddba-19f5-11dd-8155-dd5a186c7a88}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{193fd155-24ed-11dd-b3f2-979c96463184}\Shell - "" = AutoRun
O33 - MountPoints2\{193fd155-24ed-11dd-b3f2-979c96463184}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{193fd157-24ed-11dd-b3f2-979c96463184}\Shell - "" = AutoRun
O33 - MountPoints2\{193fd157-24ed-11dd-b3f2-979c96463184}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{241bdfda-08b5-11e0-9e25-846eab71b802}\Shell - "" = AutoRun
O33 - MountPoints2\{241bdfda-08b5-11e0-9e25-846eab71b802}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{241bdfe6-08b5-11e0-9e25-846eab71b802}\Shell - "" = AutoRun
O33 - MountPoints2\{241bdfe6-08b5-11e0-9e25-846eab71b802}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2a8711dc-280c-11dd-a04a-8fb3c7ec7f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a8711dc-280c-11dd-a04a-8fb3c7ec7f8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2a8711f1-280c-11dd-a04a-8fb3c7ec7f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a8711f1-280c-11dd-a04a-8fb3c7ec7f8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{324627ad-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell - "" = AutoRun
O33 - MountPoints2\{324627ad-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{324627bf-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell - "" = AutoRun
O33 - MountPoints2\{324627bf-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{374336bb-a188-11df-80ed-df69e4012cce}\Shell - "" = AutoRun
O33 - MountPoints2\{374336bb-a188-11df-80ed-df69e4012cce}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{374336d6-a188-11df-80ed-df69e4012cce}\Shell - "" = AutoRun
O33 - MountPoints2\{374336d6-a188-11df-80ed-df69e4012cce}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{39c68c5a-9bd6-11df-9f22-b519bf265dcf}\Shell - "" = AutoRun
O33 - MountPoints2\{39c68c5a-9bd6-11df-9f22-b519bf265dcf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{39c68c63-9bd6-11df-9f22-b519bf265dcf}\Shell - "" = AutoRun
O33 - MountPoints2\{39c68c63-9bd6-11df-9f22-b519bf265dcf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3cc07a63-2823-11dd-9a49-dedbe89d7c85}\Shell - "" = AutoRun
O33 - MountPoints2\{3cc07a63-2823-11dd-9a49-dedbe89d7c85}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3cc07a79-2823-11dd-9a49-dedbe89d7c85}\Shell - "" = AutoRun
O33 - MountPoints2\{3cc07a79-2823-11dd-9a49-dedbe89d7c85}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{498e0849-3677-11dc-8a59-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{498e0849-3677-11dc-8a59-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{498e084b-3677-11dc-8a59-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{498e084b-3677-11dc-8a59-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{50ccbb6b-cdb5-11dd-bafc-cf90b5c39272}\Shell - "" = AutoRun
O33 - MountPoints2\{50ccbb6b-cdb5-11dd-bafc-cf90b5c39272}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{50ccbb93-cdb5-11dd-bafc-cf90b5c39272}\Shell - "" = AutoRun
O33 - MountPoints2\{50ccbb93-cdb5-11dd-bafc-cf90b5c39272}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5115c8b9-3607-11dc-b3b8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5115c8b9-3607-11dc-b3b8-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5115c8ce-3607-11dc-b3b8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5115c8ce-3607-11dc-b3b8-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5fb9e231-9167-11dc-9ce3-c725e0e9cd63}\Shell - "" = AutoRun
O33 - MountPoints2\{5fb9e231-9167-11dc-9ce3-c725e0e9cd63}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5fb9e246-9167-11dc-9ce3-c725e0e9cd63}\Shell - "" = AutoRun
O33 - MountPoints2\{5fb9e246-9167-11dc-9ce3-c725e0e9cd63}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{667cf63d-d9b9-11de-b93d-9372856e2535}\Shell - "" = AutoRun
O33 - MountPoints2\{667cf63d-d9b9-11de-b93d-9372856e2535}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{667cf63e-d9b9-11de-b93d-9372856e2535}\Shell - "" = AutoRun
O33 - MountPoints2\{667cf63e-d9b9-11de-b93d-9372856e2535}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{689d296f-283e-11dd-92d4-94d2a839c684}\Shell - "" = AutoRun
O33 - MountPoints2\{689d296f-283e-11dd-92d4-94d2a839c684}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{689d2972-283e-11dd-92d4-94d2a839c684}\Shell - "" = AutoRun
O33 - MountPoints2\{689d2972-283e-11dd-92d4-94d2a839c684}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7696a632-7d30-11de-a36b-e502414c2ddb}\Shell - "" = AutoRun
O33 - MountPoints2\{7696a632-7d30-11de-a36b-e502414c2ddb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7696a633-7d30-11de-a36b-e502414c2ddb}\Shell - "" = AutoRun
O33 - MountPoints2\{7696a633-7d30-11de-a36b-e502414c2ddb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{919e7de3-1d6f-11de-bf58-c57dd5c29b89}\Shell - "" = AutoRun
O33 - MountPoints2\{919e7de3-1d6f-11de-bf58-c57dd5c29b89}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{942b5b6c-a7e9-11df-9026-e0ad49d8acd2}\Shell - "" = AutoRun
O33 - MountPoints2\{942b5b6c-a7e9-11df-9026-e0ad49d8acd2}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{942b5b85-a7e9-11df-9026-881ba50fd479}\Shell - "" = AutoRun
O33 - MountPoints2\{942b5b85-a7e9-11df-9026-881ba50fd479}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{9b965a27-91c9-11df-8cec-d3e6ea59f4ca}\Shell - "" = AutoRun
O33 - MountPoints2\{9b965a27-91c9-11df-8cec-d3e6ea59f4ca}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{9b965a44-91c9-11df-8cec-d3e6ea59f4ca}\Shell - "" = AutoRun
O33 - MountPoints2\{9b965a44-91c9-11df-8cec-d3e6ea59f4ca}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a44d404a-c12a-11e0-98c5-ae522d4a5904}\Shell - "" = AutoRun
O33 - MountPoints2\{a44d404a-c12a-11e0-98c5-ae522d4a5904}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a44d404e-c12a-11e0-98c5-db896a8a3bd3}\Shell - "" = AutoRun
O33 - MountPoints2\{a44d404e-c12a-11e0-98c5-db896a8a3bd3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ae0f0823-e99a-11dc-83b7-a47b18812f61}\Shell - "" = AutoRun
O33 - MountPoints2\{ae0f0823-e99a-11dc-83b7-a47b18812f61}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{ae0f0825-e99a-11dc-83b7-a47b18812f61}\Shell - "" = AutoRun
O33 - MountPoints2\{ae0f0825-e99a-11dc-83b7-a47b18812f61}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b01220d7-0ca2-11dd-b95d-ee2b13b38ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{b01220d7-0ca2-11dd-b95d-ee2b13b38ebd}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b01220ec-0ca2-11dd-b95d-ee2b13b38ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{b01220ec-0ca2-11dd-b95d-ee2b13b38ebd}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b3ed4a46-9366-11df-ba87-f98555e2f4cf}\Shell - "" = AutoRun
O33 - MountPoints2\{b3ed4a46-9366-11df-ba87-f98555e2f4cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b3ed4a63-9366-11df-ba87-f98555e2f4cf}\Shell - "" = AutoRun
O33 - MountPoints2\{b3ed4a63-9366-11df-ba87-f98555e2f4cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b75a0dbb-2132-11dd-9195-a1b80278ac86}\Shell - "" = AutoRun
O33 - MountPoints2\{b75a0dbb-2132-11dd-9195-a1b80278ac86}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b75a0dbe-2132-11dd-9195-a1b80278ac86}\Shell - "" = AutoRun
O33 - MountPoints2\{b75a0dbe-2132-11dd-9195-a1b80278ac86}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c266d263-d463-11dd-ba90-e5a7c1ce088a}\Shell - "" = AutoRun
O33 - MountPoints2\{c266d263-d463-11dd-ba90-e5a7c1ce088a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c2aecf0b-3b18-11dd-958a-d8c596d36ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{c2aecf0b-3b18-11dd-958a-d8c596d36ebd}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c2aecf0d-3b18-11dd-958a-d8c596d36ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{c2aecf0d-3b18-11dd-958a-d8c596d36ebd}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c4b3e8c4-7823-11e0-bc3f-a8f6e1369b48}\Shell - "" = AutoRun
O33 - MountPoints2\{c4b3e8c4-7823-11e0-bc3f-a8f6e1369b48}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c7db49bd-4711-11dc-91a0-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{c7db49bd-4711-11dc-91a0-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{c7db49d2-4711-11dc-91a0-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{c7db49d2-4711-11dc-91a0-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d6f63874-d466-11dd-9c63-ca23a1f09185}\Shell - "" = AutoRun
O33 - MountPoints2\{d6f63874-d466-11dd-9c63-ca23a1f09185}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d6f638a8-d466-11dd-9c63-ca23a1f09185}\Shell - "" = AutoRun
O33 - MountPoints2\{d6f638a8-d466-11dd-9c63-ca23a1f09185}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d713f5fc-0735-11e1-92ac-b967fba928c2}\Shell - "" = AutoRun
O33 - MountPoints2\{d713f5fc-0735-11e1-92ac-b967fba928c2}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d9254302-a1bd-11dc-a394-a41a67342996}\Shell - "" = AutoRun
O33 - MountPoints2\{d9254302-a1bd-11dc-a394-a41a67342996}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{dc05f2b7-9172-11dc-9df5-8d2d3519a866}\Shell - "" = AutoRun
O33 - MountPoints2\{dc05f2b7-9172-11dc-9df5-8d2d3519a866}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{ee17d7e9-a604-11df-aec9-819116b41ab2}\Shell - "" = AutoRun
O33 - MountPoints2\{ee17d7e9-a604-11df-aec9-819116b41ab2}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a1728-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a1728-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172a-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172a-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172c-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172c-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172e-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172e-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f503dd00-e405-11dc-a997-80ee52785d62}\Shell - "" = AutoRun
O33 - MountPoints2\{f503dd00-e405-11dc-a997-80ee52785d62}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f503dd1b-e405-11dc-a997-80ee52785d62}\Shell - "" = AutoRun
O33 - MountPoints2\{f503dd1b-e405-11dc-a997-80ee52785d62}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f6ee6d99-1a3b-11dd-b318-f76266598b8a}\Shell - "" = AutoRun
O33 - MountPoints2\{f6ee6d99-1a3b-11dd-b318-f76266598b8a}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f6ee6d9b-1a3b-11dd-b318-f76266598b8a}\Shell - "" = AutoRun
O33 - MountPoints2\{f6ee6d9b-1a3b-11dd-b318-f76266598b8a}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fbd60b32-4a48-11dc-8353-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{fbd60b32-4a48-11dc-8353-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fbd60b34-4a48-11dc-8353-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{fbd60b34-4a48-11dc-8353-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fd42d0e8-28b0-11dd-8edb-afcb02bcaf8b}\Shell - "" = AutoRun
O33 - MountPoints2\{fd42d0e8-28b0-11dd-8edb-afcb02bcaf8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{fd42d0ea-28b0-11dd-8edb-afcb02bcaf8b}\Shell - "" = AutoRun
O33 - MountPoints2\{fd42d0ea-28b0-11dd-8edb-afcb02bcaf8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AliceConnect - hkey= - key= - C:\Program Files\3 Mobile Broadband\3Connect\Wilog.exe (Birdstep Technology)
MsConfig - StartUpReg: BVRPLiveUpdate - hkey= - key= - File not found
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Vista\AppData\Local\Google\Update\GoogleU pdate.exe (Google Inc.)
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Program Files\Common Files\aol\1169589316\ee\aolsoftware.exe (America Online, Inc.)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg: Malwarebytes Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: MSC - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: SmpcSys - hkey= - key= - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
MsConfig - StartUpReg: snpstd3 - hkey= - key= - C:\Windows\vsnpstd3.exe ()
MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
MsConfig - StartUpReg: toolbar_eula_launcher - hkey= - key= - C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
MsConfig - StartUpReg: VX1000 - hkey= - key= - C:\Windows\vVX1000.exe (Microsoft Corporation)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 0

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CAB09EF3-B41F-4295-8D20-C439F742F1A2} - Windows Media Player
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: >{ee9457db-ddcb-4a5d-a18f-d27e56a97781} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2012/01/16 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\Vista\AppData\Local\LogMeIn
[2012/01/16 20:46:06 | 000,030,592 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2012/01/16 20:45:59 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2012/01/16 20:45:58 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\LMIRfsDriver.sys
[2012/01/16 20:45:49 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2012/01/16 20:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012/01/16 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2012/01/11 09:17:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 09:17:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 09:17:50 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 09:17:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 09:17:43 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/09 10:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/01/09 10:54:02 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/01/09 10:54:02 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/01/09 10:54:01 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/01/02 09:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/01/24 22:09:01 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2912.dll
[2006/10/05 15:50:22 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 19:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2004/10/11 18:46:32 | 000,205,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltefx13n.dll
[2004/01/19 13:31:00 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil13n.DLL
[2004/01/19 12:31:06 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfiff13n.dll
[2004/01/19 12:31:06 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfCUT13n.dll
[2004/01/19 11:31:50 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn13n.dll
[2004/01/19 11:12:00 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcgm13n.dll
[2004/01/19 10:49:52 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFJ2K13n.dll
[2004/01/19 10:49:08 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpng13n.dll
[2004/01/19 10:47:36 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfwmf13n.dll
[2004/01/19 10:47:04 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMW13n.dll
[2004/01/19 10:45:38 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMP13n.DLL
[2004/01/19 10:44:52 | 000,143,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftif13n.dll
[2004/01/19 10:36:48 | 000,056,832 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpsd13n.dll
[2004/01/19 10:36:36 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd13n.dll
[2004/01/19 10:36:32 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx13n.dll
[2004/01/19 10:36:24 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpct13n.dll
[2004/01/19 10:36:18 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmsp13n.dll
[2004/01/19 10:35:56 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmac13n.dll
[2004/01/19 10:35:34 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfimg13n.dll
[2004/01/19 10:34:50 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfclp13n.dll
[2004/01/19 10:34:42 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp13n.dll
[2004/01/19 10:33:48 | 000,444,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltimg13n.dll
[2004/01/19 10:32:18 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS13n.dll
[2000/05/02 03:17:00 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
[1999/11/18 22:00:00 | 000,284,032 | ---- | C] (Xceed Software Inc (450) 442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\Program Files\XceedZip.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/30 14:19:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/30 14:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2012/01/30 13:35:04 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 13:35:04 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 13:35:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354758293-3143382141-3762374939-1002UA.job
[2012/01/30 11:43:27 | 087,779,924 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/30 11:34:55 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/30 11:34:51 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/01/30 11:34:47 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/01/30 11:34:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/30 11:34:26 | 2078,859,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/28 03:35:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354758293-3143382141-3762374939-1002Core.job
[2012/01/26 21:18:12 | 000,435,528 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/26 12:32:41 | 000,002,045 | ---- | M] () -- C:\Users\Vista\Desktop\Google Chrome.lnk
[2012/01/26 12:32:41 | 000,002,007 | ---- | M] () -- C:\Users\Vista\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/21 20:17:33 | 000,001,627 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/17 21:11:59 | 000,617,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/17 21:11:58 | 000,111,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/16 20:45:45 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/01/09 10:53:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/01/09 10:53:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/01/09 10:53:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/01/09 10:53:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/16 20:45:41 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/01/16 20:44:51 | 000,000,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012/01/02 09:16:43 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/01/22 22:36:07 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/12/16 01:47:43 | 000,071,262 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2010/12/01 22:56:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/09 16:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/04/05 04:43:26 | 000,000,045 | ---- | C] () -- C:\Users\Vista\AppData\Local\machpro.dat
[2009/07/21 23:33:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/21 23:33:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/06/18 22:37:22 | 000,005,028 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/04/25 17:07:59 | 000,000,088 | ---- | C] () -- C:\Users\Vista\AppData\Local\mmqkamo.bat
[2008/07/23 17:24:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.b in
[2008/03/04 03:29:31 | 000,000,093 | ---- | C] () -- C:\Users\Vista\AppData\Local\fusioncache.dat
[2008/02/26 21:02:37 | 000,000,040 | ---- | C] () -- C:\Windows\ujf635.bin
[2008/01/04 14:13:15 | 000,032,854 | ---- | C] () -- C:\Windows\iniLS.dat
[2008/01/02 13:14:19 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/01/02 13:14:19 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2007/10/12 08:01:03 | 000,020,228 | ---- | C] () -- C:\Users\Vista\AppData\Roaming\UserTile.png
[2007/09/27 20:21:12 | 000,015,473 | ---- | C] () -- C:\Windows\snpstd3.ini
[2007/06/22 06:05:17 | 000,000,000 | ---- | C] () -- C:\Users\Vista\AppData\Roaming\wklnhst.dat
[2007/06/13 02:50:32 | 000,071,680 | ---- | C] () -- C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/12 14:28:38 | 000,008,160 | ---- | C] () -- C:\Users\Vista\AppData\Local\d3d9caps.dat
[2007/01/23 21:55:07 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/01/23 21:51:49 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/21 10:06:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,324,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,617,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,111,958 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/18 20:12:12 | 000,843,776 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2006/05/02 22:38:24 | 000,072,444 | ---- | C] () -- C:\Windows\SetBrowser.exe
[2006/05/02 22:38:24 | 000,000,748 | ---- | C] () -- C:\Windows\SetBrowser.ini
[2006/04/19 23:14:32 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2005/09/06 10:04:16 | 002,232,320 | ---- | C] () -- C:\Windows\System32\I2E_CINT.dll
[2005/01/07 05:55:50 | 000,249,856 | ---- | C] () -- C:\Windows\System32\I2E_CIIO.dll

========== Custom Scans ==========

< >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2006/11/02 08:55:12 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\1394bus.sys
[2009/04/11 06:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\acpi.sys
[2006/11/02 09:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys
[2006/11/02 09:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys
[2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys
[2006/11/02 09:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys
[2011/04/21 13:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\afd.sys
[2006/11/02 09:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\AGP440.sys
[2006/11/02 09:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys
[2006/11/02 09:49:59 | 000,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\AMDAGP.SYS
[2006/11/02 09:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\amdide.sys
[2006/11/02 08:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\amdk7.sys
[2008/01/19 05:27:20 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\amdk8.sys
[2006/11/02 09:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys
[2006/11/02 09:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys
[2008/01/19 05:56:29 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\asyncmac.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\atapi.sys
[2009/04/11 06:32:42 | 000,109,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ataport.sys
[2006/11/14 16:35:00 | 000,025,136 | ---- | M] (America Online) -- C:\Windows\system32\drivers\atwpkt2.sys
[2006/11/14 16:35:15 | 000,033,592 | ---- | M] (America Online) -- C:\Windows\system32\drivers\atwpkt264.sys
[2011/07/11 00:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\system32\drivers\AVGIDSDriver.sys
[2011/07/11 00:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\system32\drivers\AVGIDSEH.sys
[2011/07/11 00:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\system32\drivers\AVGIDSFilter.sys
[2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\system32\drivers\AVGIDSShim.sys
[2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\system32\drivers\avgldx86.sys
[2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\system32\drivers\avgmfx86.sys
[2009/12/07 18:58:52 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\system32\drivers\avgntflt.sys
[2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\system32\drivers\avgrkx86.sys
[2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\system32\drivers\avgtdix.sys
[2006/11/02 09:49:47 | 000,025,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\battc.sys
[2008/01/19 05:53:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\bdasup.sys
[2008/01/19 05:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\beep.sys
[2011/02/22 13:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\bowser.sys
[2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\BrFiltLo.sys
[2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\BrFiltUp.sys
[2009/04/11 05:42:55 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\bridge.sys
[2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\BrSerId.sys
[2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\BrSerWdm.sys
[2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
[2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\BrUsbSer.sys
[2006/11/02 08:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\bthmodem.sys
[2008/01/19 05:28:02 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\cdfs.sys
[2006/07/24 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) -- C:\Windows\system32\drivers\cdr4_xp.sys
[2006/07/24 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) -- C:\Windows\system32\drivers\cdralw2k.sys
[2009/04/11 04:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\cdrom.sys
[2006/11/02 08:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\circlass.sys
[2009/04/11 06:32:43 | 000,125,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Classpnp.sys
[2006/11/02 09:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys
[2006/11/02 09:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\compbatt.sys
[2009/04/11 06:32:30 | 000,035,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\crashdmp.sys
[2006/11/02 09:49:43 | 000,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\crcdisk.sys
[2006/11/02 08:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\crusoe.sys
[2011/04/14 14:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\dfsc.sys
[2009/04/11 06:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\disk.sys
[2009/04/11 04:39:11 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Diskdump.sys
[2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys
[2008/01/19 06:53:03 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\drmk.sys
[2008/01/19 05:53:16 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\drmkaud.sys
[2009/04/11 06:32:29 | 000,027,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Dumpata.sys
[2008/01/19 05:36:12 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\dxapi.sys
[2009/04/11 04:23:23 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\dxg.sys
[2011/01/20 16:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\dxgkrnl.sys
[2006/11/02 07:30:54 | 000,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\E1G60I32.sys
[2009/04/11 06:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ecache.sys
[2006/11/02 09:51:34 | 000,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys
[2007/08/09 02:06:40 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\system32\drivers\ewdcsc.sys
[2009/07/24 13:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\system32\drivers\ewusbdev.sys
[2009/09/10 12:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\system32\drivers\ewusbmdm.sys
[2009/06/22 18:01:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\system32\drivers\ewusbnet.sys
[2009/04/11 04:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\exfat.sys
[2009/04/11 04:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fastfat.sys
[2006/11/02 08:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fdc.sys
[2008/01/19 07:42:31 | 000,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fileinfo.sys
[2008/01/19 05:30:23 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\filetrace.sys
[2006/11/02 08:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\flpydisk.sys
[2009/04/11 06:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fltMgr.sys
[2008/01/19 05:27:57 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fs_rec.sys
[2009/04/11 06:32:43 | 000,099,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\FWPKCLNT.SYS
[2006/11/02 09:50:04 | 000,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\GAGP30KX.SYS
[2009/05/18 12:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys
[2009/04/11 04:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hdaudbus.sys
[2006/11/02 08:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hidbth.sys
[2009/04/11 04:42:48 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hidclass.sys
[2006/11/02 08:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hidir.sys
[2008/01/19 05:53:16 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hidparse.sys
[2009/04/11 04:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\hidusb.sys
[2006/11/02 09:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\HpCISSs.sys
[2007/04/26 17:18:10 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\HSXHWBS2.sys
[2007/04/26 17:17:54 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\HSX_CNXT.sys
[2007/04/26 17:19:26 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\HSX_DPV.sys
[2010/02/20 20:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\http.sys
[2006/11/02 09:49:25 | 000,016,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\i2omgmt.sys
[2006/11/02 09:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\i2omp.sys
[2008/01/19 05:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\i8042prt.sys
[2006/11/02 09:51:25 | 000,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iaStorV.sys
[2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys
[2006/11/02 09:49:24 | 000,014,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\intelide.sys
[2006/11/02 08:30:18 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\intelppm.sys
[2008/01/19 05:56:23 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ipfltdrv.sys
[2006/11/02 08:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\IPMIDrv.sys
[2008/01/19 05:56:28 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ipnat.sys
[2008/01/19 05:55:26 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\irda.sys
[2008/01/19 05:55:19 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\irenum.sys
[2006/11/02 09:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\isapnp.sys
[2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys
[2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys
[2008/01/19 07:41:52 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\kbdclass.sys
[2009/04/11 04:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\kbdhid.sys
[2009/04/11 04:38:49 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ks.sys
[2011/11/17 06:48:37 | 000,440,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecdd.sys
[2008/01/19 05:55:03 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\lltdio.sys
[2011/09/16 14:10:24 | 000,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\drivers\lmimirr.sys
[2011/09/16 14:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\drivers\LMIRfsDriver.sys
[2006/11/02 09:50:04 | 000,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys
[2006/11/02 09:50:05 | 000,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys
[2006/11/02 09:50:10 | 000,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys
[2008/01/19 05:30:36 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\luafv.sys
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys
[2008/01/19 05:49:59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mcd.sys
[2006/06/19 14:26:58 | 000,012,672 | ---- | M] (Conexant) -- C:\Windows\system32\drivers\mdmxsdk.sys
[2006/11/02 09:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys
[2008/01/19 05:57:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\modem.sys
[2008/01/19 05:57:16 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\MODEMCSA.sys
[2008/01/19 05:52:19 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\monitor.sys
[2008/01/19 07:41:52 | 000,034,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mouclass.sys
[2008/01/19 05:49:16 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mouhid.sys
[2008/01/19 07:42:28 | 000,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mountmgr.sys
[2006/11/02 09:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mpio.sys
[2008/01/19 05:54:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mpsdrv.sys
[2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\Mraid35x.sys
[2009/04/11 04:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxdav.sys
[2011/04/29 13:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb.sys
[2011/07/06 15:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys
[2011/04/29 13:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb20.sys
[2006/11/02 09:49:44 | 000,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msahci.sys
[2006/11/02 09:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msdsm.sys
[2008/01/19 05:28:09 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msfs.sys
[2008/01/19 07:41:14 | 000,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msisadrv.sys
[2009/04/11 06:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msiscsi.sys
[2008/01/19 05:49:20 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mskssrv.sys
[2008/01/19 05:49:18 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mspclock.sys
[2008/01/19 05:49:18 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mspqm.sys
[2009/04/11 06:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msrpc.sys
[2008/01/19 07:41:49 | 000,031,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mssmbios.sys
[2008/01/19 05:49:19 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mstee.sys
[2009/04/11 06:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mup.sys
[2009/04/11 06:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndis.sys
[2008/01/19 05:56:24 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndistapi.sys
[2008/01/19 05:55:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndisuio.sys
[2009/04/11 04:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndiswan.sys
[2008/01/19 05:56:28 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndproxy.sys
[2011/05/10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) -- C:\Windows\system32\drivers\netaapl.sys
[2008/01/19 05:55:45 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\netbios.sys
[2009/04/11 04:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\netbt.sys
[2010/04/05 20:00:40 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\netio.sys
[2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys
[2009/04/11 04:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\npfs.sys
[2008/01/19 05:55:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\nsiproxy.sys
[2009/04/11 06:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ntfs.sys
[2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys
[2009/05/09 00:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\nuidfltr.sys
[2008/01/19 05:49:12 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\null.sys
[2011/05/25 07:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvlddmkm.sys
[2006/11/02 07:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvm60x32.sys
[2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvmfdx32.sys
[2006/11/02 09:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys
[2007/01/05 20:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys
[2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor32.sys
[2006/11/02 09:50:40 | 000,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\NV_AGP.SYS
[2009/04/11 04:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\nwifi.sys
[2006/11/02 08:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ohci1394.sys
[2009/04/11 04:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pacer.sys
[2006/11/02 08:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\parport.sys
[2009/04/11 06:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\partmgr.sys
[2006/11/02 08:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\parvdm.sys
[2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) -- C:\Windows\system32\drivers\pccsmcfd.sys
[2009/04/11 06:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pci.sys
[2009/04/11 06:32:49 | 000,014,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pciide.sys
[2009/04/11 06:32:52 | 000,043,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pciidex.sys
[2006/11/02 09:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pcmcia.sys
[2006/11/02 09:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\PEAuth.sys
[2009/04/11 04:42:50 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\portcls.sys
[2006/11/02 08:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\processr.sys
[2006/09/27 21:53:22 | 000,036,560 | ---- | M] (Sonic Solutions) -- C:\Windows\system32\drivers\pxhelp20.sys
[2006/11/02 09:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys
[2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys
[2008/01/19 05:56:07 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\qwavedrv.sys
[2008/01/19 05:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rasacd.sys
[2008/01/19 05:56:34 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rasl2tp.sys
[2009/04/11 04:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\raspppoe.sys
[2008/01/19 05:56:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\raspptp.sys
[2009/04/11 04:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rassstp.sys
[2009/04/11 04:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rdbss.sys
[2008/01/19 06:01:08 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\RDPCDD.sys
[2006/11/02 09:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rdpdr.sys
[2008/01/19 06:01:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\RDPENCDD.sys
[2009/04/11 04:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rdpwd.sys
[2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) -- C:\Windows\system32\drivers\revoflt.sys
[2009/04/11 04:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rmcast.sys
[2009/04/11 04:46:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\RNDISMP.sys
[2008/01/19 05:57:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rootmdm.sys
[2008/01/19 05:55:03 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\rspndr.sys
[2006/11/08 18:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys
[2009/03/25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018bus.sys
[2009/03/25 15:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018cm.sys
[2009/03/25 15:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018cmnt.sys
[2009/03/25 15:48:00 | 000,010,792 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018cr.sys
[2009/03/25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018mdfl.sys
[2009/03/25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018mdm.sys
[2009/03/25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018mgmt.sys
[2009/03/25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018nd5.sys
[2009/03/25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018obex.sys
[2009/03/25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) --

(continued in next post was too long sorry)

FU_Luck · 01-30-2012, 09:54 AM

C:\Windows\system32\drivers\s1018unic.sys
[2009/03/25 15:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018wh.sys
[2009/03/25 15:48:00 | 000,012,200 | ---- | M] (MCCI Corporation) -- C:\Windows\system32\drivers\s1018whnt.sys
[2006/11/02 09:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sbp2port.sys
[2008/01/19 07:42:10 | 000,142,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\scsiport.sys
[2006/11/02 06:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\system32\drivers\secdrv.sys
[2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\system32\drivers\seehcri.sys
[2006/11/02 08:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\serenum.sys
[2006/11/02 08:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\serial.sys
[2008/01/19 05:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sermouse.sys
[2006/11/02 08:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sffdisk.sys
[2006/11/02 08:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sffp_mmc.sys
[2006/11/02 08:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sffp_sd.sys
[2006/11/02 08:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sfloppy.sys
[2006/11/02 09:49:51 | 000,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\SISAGP.SYS
[2006/11/02 09:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys
[2006/11/02 09:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys
[2009/04/11 04:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\smb.sys
[2008/01/19 05:49:30 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\smclib.sys
[2008/09/04 22:14:42 | 010,186,744 | ---- | M] (Sonix Co. Ltd.) -- C:\Windows\system32\drivers\snpstd3.sys
[2008/01/19 07:41:30 | 000,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\spldr.sys
[2009/04/11 02:52:40 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\spsys.sys
[2002/08/07 17:47:28 | 000,025,193 | ---- | M] (Service & Quality Technology.) -- C:\Windows\system32\drivers\SQCamD.sys
[2002/09/10 20:42:00 | 000,024,808 | ---- | M] (Service & Quality Technology.) -- C:\Windows\system32\drivers\sqcaptur.sys
[2011/02/18 14:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\srv.sys
[2011/04/29 13:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\srv2.sys
[2011/04/29 13:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\srvnet.sys
[2009/04/11 06:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Storport.sys
[2009/04/11 04:42:47 | 000,052,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\stream.sys
[2008/01/19 07:41:14 | 000,015,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\swenum.sys
[2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys
[2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys
[2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys
[2008/01/19 05:49:56 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tape.sys
[2011/09/20 21:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpip.sys
[2011/09/20 13:44:04 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpipreg.sys
[2008/01/19 05:57:10 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdi.sys
[2008/01/19 06:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdpipe.sys
[2008/01/19 06:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdtcp.sys
[2009/04/11 04:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tdx.sys
[2009/04/11 06:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\termdd.sys
[2008/01/19 06:01:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tssecsrv.sys
[2008/01/19 05:55:41 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\TUNMP.SYS
[2010/02/18 11:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tunnel.sys
[2006/11/02 09:49:59 | 000,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\UAGP35.SYS
[2009/04/11 04:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\udfs.sys
[2006/11/02 09:50:04 | 000,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ULIAGPKX.SYS
[2006/11/02 09:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys
[2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys
[2006/11/02 09:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys
[2008/01/19 05:53:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\umbus.sys
[2008/01/19 05:53:39 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\umpass.sys
[2009/04/11 04:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usb8023.sys
[2011/05/10 07:06:08 | 000,042,496 | ---- | M] (Apple, Inc.) -- C:\Windows\system32\drivers\usbaapl.sys
[2009/04/11 04:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\USBAUDIO.sys
[2009/04/11 04:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\USBCAMD.sys
[2009/04/11 04:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\USBCAMD2.sys
[2008/01/19 05:53:29 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbccgp.sys
[2006/11/02 08:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbcir.sys
[2008/01/19 05:53:17 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbd.sys
[2009/04/11 04:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbehci.sys
[2009/04/11 04:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbhub.sys
[2009/04/11 04:42:52 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbohci.sys
[2009/04/11 04:42:57 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbport.sys
[2006/11/02 09:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbprint.sys
[2009/04/11 04:42:54 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbser.sys
[2008/10/05 18:33:10 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbsermptxp.sys
[2009/04/11 04:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\USBSTOR.SYS
[2006/11/02 08:55:05 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\usbuhci.sys
[2008/01/19 05:52:06 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\vga.sys
[2006/11/02 08:53:56 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\vgapnp.sys
[2006/11/02 09:49:52 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\VIAAGP.SYS
[2006/11/02 08:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\viac7.sys
[2006/11/02 09:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys
[2008/01/19 05:52:12 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\videoprt.sys
[2008/01/19 07:42:18 | 000,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volmgr.sys
[2009/04/11 06:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volmgrx.sys
[2009/04/11 06:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volsnap.sys
[2006/11/02 09:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys
[2006/11/02 07:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\VSTBS23.SYS
[2006/11/02 07:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS
[2006/11/02 07:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\VSTDPV3.SYS
[2010/05/20 15:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\VX1000.sys
[2006/11/02 08:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wacompen.sys
[2008/01/19 05:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wanarp.sys
[2006/11/01 20:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) -- C:\Windows\system32\drivers\wanatw4.sys
[2009/04/11 04:22:46 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\watchdog.sys
[2006/11/02 09:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wd.sys
[2009/07/14 17:45:07 | 000,445,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Wdf01000.sys
[2009/07/14 17:45:07 | 000,038,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WdfLdr.sys
[2006/11/02 08:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wmiacpi.sys
[2008/01/19 07:41:20 | 000,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wmilib.sys
[2009/10/01 01:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WpdUsb.sys
[2008/01/19 05:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ws2ifsl.sys
[2008/01/19 05:52:50 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WUDFPf.sys
[2008/01/19 05:53:04 | 000,083,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WUDFRd.sys
[2007/04/24 14:09:10 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\XAudio.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2007/04/24 14:09:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\drivers\XAudio.exe

< %SYSTEMDRIVE%\*.* >
[2012/01/16 20:45:45 | 000,001,024 | ---- | M] () -- C:\.rnd
[2006/09/18 21:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 06:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/01/24 05:36:48 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 21:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/10/05 18:32:52 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2012/01/30 11:34:26 | 2078,859,264 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/05 06:26:13 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2008/04/04 07:23:43 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/01/23 21:57:14 | 000,001,804 | -H-- | M] () -- C:\IPH.PH
[2010/04/29 22:16:20 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008/04/04 07:23:43 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/01/30 11:34:22 | 2392,666,112 | -HS- | M] () -- C:\pagefile.sys
[2007/10/07 23:53:03 | 000,915,198 | ---- | M] () -- C:\TB.log
[2008/03/09 15:30:45 | 000,000,162 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2010/12/16 01:47:21 | 000,000,000 | ---D | M] -- C:\Program Files\3 Mobile Broadband
[2011/08/31 07:49:40 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/04/17 12:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2007/01/23 21:56:23 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2007/01/23 21:57:09 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.0 VR
[2011/07/07 18:38:03 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/10/17 22:36:56 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/02/21 14:56:00 | 000,000,000 | ---D | M] -- C:\Program Files\Betfair
[2011/10/17 16:13:44 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/06/30 04:56:19 | 000,000,000 | ---D | M] -- C:\Program Files\BrucePoker.com
[2011/11/10 14:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2008/07/21 14:14:25 | 000,000,000 | ---D | M] -- C:\Program Files\CoffeeCup Software
[2012/01/09 10:59:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/01/22 22:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/07/08 01:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/06/09 03:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\DoylesRoom
[2008/02/11 18:15:46 | 000,000,000 | ---D | M] -- C:\Program Files\EA SPORTS
[2010/07/09 07:26:11 | 000,000,000 | ---D | M] -- C:\Program Files\Flock
[2011/11/17 19:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Full Tilt Poker
[2010/12/24 17:39:40 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2007/01/23 21:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\HDReg
[2010/12/16 01:47:46 | 000,000,000 | ---D | M] -- C:\Program Files\Huawei Modems
[2007/07/19 14:59:34 | 000,000,000 | ---D | M] -- C:\Program Files\Huawei technologies
[2010/04/20 17:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\In The Money
[2011/11/16 19:46:32 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/12/22 03:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/03/04 03:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Internet from BT
[2011/05/22 05:53:08 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2011/11/17 04:37:03 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2012/01/21 20:17:20 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/10/26 14:01:41 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/01/12 16:46:34 | 000,000,000 | ---D | M] -- C:\Program Files\Live-Player
[2012/01/16 20:49:17 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2007/12/14 22:09:35 | 000,000,000 | ---D | M] -- C:\Program Files\Macrogaming
[2012/01/26 21:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE
[2011/12/29 20:13:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/13 12:05:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2007/10/01 01:16:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/01/22 22:12:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2012/01/02 09:16:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/10/12 14:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/10/14 18:24:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/26 00:08:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/07 06:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mobile Partner
[2010/08/11 19:01:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/12/31 06:41:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/15 23:05:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 4.0 Beta 2
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/01/02 09:15:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2007/06/11 22:32:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/12/21 23:57:01 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2008/03/04 03:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Packard Bell
[2009/12/29 15:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2008/06/05 16:36:19 | 000,000,000 | ---D | M] -- C:\Program Files\Picture Organiser
[2008/01/16 19:25:10 | 000,000,000 | ---D | M] -- C:\Program Files\Poker Tracker V2
[2008/05/21 02:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\PokerRoom.com
[2012/01/24 13:51:23 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2009/12/29 14:31:59 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStove
[2009/09/06 15:55:21 | 000,000,000 | ---D | M] -- C:\Program Files\PokerTracker 3
[2009/06/18 22:40:34 | 000,000,000 | ---D | M] -- C:\Program Files\PostgreSQL
[2010/04/09 19:15:06 | 000,000,000 | ---D | M] -- C:\Program Files\PSQLINSTALL
[2011/10/31 17:16:17 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2011/05/29 22:20:19 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2007/01/23 21:51:28 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/01/23 22:01:03 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/07/09 07:26:57 | 000,000,000 | ---D | M] -- C:\Program Files\RVG Software
[2008/03/04 03:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Seagate
[2011/12/30 17:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\Secunia
[2007/11/27 16:34:17 | 000,000,000 | ---D | M] -- C:\Program Files\Serif
[2008/10/08 01:07:23 | 000,000,000 | ---D | M] -- C:\Program Files\Silvercrest NM1005 driver
[2011/10/14 02:04:33 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2008/03/09 16:02:36 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2011/12/29 18:09:21 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2010/07/09 07:29:23 | 000,000,000 | ---D | M] -- C:\Program Files\TableNinja
[2011/06/10 20:12:35 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer
[2010/02/17 04:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/12/29 15:10:03 | 000,000,000 | ---D | M] -- C:\Program Files\Uniblue
[2006/11/02 13:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/05/14 06:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/01/23 21:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2011/12/22 05:35:14 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2009/07/22 08:48:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/07/22 08:48:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/07/22 08:48:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/22 08:48:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/08/22 22:20:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/03/13 12:11:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2012/01/12 00:35:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/13 08:12:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 12:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/22 08:48:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 03:01:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/10/11 04:15:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/06/09 03:17:41 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< MD5 for: ATAPI.SYS >
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_b12d8e84\atapi.sys
[2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 07:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_cc18792d\atapi.sys
[2008/01/19 07:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 09:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_c6c2e699\atapi.sys
[2008/02/13 19:07:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_7de13c21\atapi.sys
[2008/02/13 19:07:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/13 19:07:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83 bb287ccdb7e3\explorer.exe
[2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177 ca9879e978e8\explorer.exe
[2008/10/30 03:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4 f8c7931bd1e1\explorer.exe
[2007/11/15 15:09:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac 29707cae347a\explorer.exe
[2007/11/15 15:09:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f 261995dcf2cf\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0 201e76de3a0b\explorer.exe
[2008/10/28 02:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033 cb5995cd990b\explorer.exe
[2006/11/02 09:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7d e5167cd15deb\explorer.exe
[2008/01/19 07:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4 a71279bc6ebf\explorer.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 07:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 07:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28 ba15d1aff80b\userinit.exe
[2006/11/02 09:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1 f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae 7a22d2134741\winlogon.exe
[2006/11/02 09:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c 3f1ad8066b21\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/19 07:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc3 0116d4f17bf5\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\DoylesRoom:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\BrucePoker.com:MID
@Alternate Data Stream - 76 bytes -> C:\Users\Vista\Desktop\Documents:Roxio EMC Stream
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP

1B5B4F1

< End of report >

FU_Luck · 01-30-2012, 09:56 AM

just at the end of that OTL log i see doylesroom and brucepoker
i havnt played on either of them in yrs and have uninstalled their software yrs ago too...

here are the extra.txt logs

OTL Extras logfile created on: 30/01/2012 14:21:20 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vista\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1.94 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 54.71% Memory free
4.11 Gb Paging File | 2.66 Gb Available in Paging File | 64.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.04 Gb Total Space | 67.76 Gb Free Space | 48.05% Space Free | Partition Type: NTFS
Drive E: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VISTA-PC | User Name: Vista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{01D8B103-0407-4097-8CC4-7DE07A4F46C6}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0C1B10A8-5557-4AD2-988E-89AB4971882A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29E5900C-C7F9-433F-9458-3FCE03E1ECB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{442F478D-D320-41A3-84C5-852D26932D83}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{45640232-4DF4-453B-938E-4446D45F5387}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4FA79357-4993-4E44-8A7E-7A9840E6BEEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72159FDF-0BA4-4D84-A06D-C23A629A9E2A}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{84F1BD14-6998-4876-9884-28B72BB72426}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CA5224D8-459E-4789-B322-C6D7DFD88BCE}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F1765456-BEAC-4950-8231-419EF2B57CC7}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FA8EA10D-E3A0-4952-BB85-D6E59284D667}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{02B55925-6D1E-4202-8F8F-2BE2F223DC97}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{045B1953-D817-4DD2-86C9-0B43E2A48C32}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{046FCA2E-CD70-4B11-A2D7-2ECD0F86558E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{0D588594-EB4E-4010-B50A-BCC12731B002}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{0E241120-C027-46A9-A577-A6AF972FB112}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{1101ECDE-83BF-4917-8ABF-230EC80898E8}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{362A50D0-A567-4536-A585-1B4312C01618}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{37DF05AB-E16A-4D46-8A11-E0A68ABDDB74}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4807E78C-BEDE-47A4-968C-89FEFBCE312A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{49F35D37-D4FD-4005-9D45-0D49FB5716E3}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{518161EE-3254-4724-A558-A41F4F40D26F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5187C349-2AFB-4D1E-9F31-CAD203A8C38E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{5A21D727-5F03-4375-AAFF-559224948616}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{5D6F4168-2585-428A-936C-B2D5997C14D3}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{62E88E21-1803-4EBA-9F79-03A306330A91}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{6A30F956-8508-470B-8574-C41DDAB9887E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{82B25BA8-8030-4410-B12A-537BAA5322F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{8340C175-220A-420F-BE9E-94C0661FF0E8}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{935472BF-9CB0-4F8C-9D52-09135B28A2ED}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{97F8E5E3-FCA1-488C-A42B-25B2E950C4C2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{9A06512A-C62D-4FE7-9508-A5078F5727AA}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{9E37525B-D9FB-460D-B9BA-442FDAD37532}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{A29C0FDB-6115-4B60-BA13-314BEBD61FF3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6E03A1A-59E5-45CC-B445-B89BD143CEC9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{A96A12BC-F5BF-435C-96B7-5F554EE17C30}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{AB92C37E-75C3-43C0-8BDC-F950F11B4FDA}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{B28D127E-F00D-4098-9791-F92570DCF766}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{B3F6158D-2ABF-491A-B1F0-19861538C82D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{C099B40F-1707-49C1-85C0-6A62AEDCDE76}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{C46C00E6-858D-44AE-A8B0-4DAA1F2A646C}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{C76F8B0D-ECF2-4320-B95A-9DFA2B444E86}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C78D8654-AD25-4090-A635-ABD87BB1F602}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{C842C124-967C-479C-81EE-9BAD53ADB843}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{D4D63BC7-80E1-453E-BAF3-094A302FF1A5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DB11A043-23AA-48F8-9C2B-ECF6EAB29AE0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E1EEE21D-D524-4F28-AD69-D9B4B2A02F29}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{E6F78368-7BA7-48ED-9B80-E37040F75BB6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E79025CF-5D64-4322-B61D-1F489CC3880F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{EDB8985F-102F-4359-B0D8-4EA4F94D01A6}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{F8F75C8D-2A3B-4390-8379-448CBC422A66}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{3B85E668-E58A-40F5-BA55-BE72F6D30EA1}C:\users\vista\appdata\local\google\c hrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\vista\appdata\local\google\chrome\app lication\chrome.exe |
"TCP Query User{7838BFC3-F62F-436E-8430-DCA4C4047EAA}D:\pictureorganiser.exe" = protocol=6 | dir=in | app=d:\pictureorganiser.exe |
"TCP Query User{94CDB5CC-636F-42DB-A649-529DAC8B4497}C:\users\vista\appdata\local\google\c hrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\vista\appdata\local\google\chrome\app lication\chrome.exe |
"TCP Query User{B723AAB2-2E8C-40B5-9A2E-20D20C8324C4}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DF81E033-B372-434E-B564-F3CA192A661D}C:\program files\picture organiser\pictureorganiser.exe" = protocol=6 | dir=in | app=c:\program files\picture organiser\pictureorganiser.exe |
"UDP Query User{2070C765-1840-4E21-B22B-8936BFCD3096}C:\users\vista\appdata\local\google\c hrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\vista\appdata\local\google\chrome\app lication\chrome.exe |
"UDP Query User{3B261FFA-EB07-442F-8F30-105C3D0A0AD4}C:\users\vista\appdata\local\google\c hrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\vista\appdata\local\google\chrome\app lication\chrome.exe |
"UDP Query User{6B0BD34F-4564-4A0E-B96C-FD18C56F09E2}D:\pictureorganiser.exe" = protocol=17 | dir=in | app=d:\pictureorganiser.exe |
"UDP Query User{8F9233CB-D051-4FBE-BEE7-F06EAA1A3ED3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C6EB7C11-A1C6-4DDA-8399-F93FB0428119}C:\program files\picture organiser\pictureorganiser.exe" = protocol=17 | dir=in | app=c:\program files\picture organiser\pictureorganiser.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{976475B8-63E9-4559-BE2C-D26086BE4C40}" = LogMeIn
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB7032FF-AFED-4C58-AA5C-8473B273793A}" = HDReg
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{EA110D11-7F62-4FE9-91B4-57ED480C1C9F}" = Picture Organiser
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AdobeReader" = Adobe Reader 8
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5322
"AVG" = AVG 2012
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = PCI SoftV92 Modem
"CREATOR9" = Creator 9
"Flashplayer" = Flash Player plugins 9
"Huawei Modems" = Huawei modem
"Infocentre" = Infocentre Rev. 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 en-GB)" = Mozilla Firefox 9.0.1 (x86 en-GB)
"MSWorks85" = Microsoft Works 8.5
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PokerStars" = PokerStars
"SETUPMYPC_GB" = SetUp My PC
"Updator" = Packard Bell Updator
"ViewpointMediaPlayer" = Viewpoint Media Player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/01/2012 19:37:23 | Computer Name = Vista-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 142c Start Time: 01ccdc78a1c3f56b Termination Time: 22

Error - 26/01/2012 23:24:29 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x340, application
start time 0x01ccdca32d6465db.

Error - 26/01/2012 23:24:30 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x13fc, application
start time 0x01ccdca32cc9ac7b.

Error - 27/01/2012 17:55:21 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x1aec, application
start time 0x01ccdd3e5c7fed43.

Error - 28/01/2012 12:10:57 | Computer Name = Vista-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 165c Start Time: 01ccddbbcca236c1 Termination Time: 16

Error - 28/01/2012 19:20:48 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x6a4, application
start time 0x01ccde1377310b51.

Error - 28/01/2012 23:51:17 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x1790, application
start time 0x01ccde394019074d.

Error - 29/01/2012 21:14:41 | Computer Name = Vista-PC | Source = Application Error | ID = 1000
Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp
0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5,
exception code 0xc0000142, fault offset 0x00009f5d, process id 0x1e6c, application
start time 0x01ccdeec87b99f87.

Error - 30/01/2012 08:17:18 | Computer Name = Vista-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1e1c Start Time: 01ccdf43c88ad929 Termination Time: 28

Error - 30/01/2012 09:53:33 | Computer Name = Vista-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1ec4 Start Time: 01ccdf5303bc8349 Termination Time: 41

[ System Events ]
Error - 28/01/2012 07:33:39 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 28/01/2012 19:24:26 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 28/01/2012 19:24:26 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 28/01/2012 19:26:08 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 29/01/2012 07:54:09 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 29/01/2012 07:54:09 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 29/01/2012 07:55:43 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 30/01/2012 07:35:20 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30/01/2012 07:35:20 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30/01/2012 07:36:52 | Computer Name = Vista-PC | Source = Service Control Manager | ID = 7022
Description =

< End of report >

FU_Luck · 01-30-2012, 03:23 PM

Malware bytes LOG

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.30.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Vista :: VISTA-PC [administrator]

Protection: Enabled

30/01/2012 16:46:22
mbam-log-2012-01-30 (16-46-22).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 372249
Time elapsed: 3 hour(s), 35 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

is it normal for that to take 3hrs 30mins to run? everytime i run a scan it take that long.

Gabethebabe · 01-31-2012, 02:46 AM

No malware in sight

You have an old version installed of Adobe Reader. This old version has security issues.
I recommend that you uninstall Adobe Reader through Start > Control Panel > Add or Remove Programs.
After that you should install a PDF reader that is more secure.
Please note that Adobe Reader has a history of security issues and is a prime target for malware writers due to its popularity. You might want to consider installing a non-Adobe PDF reader. Your choice!

Adobe Reader 10. The last and most safest version of Adobe Reader.
SumatraPDF. Very small and very light PDF viewer.
PDF XChange. Also available in 64-bit version if you have a 64-bit OS. Can be installed as portable.

====================

If MBAM takes 3.5 hours to scan you either have a very large disk or a lot of temporary files or some process interfering. It might be a good idea to clean temp files and disable other security programs before running the MBAM scan.

I would uninstall Superantispyware - only AVG is enough, supported by a, say 2-monthly, scan with MBAM.

I´m going to delete some stuff (mount points) with OTL and use it to clean out temporary files as well:

Please run OTL.exe again
Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

Code:

:otl
O33 - MountPoints2\{003f0a46-e537-11e0-b9a9-bdc3b02499cb}\Shell - "" = AutoRun
O33 - MountPoints2\{003f0a46-e537-11e0-b9a9-bdc3b02499cb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{009a1368-283d-11dd-8066-e27fca059c84}\Shell - "" = AutoRun
O33 - MountPoints2\{009a1368-283d-11dd-8066-e27fca059c84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{009a1388-283d-11dd-8066-e27fca059c84}\Shell - "" = AutoRun
O33 - MountPoints2\{009a1388-283d-11dd-8066-e27fca059c84}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{042343b3-a22d-11df-a623-d6ad88e4eacf}\Shell - "" = AutoRun
O33 - MountPoints2\{042343b3-a22d-11df-a623-d6ad88e4eacf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{042343d0-a22d-11df-a623-d6ad88e4eacf}\Shell - "" = AutoRun
O33 - MountPoints2\{042343d0-a22d-11df-a623-d6ad88e4eacf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0ea0b8a1-08a9-11e0-8a61-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0ea0b8a1-08a9-11e0-8a61-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{13ac9d1c-9b4b-11df-999f-de59f1cb2bee}\Shell - "" = AutoRun
O33 - MountPoints2\{13ac9d1c-9b4b-11df-999f-de59f1cb2bee}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{13ac9d35-9b4b-11df-999f-de59f1cb2bee}\Shell - "" = AutoRun
O33 - MountPoints2\{13ac9d35-9b4b-11df-999f-de59f1cb2bee}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1615dda5-19f5-11dd-8155-dd5a186c7a88}\Shell - "" = AutoRun
O33 - MountPoints2\{1615dda5-19f5-11dd-8155-dd5a186c7a88}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{1615ddba-19f5-11dd-8155-dd5a186c7a88}\Shell - "" = AutoRun
O33 - MountPoints2\{1615ddba-19f5-11dd-8155-dd5a186c7a88}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{193fd155-24ed-11dd-b3f2-979c96463184}\Shell - "" = AutoRun
O33 - MountPoints2\{193fd155-24ed-11dd-b3f2-979c96463184}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{193fd157-24ed-11dd-b3f2-979c96463184}\Shell - "" = AutoRun
O33 - MountPoints2\{193fd157-24ed-11dd-b3f2-979c96463184}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{241bdfda-08b5-11e0-9e25-846eab71b802}\Shell - "" = AutoRun
O33 - MountPoints2\{241bdfda-08b5-11e0-9e25-846eab71b802}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{241bdfe6-08b5-11e0-9e25-846eab71b802}\Shell - "" = AutoRun
O33 - MountPoints2\{241bdfe6-08b5-11e0-9e25-846eab71b802}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2a8711dc-280c-11dd-a04a-8fb3c7ec7f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a8711dc-280c-11dd-a04a-8fb3c7ec7f8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2a8711f1-280c-11dd-a04a-8fb3c7ec7f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a8711f1-280c-11dd-a04a-8fb3c7ec7f8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{324627ad-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell - "" = AutoRun
O33 - MountPoints2\{324627ad-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{324627bf-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell - "" = AutoRun
O33 - MountPoints2\{324627bf-0d2b-11dd-a2e9-f9bcb842a5b7}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{374336bb-a188-11df-80ed-df69e4012cce}\Shell - "" = AutoRun
O33 - MountPoints2\{374336bb-a188-11df-80ed-df69e4012cce}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{374336d6-a188-11df-80ed-df69e4012cce}\Shell - "" = AutoRun
O33 - MountPoints2\{374336d6-a188-11df-80ed-df69e4012cce}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{39c68c5a-9bd6-11df-9f22-b519bf265dcf}\Shell - "" = AutoRun
O33 - MountPoints2\{39c68c5a-9bd6-11df-9f22-b519bf265dcf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{39c68c63-9bd6-11df-9f22-b519bf265dcf}\Shell - "" = AutoRun
O33 - MountPoints2\{39c68c63-9bd6-11df-9f22-b519bf265dcf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3cc07a63-2823-11dd-9a49-dedbe89d7c85}\Shell - "" = AutoRun
O33 - MountPoints2\{3cc07a63-2823-11dd-9a49-dedbe89d7c85}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{3cc07a79-2823-11dd-9a49-dedbe89d7c85}\Shell - "" = AutoRun
O33 - MountPoints2\{3cc07a79-2823-11dd-9a49-dedbe89d7c85}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{498e0849-3677-11dc-8a59-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{498e0849-3677-11dc-8a59-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{498e084b-3677-11dc-8a59-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{498e084b-3677-11dc-8a59-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{50ccbb6b-cdb5-11dd-bafc-cf90b5c39272}\Shell - "" = AutoRun
O33 - MountPoints2\{50ccbb6b-cdb5-11dd-bafc-cf90b5c39272}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{50ccbb93-cdb5-11dd-bafc-cf90b5c39272}\Shell - "" = AutoRun
O33 - MountPoints2\{50ccbb93-cdb5-11dd-bafc-cf90b5c39272}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{5115c8b9-3607-11dc-b3b8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5115c8b9-3607-11dc-b3b8-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5115c8ce-3607-11dc-b3b8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5115c8ce-3607-11dc-b3b8-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5fb9e231-9167-11dc-9ce3-c725e0e9cd63}\Shell - "" = AutoRun
O33 - MountPoints2\{5fb9e231-9167-11dc-9ce3-c725e0e9cd63}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{5fb9e246-9167-11dc-9ce3-c725e0e9cd63}\Shell - "" = AutoRun
O33 - MountPoints2\{5fb9e246-9167-11dc-9ce3-c725e0e9cd63}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{667cf63d-d9b9-11de-b93d-9372856e2535}\Shell - "" = AutoRun
O33 - MountPoints2\{667cf63d-d9b9-11de-b93d-9372856e2535}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{667cf63e-d9b9-11de-b93d-9372856e2535}\Shell - "" = AutoRun
O33 - MountPoints2\{667cf63e-d9b9-11de-b93d-9372856e2535}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{689d296f-283e-11dd-92d4-94d2a839c684}\Shell - "" = AutoRun
O33 - MountPoints2\{689d296f-283e-11dd-92d4-94d2a839c684}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{689d2972-283e-11dd-92d4-94d2a839c684}\Shell - "" = AutoRun
O33 - MountPoints2\{689d2972-283e-11dd-92d4-94d2a839c684}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7696a632-7d30-11de-a36b-e502414c2ddb}\Shell - "" = AutoRun
O33 - MountPoints2\{7696a632-7d30-11de-a36b-e502414c2ddb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7696a633-7d30-11de-a36b-e502414c2ddb}\Shell - "" = AutoRun
O33 - MountPoints2\{7696a633-7d30-11de-a36b-e502414c2ddb}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{919e7de3-1d6f-11de-bf58-c57dd5c29b89}\Shell - "" = AutoRun
O33 - MountPoints2\{919e7de3-1d6f-11de-bf58-c57dd5c29b89}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{942b5b6c-a7e9-11df-9026-e0ad49d8acd2}\Shell - "" = AutoRun
O33 - MountPoints2\{942b5b6c-a7e9-11df-9026-e0ad49d8acd2}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{942b5b85-a7e9-11df-9026-881ba50fd479}\Shell - "" = AutoRun
O33 - MountPoints2\{942b5b85-a7e9-11df-9026-881ba50fd479}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{9b965a27-91c9-11df-8cec-d3e6ea59f4ca}\Shell - "" = AutoRun
O33 - MountPoints2\{9b965a27-91c9-11df-8cec-d3e6ea59f4ca}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{9b965a44-91c9-11df-8cec-d3e6ea59f4ca}\Shell - "" = AutoRun
O33 - MountPoints2\{9b965a44-91c9-11df-8cec-d3e6ea59f4ca}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a44d404a-c12a-11e0-98c5-ae522d4a5904}\Shell - "" = AutoRun
O33 - MountPoints2\{a44d404a-c12a-11e0-98c5-ae522d4a5904}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a44d404e-c12a-11e0-98c5-db896a8a3bd3}\Shell - "" = AutoRun
O33 - MountPoints2\{a44d404e-c12a-11e0-98c5-db896a8a3bd3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ae0f0823-e99a-11dc-83b7-a47b18812f61}\Shell - "" = AutoRun
O33 - MountPoints2\{ae0f0823-e99a-11dc-83b7-a47b18812f61}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{ae0f0825-e99a-11dc-83b7-a47b18812f61}\Shell - "" = AutoRun
O33 - MountPoints2\{ae0f0825-e99a-11dc-83b7-a47b18812f61}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b01220d7-0ca2-11dd-b95d-ee2b13b38ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{b01220d7-0ca2-11dd-b95d-ee2b13b38ebd}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b01220ec-0ca2-11dd-b95d-ee2b13b38ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{b01220ec-0ca2-11dd-b95d-ee2b13b38ebd}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b3ed4a46-9366-11df-ba87-f98555e2f4cf}\Shell - "" = AutoRun
O33 - MountPoints2\{b3ed4a46-9366-11df-ba87-f98555e2f4cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b3ed4a63-9366-11df-ba87-f98555e2f4cf}\Shell - "" = AutoRun
O33 - MountPoints2\{b3ed4a63-9366-11df-ba87-f98555e2f4cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{b75a0dbb-2132-11dd-9195-a1b80278ac86}\Shell - "" = AutoRun
O33 - MountPoints2\{b75a0dbb-2132-11dd-9195-a1b80278ac86}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{b75a0dbe-2132-11dd-9195-a1b80278ac86}\Shell - "" = AutoRun
O33 - MountPoints2\{b75a0dbe-2132-11dd-9195-a1b80278ac86}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c266d263-d463-11dd-ba90-e5a7c1ce088a}\Shell - "" = AutoRun
O33 - MountPoints2\{c266d263-d463-11dd-ba90-e5a7c1ce088a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c2aecf0b-3b18-11dd-958a-d8c596d36ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{c2aecf0b-3b18-11dd-958a-d8c596d36ebd}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c2aecf0d-3b18-11dd-958a-d8c596d36ebd}\Shell - "" = AutoRun
O33 - MountPoints2\{c2aecf0d-3b18-11dd-958a-d8c596d36ebd}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c4b3e8c4-7823-11e0-bc3f-a8f6e1369b48}\Shell - "" = AutoRun
O33 - MountPoints2\{c4b3e8c4-7823-11e0-bc3f-a8f6e1369b48}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c7db49bd-4711-11dc-91a0-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{c7db49bd-4711-11dc-91a0-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{c7db49d2-4711-11dc-91a0-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{c7db49d2-4711-11dc-91a0-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d6f63874-d466-11dd-9c63-ca23a1f09185}\Shell - "" = AutoRun
O33 - MountPoints2\{d6f63874-d466-11dd-9c63-ca23a1f09185}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d6f638a8-d466-11dd-9c63-ca23a1f09185}\Shell - "" = AutoRun
O33 - MountPoints2\{d6f638a8-d466-11dd-9c63-ca23a1f09185}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d713f5fc-0735-11e1-92ac-b967fba928c2}\Shell - "" = AutoRun
O33 - MountPoints2\{d713f5fc-0735-11e1-92ac-b967fba928c2}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d9254302-a1bd-11dc-a394-a41a67342996}\Shell - "" = AutoRun
O33 - MountPoints2\{d9254302-a1bd-11dc-a394-a41a67342996}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{dc05f2b7-9172-11dc-9df5-8d2d3519a866}\Shell - "" = AutoRun
O33 - MountPoints2\{dc05f2b7-9172-11dc-9df5-8d2d3519a866}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{ee17d7e9-a604-11df-aec9-819116b41ab2}\Shell - "" = AutoRun
O33 - MountPoints2\{ee17d7e9-a604-11df-aec9-819116b41ab2}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a1728-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a1728-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172a-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172a-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172c-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172c-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f37a172e-279d-11dd-9fab-e1658a692482}\Shell - "" = AutoRun
O33 - MountPoints2\{f37a172e-279d-11dd-9fab-e1658a692482}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f503dd00-e405-11dc-a997-80ee52785d62}\Shell - "" = AutoRun
O33 - MountPoints2\{f503dd00-e405-11dc-a997-80ee52785d62}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f503dd1b-e405-11dc-a997-80ee52785d62}\Shell - "" = AutoRun
O33 - MountPoints2\{f503dd1b-e405-11dc-a997-80ee52785d62}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f6ee6d99-1a3b-11dd-b318-f76266598b8a}\Shell - "" = AutoRun
O33 - MountPoints2\{f6ee6d99-1a3b-11dd-b318-f76266598b8a}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{f6ee6d9b-1a3b-11dd-b318-f76266598b8a}\Shell - "" = AutoRun
O33 - MountPoints2\{f6ee6d9b-1a3b-11dd-b318-f76266598b8a}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fbd60b32-4a48-11dc-8353-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{fbd60b32-4a48-11dc-8353-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fbd60b34-4a48-11dc-8353-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{fbd60b34-4a48-11dc-8353-00038a000015}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{fd42d0e8-28b0-11dd-8edb-afcb02bcaf8b}\Shell - "" = AutoRun
O33 - MountPoints2\{fd42d0e8-28b0-11dd-8edb-afcb02bcaf8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{fd42d0ea-28b0-11dd-8edb-afcb02bcaf8b}\Shell - "" = AutoRun
O33 - MountPoints2\{fd42d0ea-28b0-11dd-8edb-afcb02bcaf8b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe
:commands
[emptytemp]

CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
If it asks to reboot the computer, please allow that.
Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

FU_Luck · 01-31-2012, 07:37 AM

Hi Gabe thanks

i have uninstalled Adobe Reader and installed sumatrapdf.

i then cleared all temp files

i copy and pasted the stuff into OTL and clicked RUN FIX and OTL then becomes non responsive.
"not responding" stays like that for a minute or 2 and then says "stopped working"
screenshots here>

not responding

stopped working

i click on close program after waiting several minutes (i tried twice)

and all that remains is my desktop wallpaper/screensaver
so i click CTRL+ALT+DEL and restart pc

when it restarts i get this >

once again thanks for help

FU_Luck · 01-31-2012, 11:14 AM

i ran scan on OTL again in case i messed up 1st one by removing temp files too early

sorry if i did

OTL logfile created on: 31/01/2012 14:17:16 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vista\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

1.94 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 69.66% Memory free
4.11 Gb Paging File | 3.03 Gb Available in Paging File | 73.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.04 Gb Total Space | 68.90 Gb Free Space | 48.85% Space Free | Partition Type: NTFS
Drive E: | 25.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VISTA-PC | User Name: Vista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/30 14:19:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vista\Downloads\OTL.exe
PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/12/07 18:21:44 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/12/03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/25 07:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/05/25 07:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/05/25 07:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/05/20 15:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/11/17 14:13:48 | 000,667,648 | ---- | M] (Birdstep Technology) -- C:\Program Files\3 Mobile Broadband\3Connect\AutoUpdateSrv.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/19 06:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2008/09/19 02:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2006/11/09 09:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/09/18 20:12:12 | 000,843,776 | ---- | M] () -- C:\Windows\vsnpstd3.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2006/09/18 20:12:12 | 000,843,776 | ---- | M] () -- C:\Windows\vsnpstd3.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Secunia Update Agent)
SRV - File not found [Auto | Stopped] -- -- (!SASCORE)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/07 18:21:50 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/12/07 18:21:44 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/09/16 14:10:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/25 07:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/09/19 02:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2008/01/23 23:10:34 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)

========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/12/07 18:22:16 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/16 14:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/09/16 14:10:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/25 07:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/05/10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/05/20 15:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/09/10 12:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/24 13:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/03/25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/09/04 22:14:42 | 010,186,744 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/04/26 17:18:10 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/04/24 14:09:10 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 07:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 07:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/01 20:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/09/10 20:42:00 | 000,024,808 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sqcaptur.sys -- (DCamUSBSQTECH) Dual-Mode DSC(2770)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.live.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/09/23 05:52:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/22 20:51:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/01/31 11:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/01/31 11:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/01/31 11:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.2\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/01/31 11:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.6\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/01/31 11:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/31 06:41:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Extensions
[2008/12/09 19:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Extensions\ {a463f10c-3994-11da-9945-000d60ca027b}
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/02/15 23:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\4hls0xem.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012/01/28 14:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista\AppData\Roaming\Mozilla\Firefox\Pro files\c14tgydr.default\extensions
[2012/01/09 10:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/09 10:54:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/31 06:41:02 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/17 01:38:42 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/12/17 01:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/17 01:38:42 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/12/17 01:38:42 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/12/17 01:38:42 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google

riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\Applica tion\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vista\AppData\Local\Google\Update\1.3.21. 99\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: YouTube = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2_0\
CHR - Extension: FlashBlock = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffb jijcie\1.2.11.12_0\
CHR - Extension: ******* Plus (Beta) = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.14_0\
CHR - Extension: Google Search = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: ******* = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.14_0\
CHR - Extension: AVG Safe Search = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfme joahla\12.0.0.1901_0\
CHR - Extension: FlashControl = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckim kipmoe\2.10.4_0\
CHR - Extension: Gmail = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Vista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ghrsv.com ([fb-gamefront] * in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{4588BE9E-8F83-48EE-BFEB-06A371E2046A}: NameServer = 83.136.47.249 193.120.14.101
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{67438000-DF33-48FD-BA4F-24455C76CAB9}: DhcpNameServer = 172.31.140.69 172.30.140.69
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O24 - Desktop WallPaper: C:\Users\Vista\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vista\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/11/18 14:18:22 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/03/20 17:20:32 | 000,027,750 | R--- | M] () - E:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/11/17 14:01:12 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/31 13:33:27 | 000,000,000 | ---D | C] -- C:\Users\Vista\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Google Chrome
[2012/01/31 11:48:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/31 11:02:52 | 000,000,000 | ---D | C] -- C:\Users\Vista\AppData\Roaming\SumatraPDF
[2012/01/31 11:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\SumatraPDF
[2012/01/31 11:00:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/16 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\Vista\AppData\Local\LogMeIn
[2012/01/16 20:46:06 | 000,030,592 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2012/01/16 20:45:59 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2012/01/16 20:45:58 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\LMIRfsDriver.sys
[2012/01/16 20:45:49 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2012/01/16 20:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2012/01/16 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2012/01/11 09:17:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 09:17:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 09:17:50 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 09:17:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 09:17:43 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/09 10:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/01/09 10:54:02 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/01/09 10:54:02 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/01/09 10:54:01 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/01/02 09:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/01/24 22:09:01 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2912.dll
[2006/10/05 15:50:22 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 19:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2004/10/11 18:46:32 | 000,205,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltefx13n.dll
[2004/01/19 13:31:00 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil13n.DLL
[2004/01/19 12:31:06 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfiff13n.dll
[2004/01/19 12:31:06 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfCUT13n.dll
[2004/01/19 11:31:50 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn13n.dll
[2004/01/19 11:12:00 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcgm13n.dll
[2004/01/19 10:49:52 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFJ2K13n.dll
[2004/01/19 10:49:08 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpng13n.dll
[2004/01/19 10:47:36 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfwmf13n.dll
[2004/01/19 10:47:04 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMW13n.dll
[2004/01/19 10:45:38 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMP13n.DLL
[2004/01/19 10:44:52 | 000,143,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftif13n.dll
[2004/01/19 10:36:48 | 000,056,832 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpsd13n.dll
[2004/01/19 10:36:36 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd13n.dll
[2004/01/19 10:36:32 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx13n.dll
[2004/01/19 10:36:24 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpct13n.dll
[2004/01/19 10:36:18 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmsp13n.dll
[2004/01/19 10:35:56 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmac13n.dll
[2004/01/19 10:35:34 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfimg13n.dll
[2004/01/19 10:34:50 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfclp13n.dll
[2004/01/19 10:34:42 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp13n.dll
[2004/01/19 10:33:48 | 000,444,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltimg13n.dll
[2004/01/19 10:32:18 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS13n.dll
[2000/05/02 03:17:00 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
[1999/11/18 22:00:00 | 000,284,032 | ---- | C] (Xceed Software Inc (450) 442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\Program Files\XceedZip.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/31 14:19:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/31 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2012/01/31 13:35:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354758293-3143382141-3762374939-1002UA.job
[2012/01/31 13:33:35 | 000,002,045 | ---- | M] () -- C:\Users\Vista\Desktop\Google Chrome.lnk
[2012/01/31 13:33:35 | 000,002,007 | ---- | M] () -- C:\Users\Vista\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/31 13:18:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/31 13:18:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/31 13:18:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/31 13:17:44 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/01/31 13:17:44 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/01/31 13:17:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/31 13:17:35 | 2078,859,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/31 10:36:20 | 087,817,706 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/30 15:38:08 | 000,436,316 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/28 03:35:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3354758293-3143382141-3762374939-1002Core.job
[2012/01/21 20:17:33 | 000,001,627 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/17 21:11:59 | 000,617,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/17 21:11:58 | 000,111,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/16 20:45:45 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/01/09 10:53:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/01/09 10:53:38 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/01/09 10:53:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/01/09 10:53:38 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/31 13:33:35 | 000,002,045 | ---- | C] () -- C:\Users\Vista\Desktop\Google Chrome.lnk
[2012/01/31 13:33:35 | 000,002,007 | ---- | C] () -- C:\Users\Vista\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/31 11:02:28 | 000,001,677 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
[2012/01/16 20:45:41 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/01/16 20:44:51 | 000,000,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2012/01/02 09:16:43 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/01/22 22:36:07 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/12/16 01:47:43 | 000,071,262 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2010/12/01 22:56:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/09 16:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/04/05 04:43:26 | 000,000,045 | ---- | C] () -- C:\Users\Vista\AppData\Local\machpro.dat
[2009/07/21 23:33:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/21 23:33:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/06/18 22:37:22 | 000,005,028 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/04/25 17:07:59 | 000,000,088 | ---- | C] () -- C:\Users\Vista\AppData\Local\mmqkamo.bat
[2008/07/23 17:24:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.b in
[2008/03/04 03:29:31 | 000,000,093 | ---- | C] () -- C:\Users\Vista\AppData\Local\fusioncache.dat
[2008/02/26 21:02:37 | 000,000,040 | ---- | C] () -- C:\Windows\ujf635.bin
[2008/01/04 14:13:15 | 000,032,854 | ---- | C] () -- C:\Windows\iniLS.dat
[2008/01/02 13:14:19 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/01/02 13:14:19 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2007/10/12 08:01:03 | 000,020,228 | ---- | C] () -- C:\Users\Vista\AppData\Roaming\UserTile.png
[2007/09/27 20:21:12 | 000,015,473 | ---- | C] () -- C:\Windows\snpstd3.ini
[2007/06/22 06:05:17 | 000,000,000 | ---- | C] () -- C:\Users\Vista\AppData\Roaming\wklnhst.dat
[2007/06/13 02:50:32 | 000,071,680 | ---- | C] () -- C:\Users\Vista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/12 14:28:38 | 000,008,160 | ---- | C] () -- C:\Users\Vista\AppData\Local\d3d9caps.dat
[2007/01/23 21:55:07 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/01/23 21:51:49 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2006/12/21 10:06:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,324,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,617,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,111,958 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/18 20:12:12 | 000,843,776 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2006/05/02 22:38:24 | 000,072,444 | ---- | C] () -- C:\Windows\SetBrowser.exe
[2006/05/02 22:38:24 | 000,000,748 | ---- | C] () -- C:\Windows\SetBrowser.ini
[2006/04/19 23:14:32 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2005/09/06 10:04:16 | 002,232,320 | ---- | C] () -- C:\Windows\System32\I2E_CINT.dll
[2005/01/07 05:55:50 | 000,249,856 | ---- | C] () -- C:\Windows\System32\I2E_CIIO.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\DoylesRoom:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\BrucePoker.com:MID
@Alternate Data Stream - 76 bytes -> C:\Users\Vista\Desktop\Documents:Roxio EMC Stream
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP

1B5B4F1

< End of report >

Gabethebabe · 02-01-2012, 01:45 AM

All went fine. OTL was probably just busy removing loads of temp files and windows thought the process broke

Anyway, your log is clean and the stuff I wanted out is out.

Time to uninstall used tools.

Double click OTL.exe to run it again and click the CleanUp button.
If we used any other tools and they still remain on your desktop, please delete them manually.

FU_Luck · 02-01-2012, 08:32 AM

Sorted

thanks for the hept Gabe much appreciated.

i am using MBAM and AVG and installed SumatraPDF.

Is AVG the best one in ur opinion?id like ur best free choice i wont hold u accountable for any problems i migh get in the future

i sed to use microsoft security essentials but changed after i read some threads on here

thanks again for the help

FU_Luck · 02-01-2012, 09:39 AM

cant edit message sorry

should i still be using Adobe flash player?and plug in?

Gabethebabe · 02-01-2012, 11:01 AM

AVG is fine, although not my favorite.

In the sticky I recommend Avast!, Panda Cloud and AdAware

Adobe flash player is a necessary evil if you want to see webpage animated stuff.

FU_Luck · 02-01-2012, 12:06 PM

once again thanks Gabe

ur a star