Need help - XP Pro x64 Edition Ver 2003.

J

joselepiu

New member
Hello again its been a while since the last time I requested help here.

My computer is running on XP Pro x64 Edition Ver 2003 Service Pack 2.

I have read the ""before you post"" instructions and tried to run the dds tool, but i got a little pop-up window with a message about my system not been supported.

Before I tried to ran the dds tool I ran erunt.

My problem right now is that my computer is really really slow, it used to boot up in about a minute & 1 / 2, from the time I push the on button till I could use anything. Now it takes up 3 or 4 minutes.

This started after I got my facebook acount hacked, they sent out a bunch of messages to all my friends on my facebook account and posted a lot of links for porn sites on their walls. Well getting back to my computer, right after I guess everthing is boot up, the internet explorer browser opens for less than a second and closes, it just opens & closes right away.

I have checked on the windows task manager after it closes, but their is no indication that is still open, also any page on the internet it takes for ever to open I use google chrome and firefox. The internet explorer I use it only for microsoft / windows updates nothing more.

I use CC Cleaner, Spybot S & D, Malwarebites, A V G, Auslogics Disk Defrag, and Auslogics Registry Defrag at least twice a week and everything is up to date.

Hope someone can help me out.

Thanks.
 
:snwelcome:


Please read Before You Post
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Running programs with Vista or Windows 7 , you need to Right Click on the program and select RUN AS ADMINISTATOR

Download DDS from one of the links below to your desktop

Link 1
Link 2

  • Double click the tool to run it.
  • A black Screen will open, just read the contents and do nothing.
  • When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
  • Copy/Paste the contents of 'DDS.txt' into your post.
  • 'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files)

Information on A/V control Here
 
Thx but...

Thanks for your reply, but like as I already stated Im running XP Pro x64 Edition Ver 2003 Service Pack 2 on my computer. I already tried to run the program you have mention with no result, my system is not supported by such a program (dds). Any other ideas?.

Here is a quote from my original post:

""I have read the ""before you post"" instructions and tried to run the dds tool, but i got a little pop-up window with a message about my system not been supported.""

It is the 3rd sentence on my post.
 
Good Morning,

I was thinking that possibly your DDS download may have been corrupted so I posted instructions for downloading it again. You stated ERUNT ran. Also sometimes malware will prevent a program from running.


Auslogics Registry Defrag <--Lets hope this program didn't cause some damage, we dont recommend any type of registry cleaners


Lets try another scanner. I am going to see what tools will and will not run on XP 64bit, I have not come across this before. If you find it hard to download them, try using a known clean computer and transfer them by disk


Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
aswMBR1.png


On completion of the scan click save log, save it to your desktop and post in your next reply
aswMBR2.png










OTL by OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
Still here...

Tried to run the aswMBR program but I received i pop-up message that reads:

"""''This application can use Avast! Free Antivirus for scanning. It is recommneded to download it for better detection results. Would you like to download latest Avast! virues definitions?""...

Should I download it? or not?...

And here I have the other scan results from the OTL program:

OTL logfile created on: 6/13/2012 5:13:39 AM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\D J RAC\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 3.06 Gb Available Physical Memory | 81.74% Memory free
13.29 Gb Paging File | 12.75 Gb Available in Paging File | 95.94% Paging File free
Paging file location(s): c:\pagefile.sys 10000 10000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.75 Gb Total Space | 84.91 Gb Free Space | 18.23% Space Free | Partition Type: NTFS

Computer Name: FAM-PUTTER | User Name: D J RAC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\D J RAC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files (x86)\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files (x86)\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()

========== Win32 Services (SafeList) ==========

SRV - (vToolbarUpdater11.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
SRV - (JavaQuickStarterService) -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (vToolbarUpdater) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (APC UPS Service) -- C:\Program Files (x86)\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

========== Driver Services (SafeList) ==========

DRV - (DrvAgent64) -- C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (BIOS) -- C:\WINDOWS\SysWOW64\Drivers\BIOS64.sys (BIOSTAR Group)
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
DRV - (Winsock) -- C:\WINDOWS\SysWow64\winsock.dll (Microsoft Corporation)
DRV - (PxHelp64) -- C:\WINDOWS\SysWOW64\Drivers\pxhelp64.sys (Sonic Solutions)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\SearchScopes,DefaultScope = {9B9DB46E-1D45-4CF6-8145-BB8C8DB9A2E5}
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\SearchScopes\{30BC77FE-4B53-41DD-9969-75CC51DDB96C}: "URL" = http://search.avg.com/route/?d=4dbb5d33&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={41691B8C-AB8D-4A20-8E6D-E0B17D6AAB59}&mid=42c70532a4de47d1a444d1a90bf8bb87-8d758629d5135f4470f57152dc116841b6490bd7&lang=en&ds=AVG&pr=fr&d=2011-12-19 10:01:31&v=9.0.0.21&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\SearchScopes\{9B9DB46E-1D45-4CF6-8145-BB8C8DB9A2E5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com&lang=en&seamless=novl&offerId=newmail-en-us-v2&authLev=0&siteState=ver%3A4%7Crt%3ASTANDARD%7Cat%3ASNS%7Cld%3Amail.aol.com%7Cuv%3AAOL%7Clc%3Aen-us%7Cmt%3AANGELIA%7Csnt%3AScreenName%7Csid%3A860c879f-cfa2-4481-8a7b-abebafec9ff8&locale=us"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG2012\Firefox4\ [2012/05/29 14:17:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [2012/06/12 01:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG2012\Firefox\DoNotTrack\ [2012/05/16 02:24:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Firefox 4 0 1\components [2011/08/21 13:42:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Firefox 4 0 1\plugins [2012/06/03 01:38:27 | 000,000,000 | ---D | M]

[2011/04/29 22:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Extensions
[2012/04/07 17:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions
[2012/01/24 08:50:55 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/04/07 17:15:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/29 12:05:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\11.0.0.9
[2012/01/24 08:50:52 | 000,031,123 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\D J RAC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\6C58IEX6.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
[2012/05/16 02:24:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG2012\FIREFOX\DONOTTRACK
[2012/05/29 14:17:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG2012\FIREFOX4

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Firefox 4 0 1\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Firefox 4 0 1\plugins\npwachk.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
O4:64bit: - HKLM..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login File not found
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD RADEON HD 6450\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-334292207-2319730254-1780565897-1002..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-21-334292207-2319730254-1780565897-1006..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files (x86)\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-334292207-2319730254-1780565897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304050829321 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1304233757796 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\WINDOWS\Soap Bubbles.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Soap Bubbles.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/28 06:43:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell - "" = AutoRun
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\splash.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 360 Days ==========

[2012/06/13 03:12:39 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\D J RAC\Desktop\OTL.exe
[2012/06/12 01:12:37 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\D J RAC\Desktop\aswMBR.exe
[2012/06/11 01:09:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\D J RAC\Recent
[2012/06/06 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Shrink ver 3 2 0 15
[2012/06/06 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2012/06/06 10:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink ver 3 2 0 15
[2012/06/03 23:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Sun
[2012/06/03 01:39:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/06/03 01:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/03 01:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Oracle
[2012/06/03 01:38:28 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javacpl.cpl
[2012/06/03 01:38:27 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2012/06/03 01:38:27 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2012/06/03 01:37:44 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2012/06/03 01:37:44 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2012/06/02 19:50:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/06/02 00:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/06/02 00:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/06/02 00:34:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\spybot progs
[2012/05/29 14:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/05/25 14:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis
[2012/05/25 14:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HijackThis 2 0 2
[2012/05/17 14:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\spotify cache
[2012/05/15 03:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Unity
[2012/05/15 01:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity
[2012/05/14 01:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab HD Decrypter 8 1 7 8 Qt
[2012/05/14 01:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab HD Decrypter 8 1 7 8 Qt
[2012/05/12 01:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2012/05/09 08:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Spotify
[2012/05/09 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Spotify
[2012/04/30 03:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\AVG Secure Search
[2012/04/19 01:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\pics software
[2012/04/10 02:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/04/10 02:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/10 02:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google
[2012/04/01 22:40:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/03/23 00:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook
[2012/03/14 11:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Identities
[2012/03/12 20:41:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\D J RAC\My Documents\My Data Sources
[2012/03/09 19:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dvdfab
[2012/03/09 19:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab HD Decrypter 8 1 6 3
[2012/03/09 19:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab HD Decrypter 8 1 6 3
[2012/03/07 19:08:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2012/03/07 19:08:42 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2012/03/07 02:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/02/28 22:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/02/28 22:09:02 | 000,086,683 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\SysWow64\pthreadGC2.dll
[2012/02/28 22:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AoA Audio Extractor 2 2 8
[2012/02/28 22:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AoA Audio Extractor 2 2 8
[2012/02/16 23:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012/02/16 23:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/02/10 02:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\cpuz 151
[2012/01/29 19:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\My Documents\Chameleon files
[2012/01/25 21:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\Always On Top
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\ATI
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\ATI
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2012/01/25 18:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/01/25 18:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2012/01/25 18:29:15 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalrt.dll
[2012/01/25 18:29:14 | 004,669,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticaldd.dll
[2012/01/25 18:29:14 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll
[2012/01/25 18:29:14 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll
[2012/01/25 18:29:10 | 017,444,864 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atioglxx.dll
[2012/01/25 18:29:09 | 000,200,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll
[2012/01/25 18:29:09 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalcl.dll
[2012/01/25 18:29:07 | 000,212,992 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\SysWow64\atipdlxx.dll
[2012/01/25 18:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD RADEON HD 6450
[2012/01/25 18:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/01/25 18:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD RADEON HD 6450
[2012/01/21 02:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\External
[2012/01/20 02:25:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\D J RAC\My Documents\My Videos
[2012/01/19 13:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\cache
[2012/01/16 13:07:08 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\SysWow64\drivers\DrvAgent64.SYS
[2012/01/16 13:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\eSupport.com
[2012/01/15 14:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2012/01/15 14:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner 3 14 1616
[2011/12/31 20:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\2gb from letys cell
[2011/12/24 15:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\from camara
[2011/12/23 01:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\AVG
[2011/12/19 11:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\AVG Secure Search
[2011/12/19 11:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/19 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2011/12/19 11:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2011/12/19 10:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\AVG2012
[2011/12/19 10:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/12/19 10:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG2012
[2011/12/08 23:31:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/12/05 17:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft
[2011/12/05 17:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free DVD Decrypter Ver 1 5 6
[2011/12/05 17:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2011/12/05 17:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\My Documents\DVDVideoSoft
[2011/11/04 06:13:36 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2011/10/25 22:20:08 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2011/10/18 10:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\dvd from tv
[2011/09/26 13:10:44 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uiautomationcore.dll
[2011/09/26 13:06:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleaccrc.dll
[2011/09/02 15:19:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab HD Decrypter 8 1 1 2
[2011/09/02 15:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab HD Decrypter 8 1 1 2
[2011/08/26 21:26:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Temp
[2011/08/26 21:15:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/07/08 05:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2011/07/08 05:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2011/07/08 05:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/07/08 05:22:13 | 013,004,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2011/07/08 05:22:13 | 005,332,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2011/07/08 05:22:13 | 002,808,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2011/07/08 05:22:13 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2011/07/08 05:22:13 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2011/07/08 05:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/07/08 05:20:58 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/07/08 05:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/07/08 05:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\SystemRequirementsLab
[2011/07/08 05:01:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun

========== Files - Modified Within 360 Days ==========

[2012/06/13 05:10:16 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/13 05:09:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/13 04:25:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/13 03:44:02 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002UA.job
[2012/06/13 03:12:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\D J RAC\Desktop\OTL.exe
[2012/06/12 01:13:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\D J RAC\Desktop\aswMBR.exe
[2012/06/11 00:44:01 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002Core.job
[2012/06/10 01:16:58 | 001,067,062 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\vaca.bmp
[2012/06/06 10:20:15 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Shrink 3.2.lnk
[2012/06/04 19:27:02 | 000,000,137 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\DVD-CD X.lnk
[2012/06/03 01:37:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2012/06/03 01:37:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2012/06/02 20:09:34 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/06/02 00:39:50 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/02 00:39:44 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk
[2012/05/27 17:00:49 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/27 02:45:26 | 003,037,982 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\HP Pavilion dv7t Quad Edition customizable Notebook PC.bmp
[2012/05/25 18:59:21 | 000,000,026 | ---- | M] () -- C:\Documents and Settings\D J RAC\My Documents\Default.PLS
[2012/05/25 14:56:23 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\HijackThis.lnk
[2012/05/20 18:37:14 | 000,001,927 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\Google Chrome.lnk
[2012/05/14 01:30:57 | 000,000,884 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab HD Decrypter 8 1 7 8 Qt.lnk
[2012/05/12 10:54:02 | 000,593,378 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/05/09 09:02:17 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Spotify.lnk
[2012/04/19 01:03:58 | 000,177,639 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.jpg
[2012/04/19 00:12:21 | 024,253,890 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.bmp
[2012/04/18 23:54:24 | 060,000,054 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana.bmp
[2012/04/10 02:24:51 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/04 18:47:36 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javacpl.cpl
[2012/04/04 18:47:24 | 000,227,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2012/04/04 18:47:08 | 000,772,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2012/04/04 18:47:02 | 000,687,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll
[2012/04/01 22:40:01 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/03/29 07:43:18 | 001,176,438 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\laptop program files.bmp
[2012/03/09 19:57:53 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab Profile Editor.lnk
[2012/03/07 19:08:42 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2012/03/07 19:08:42 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2012/03/07 19:08:42 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2012/03/07 19:08:42 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2012/03/07 19:08:42 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ie4uinit.exe
[2012/03/07 19:08:42 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2012/03/07 19:08:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2012/03/07 19:08:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2012/02/28 22:24:51 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AoA Audio Extractor.lnk
[2012/02/06 19:23:50 | 072,166,876 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\Madonna ~ Halftime Super Bowl XLVI.mp4
[2012/01/25 18:37:46 | 000,007,792 | ---- | M] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2012/01/25 18:29:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012/01/16 13:07:08 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\SysWow64\drivers\DrvAgent64.SYS
[2012/01/15 14:38:26 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner 3 14 1616.lnk
[2011/12/23 01:31:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\AVG\incavi.avm
[2011/12/23 01:31:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\AVG\iavichjw.avm
[2011/12/19 12:47:34 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2012.lnk
[2011/12/05 17:29:54 | 000,000,904 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Free DVD Decrypter.lnk
[2011/11/20 12:03:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.exe
[2011/11/17 14:17:26 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzchange.exe
[2011/11/14 19:07:20 | 001,278,976 | ---- | M] () -- C:\WINDOWS\SysWow64\quartz.dll
[2011/11/14 19:07:20 | 000,385,536 | ---- | M] () -- C:\WINDOWS\SysWow64\qdvd.dll
[2011/11/04 06:13:36 | 001,070,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2011/10/25 22:20:08 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2011/10/15 02:45:10 | 000,396,800 | ---- | M] () -- C:\WINDOWS\SysWow64\encdec.dll
[2011/10/15 02:34:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mciseq.dll
[2011/10/03 10:37:02 | 000,057,667 | ---- | M] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2011/09/26 13:10:44 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uiautomationcore.dll
[2011/09/26 13:06:52 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleaccrc.dll
[2011/09/13 02:37:30 | 023,070,720 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\VTS_011_1.VOB
[2011/08/13 14:36:51 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI

========== Files Created - No Company Name ==========

[2012/06/10 01:16:58 | 001,067,062 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\vaca.bmp
[2012/06/06 10:20:15 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Shrink 3.2.lnk
[2012/06/02 00:39:50 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/02 00:39:44 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk
[2012/05/27 02:43:13 | 003,037,982 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\HP Pavilion dv7t Quad Edition customizable Notebook PC.bmp
[2012/05/25 14:56:23 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\HijackThis.lnk
[2012/05/14 01:30:57 | 000,000,884 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab HD Decrypter 8 1 7 8 Qt.lnk
[2012/05/09 09:02:17 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Spotify.lnk
[2012/05/09 08:51:19 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Spotify.lnk
[2012/04/19 00:33:03 | 000,177,639 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.jpg
[2012/04/19 00:11:36 | 024,253,890 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.bmp
[2012/04/18 23:54:23 | 060,000,054 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana.bmp
[2012/04/10 02:24:51 | 000,001,927 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\Google Chrome.lnk
[2012/04/10 02:24:51 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/10 02:20:46 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/10 02:20:45 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/01 22:40:01 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/03/29 07:43:18 | 001,176,438 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\laptop program files.bmp
[2012/03/23 00:39:28 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002UA.job
[2012/03/23 00:39:28 | 000,000,984 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002Core.job
[2012/03/09 19:57:53 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab Profile Editor.lnk
[2012/02/28 22:24:51 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AoA Audio Extractor.lnk
[2012/02/06 19:08:04 | 072,166,876 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\Madonna ~ Halftime Super Bowl XLVI.mp4
[2012/01/25 18:37:46 | 000,007,792 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2012/01/25 18:29:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/01/25 18:29:42 | 000,030,831 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2012/01/16 13:34:30 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/15 14:38:26 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner 3 14 1616.lnk
[2011/12/24 15:08:44 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/23 01:31:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AVG\incavi.avm
[2011/12/23 01:31:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AVG\iavichjw.avm
[2011/12/19 12:47:34 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2012.lnk
[2011/12/05 17:29:54 | 000,000,904 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Free DVD Decrypter.lnk
[2011/09/13 02:40:30 | 023,070,720 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\VTS_011_1.VOB
[2011/08/26 21:15:45 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/05/06 19:20:31 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/05/06 19:20:31 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011/04/30 23:55:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/04/29 22:57:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/04/29 14:52:03 | 000,593,378 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2011/04/28 08:20:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\SysWow64\ChCfg.exe
[2011/04/28 08:20:26 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\RtlCPAPI.dll
[2011/04/28 08:20:25 | 000,037,376 | ---- | C] () -- C:\WINDOWS\CPLUtl64.exe
[2011/04/28 06:48:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/04/27 22:48:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== LOP Check ==========

[2012/06/12 01:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/21 06:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/04/29 18:52:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/03/09 19:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dvdfab
[2012/06/13 03:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/02/16 23:50:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/05/12 01:32:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2012/02/16 23:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012/05/12 02:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/05/02 00:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\Auslogics
[2011/12/19 11:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\AVG Secure Search
[2011/12/19 10:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\AVG2012
[2011/05/01 23:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\IObit
[2012/06/03 01:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\Oracle
[2012/06/13 04:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\Spotify
[2011/07/08 05:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\SystemRequirementsLab
[2012/05/15 03:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\D J RAC\Application Data\Unity
[2011/12/19 10:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lety\Application Data\AVG2012
[2012/01/20 18:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prisci & Vane\Application Data\AVG Secure Search
[2011/12/19 10:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Prisci & Vane\Application Data\AVG2012
[2012/06/11 00:44:01 | 000,000,984 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002Core.job
[2012/06/13 03:44:02 | 000,001,006 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002UA.job
[2012/06/13 05:08:16 | 000,032,548 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5547042D
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE

< End of report >
 
And the OTL Extras logfile...

OTL Extras logfile created on: 6/13/2012 5:13:39 AM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\D J RAC\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 3.06 Gb Available Physical Memory | 81.74% Memory free
13.29 Gb Paging File | 12.75 Gb Available in Paging File | 95.94% Paging File free
Paging file location(s): c:\pagefile.sys 10000 10000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.75 Gb Total Space | 84.91 Gb Free Space | 18.23% Space Free | Partition Type: NTFS

Computer Name: FAM-PUTTER | User Name: D J RAC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Firefox 4 0 1\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\AVG 10\avgmfapx.exe" = C:\Program Files (x86)\AVG 10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" = C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files (x86)\AVG2012\avgmfapx.exe" = C:\Program Files (x86)\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe" = C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe:*:Enabled:CNET Download.com Installer -- (CNET Download.com)
"C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files (x86)\AVG2012\avgnsa.exe" = C:\Program Files (x86)\AVG2012\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgdiagex.exe" = C:\Program Files (x86)\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgemca.exe" = C:\Program Files (x86)\AVG2012\avgemca.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\AVG 10\avgmfapx.exe" = C:\Program Files (x86)\AVG 10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" = C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files (x86)\AVG2012\avgmfapx.exe" = C:\Program Files (x86)\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe" = C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe:*:Enabled:CNET Download.com Installer -- (CNET Download.com)
"C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files (x86)\AVG2012\avgnsa.exe" = C:\Program Files (x86)\AVG2012\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgdiagex.exe" = C:\Program Files (x86)\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgemca.exe" = C:\Program Files (x86)\AVG2012\avgemca.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{44EBCA98-13BE-C362-44B1-DAA8637B457F}" = ATI Catalyst Install Manager
"{857B32C1-7C87-40B5-B2A5-D06F49B80002}" = AVG 2012
"{8A51974A-BC28-9DBD-1E7C-E26BC5801A0C}" = ATI Problem Report Wizard
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D82AB192-97D8-314A-E32A-C737007C44DF}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"9E140F48C9836B9B78539C08FB2B17146BDB3F65" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"AVG" = AVG 2012
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WMFDist11-64" = Windows Media Format 11 runtime
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{12C8210C-03E8-7BC1-EE7D-899FCB21952A}" = CCC Help Polish
"{16A606A9-23B7-66F1-B590-D88515DB834C}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{242EF09F-9015-8E7D-F859-7A26774710CB}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{3881A7DF-5C69-1B39-8B1A-B03B536F5D4B}" = CCC Help German
"{4483C7C9-71DC-6475-EE0E-A81853CE6F7E}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEBE989-DDBE-8B43-98B8-F905D21CBF67}" = CCC Help Thai
"{5685D9EE-AB7A-EBEB-9616-3256893946A1}" = CCC Help Czech
"{598654C2-2D78-755E-CE0E-9877AF9515D4}" = CCC Help Danish
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{6114165B-2D74-A070-7E0B-9916FFF272A5}" = CCC Help Turkish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C7F61CA-5235-5DEF-10A7-1A5E24179FA5}" = CCC Help Finnish
"{6F1C68EB-4705-0734-7DF2-E24C9189FE01}" = Skins
"{7BFAAD5C-D205-B9C8-240D-9F7B90377AD5}" = Catalyst Control Center Graphics Previews Common
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{892633C9-8E7A-EC40-5F5A-20474EA2B628}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96D86403-526D-D80C-45A0-95247BCA3A07}" = CCC Help Dutch
"{98F49D4B-E0E1-E62B-EECD-824A0938C395}" = CCC Help Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3071E80-EABB-331D-F04D-936EAA550AF3}" = CCC Help Spanish
"{A7A82233-F0EF-DB16-E2D4-C495B5697503}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AD7E3797-EA09-9574-2C28-40706167A168}" = CCC Help Korean
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B50EC7AF-DAD8-CC81-5637-0F082DA737A8}" = CCC Help Japanese
"{BF6DAEB2-C4CD-7D11-6823-6DB7204EAFC2}" = CCC Help Hungarian
"{BFFDBAB7-A2C3-18EB-34C4-D02DCA49871C}" = CCC Help Russian
"{CEE760C7-4EDC-D453-5060-1B1500FA9E75}" = CCC Help Swedish
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E186F8F5-BB0B-AEDD-42D4-D8F212AAE91E}" = CCC Help Norwegian
"{EC0B0F9B-1A7A-1ADC-A64D-D43B10891897}" = Catalyst Control Center
"{F06098DC-F984-719B-94E3-F498B3514C4D}" = CCC Help Greek
"{F6AE9AA9-82C0-CBA6-4E35-8D0739F563DD}" = CCC Help Portuguese
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD85732F-EB7D-5CF8-5DF9-E0FF381F3856}" = Catalyst Control Center Localization All
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.7.8 (17/04/2012) Qt
"ERUNT_is1" = ERUNT 1.1j
"FastStone Photo Resizer" = FastStone Photo Resizer 3.0
"Free DVD Decrypter_is1" = Free DVD Decrypter version 1.5.6.908
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
"SystemRequirementsLab" = System Requirements Lab
"Winamp" = Winamp
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/1/2012 9:12:11 AM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 7:32:04 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 7:41:31 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 9:17:27 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/2/2012 3:09:49 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/2/2012 9:50:49 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/3/2012 3:38:27 AM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/5/2012 8:44:08 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

Error - 6/5/2012 11:44:07 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

Error - 6/6/2012 2:44:05 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 6/13/2012 5:04:53 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 5:04:53 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:09:44 AM | Computer Name = FAM-PUTTER | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\PxHelp64.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be
found and Last Error was The referenced assembly is not installed on your system.


Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:10:09 AM | Computer Name = FAM-PUTTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHelp64

Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be
found and Last Error was The referenced assembly is not installed on your system.


Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .

< End of report >

Thanks again for you help...
 
And the OTL Extras logfile...

OTL Extras logfile created on: 6/13/2012 5:13:39 AM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\D J RAC\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 3.06 Gb Available Physical Memory | 81.74% Memory free
13.29 Gb Paging File | 12.75 Gb Available in Paging File | 95.94% Paging File free
Paging file location(s): c:\pagefile.sys 10000 10000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.75 Gb Total Space | 84.91 Gb Free Space | 18.23% Space Free | Partition Type: NTFS

Computer Name: FAM-PUTTER | User Name: D J RAC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Firefox 4 0 1\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\AVG 10\avgmfapx.exe" = C:\Program Files (x86)\AVG 10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" = C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files (x86)\AVG2012\avgmfapx.exe" = C:\Program Files (x86)\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe" = C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe:*:Enabled:CNET Download.com Installer -- (CNET Download.com)
"C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files (x86)\AVG2012\avgnsa.exe" = C:\Program Files (x86)\AVG2012\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgdiagex.exe" = C:\Program Files (x86)\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgemca.exe" = C:\Program Files (x86)\AVG2012\avgemca.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\AVG 10\avgmfapx.exe" = C:\Program Files (x86)\AVG 10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe" = C:\Program Files (x86)\WINamp Ver 5 6 1\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\D J RAC\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files (x86)\AVG2012\avgmfapx.exe" = C:\Program Files (x86)\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe" = C:\Documents and Settings\D J RAC\Desktop\Always On Top\Chameleon Win Mngr Lite Ver 1 1 0 131.exe:*:Enabled:CNET Download.com Installer -- (CNET Download.com)
"C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files (x86)\AVG2012\avgnsa.exe" = C:\Program Files (x86)\AVG2012\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgdiagex.exe" = C:\Program Files (x86)\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG2012\avgemca.exe" = C:\Program Files (x86)\AVG2012\avgemca.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{44EBCA98-13BE-C362-44B1-DAA8637B457F}" = ATI Catalyst Install Manager
"{857B32C1-7C87-40B5-B2A5-D06F49B80002}" = AVG 2012
"{8A51974A-BC28-9DBD-1E7C-E26BC5801A0C}" = ATI Problem Report Wizard
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D82AB192-97D8-314A-E32A-C737007C44DF}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"9E140F48C9836B9B78539C08FB2B17146BDB3F65" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"AVG" = AVG 2012
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WMFDist11-64" = Windows Media Format 11 runtime
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{12C8210C-03E8-7BC1-EE7D-899FCB21952A}" = CCC Help Polish
"{16A606A9-23B7-66F1-B590-D88515DB834C}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{242EF09F-9015-8E7D-F859-7A26774710CB}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{3881A7DF-5C69-1B39-8B1A-B03B536F5D4B}" = CCC Help German
"{4483C7C9-71DC-6475-EE0E-A81853CE6F7E}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEBE989-DDBE-8B43-98B8-F905D21CBF67}" = CCC Help Thai
"{5685D9EE-AB7A-EBEB-9616-3256893946A1}" = CCC Help Czech
"{598654C2-2D78-755E-CE0E-9877AF9515D4}" = CCC Help Danish
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{6114165B-2D74-A070-7E0B-9916FFF272A5}" = CCC Help Turkish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C7F61CA-5235-5DEF-10A7-1A5E24179FA5}" = CCC Help Finnish
"{6F1C68EB-4705-0734-7DF2-E24C9189FE01}" = Skins
"{7BFAAD5C-D205-B9C8-240D-9F7B90377AD5}" = Catalyst Control Center Graphics Previews Common
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{892633C9-8E7A-EC40-5F5A-20474EA2B628}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96D86403-526D-D80C-45A0-95247BCA3A07}" = CCC Help Dutch
"{98F49D4B-E0E1-E62B-EECD-824A0938C395}" = CCC Help Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3071E80-EABB-331D-F04D-936EAA550AF3}" = CCC Help Spanish
"{A7A82233-F0EF-DB16-E2D4-C495B5697503}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AD7E3797-EA09-9574-2C28-40706167A168}" = CCC Help Korean
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B50EC7AF-DAD8-CC81-5637-0F082DA737A8}" = CCC Help Japanese
"{BF6DAEB2-C4CD-7D11-6823-6DB7204EAFC2}" = CCC Help Hungarian
"{BFFDBAB7-A2C3-18EB-34C4-D02DCA49871C}" = CCC Help Russian
"{CEE760C7-4EDC-D453-5060-1B1500FA9E75}" = CCC Help Swedish
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E186F8F5-BB0B-AEDD-42D4-D8F212AAE91E}" = CCC Help Norwegian
"{EC0B0F9B-1A7A-1ADC-A64D-D43B10891897}" = Catalyst Control Center
"{F06098DC-F984-719B-94E3-F498B3514C4D}" = CCC Help Greek
"{F6AE9AA9-82C0-CBA6-4E35-8D0739F563DD}" = CCC Help Portuguese
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD85732F-EB7D-5CF8-5DF9-E0FF381F3856}" = Catalyst Control Center Localization All
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.7.8 (17/04/2012) Qt
"ERUNT_is1" = ERUNT 1.1j
"FastStone Photo Resizer" = FastStone Photo Resizer 3.0
"Free DVD Decrypter_is1" = Free DVD Decrypter version 1.5.6.908
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
"SystemRequirementsLab" = System Requirements Lab
"Winamp" = Winamp
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-334292207-2319730254-1780565897-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/1/2012 9:12:11 AM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 7:32:04 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 7:41:31 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/1/2012 9:17:27 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/2/2012 3:09:49 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/2/2012 9:50:49 PM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/3/2012 3:38:27 AM | Computer Name = FAM-PUTTER | Source = JavaQuickStarterService | ID = 1
Description =

Error - 6/5/2012 8:44:08 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

Error - 6/5/2012 11:44:07 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

Error - 6/6/2012 2:44:05 PM | Computer Name = FAM-PUTTER | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 6/13/2012 5:04:53 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 5:04:53 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:09:44 AM | Computer Name = FAM-PUTTER | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\PxHelp64.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be
found and Last Error was The referenced assembly is not installed on your system.


Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:09:57 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:10:09 AM | Computer Name = FAM-PUTTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PxHelp64

Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.Windows.Common-Controls could not be
found and Last Error was The referenced assembly is not installed on your system.


Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference
error message: The referenced assembly is not installed on your system. .

Error - 6/13/2012 7:10:16 AM | Computer Name = FAM-PUTTER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe.
Reference
error message: The referenced assembly is not installed on your system. .


< End of report >

Thanks again for your help...
 
Lets see what aswMBR finds.

In the meantime OTL did not find a hosts file and this could be part of your problem, this fix will restore it and also clean out all the junk in your temp folders and such.


Open OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    Code: 
    :processes
killallprocesses

:OTL

:Services

:Reg

:Files
ipconfig /flushdns /c


:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top. <--Not run Scan
  • Let the program run unhindered, reboot when it is done
  • Then post the results of the log it produces.
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
 
aswMBR - after running fix

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-14 12:59:14
-----------------------------
12:59:14.875 OS Version: Windows x64 5.2.3790 Service Pack 2
12:59:14.875 Number of processors: 2 586 0x2B01
12:59:14.890 ComputerName: FAM-PUTTER UserName: D J RAC
12:59:16.625 Initialize success
12:59:29.171 AVAST engine defs: 12061400
12:59:36.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
12:59:36.421 Disk 0 Vendor: WDC_WD5000AAKB-00H8A0 05.04E05 Size: 476940MB BusType: 3
12:59:36.453 Disk 0 MBR read successfully
12:59:36.453 Disk 0 MBR scan
12:59:36.515 Disk 0 Windows XP default MBR code
12:59:36.515 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
12:59:36.578 Disk 0 scanning C:\WINDOWS\system32\drivers
12:59:49.828 Service scanning
13:00:16.890 Modules scanning
13:00:16.890 Disk 0 trace - called modules:
13:00:16.906 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS hal.dll
13:00:16.921 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffadfa273f060]
13:00:16.921 3 CLASSPNP.SYS[fffffadf9740a8c9] -> nt!IofCallDriver -> \Device\00000066[0xfffffadfa2cc0a00]
13:00:16.937 5 ACPI.sys[fffffadf975a9e69] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0xfffffadfa24abc30]
13:00:18.796 AVAST engine scan C:\
17:41:32.734 Scan finished successfully
18:28:08.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\D J RAC\Desktop\MBR.dat"
18:28:08.765 The log file has been saved successfully to "C:\Documents and Settings\D J RAC\Desktop\01 aswMBR.txt"
 
Otl

All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\D J RAC\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\D J RAC\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: D J RAC
->Temp folder emptied: 2632417 bytes
->Temporary Internet Files folder emptied: 884870 bytes
->Java cache emptied: 27951 bytes
->FireFox cache emptied: 49180541 bytes
->Google Chrome cache emptied: 6193725 bytes
->Flash cache emptied: 993 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33651 bytes

User: Lety
->Temp folder emptied: 1166430 bytes
->Temporary Internet Files folder emptied: 1581858 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 139895736 bytes
->Flash cache emptied: 1875 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Prisci & Vane
->Temp folder emptied: 2999128 bytes
->Temporary Internet Files folder emptied: 375970 bytes
->Java cache emptied: 189425 bytes
->FireFox cache emptied: 267238895 bytes
->Google Chrome cache emptied: 379094005 bytes
->Flash cache emptied: 28625 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12102161 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 824.00 mb

OTL by OldTimer - Version 3.2.48.0 log created on 06142012_113957

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
New OTL...

OTL logfile created on: 6/14/2012 6:30:18 PM - Run 2
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Documents and Settings\D J RAC\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 74.33% Memory free
13.29 Gb Paging File | 12.51 Gb Available in Paging File | 94.13% Paging File free
Paging file location(s): c:\pagefile.sys 10000 10000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.75 Gb Total Space | 85.54 Gb Free Space | 18.37% Space Free | Partition Type: NTFS

Computer Name: FAM-PUTTER | User Name: D J RAC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\D J RAC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files (x86)\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files (x86)\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()

========== Win32 Services (SafeList) ==========

SRV - (vToolbarUpdater11.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
SRV - (JavaQuickStarterService) -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (vToolbarUpdater) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (APC UPS Service) -- C:\Program Files (x86)\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

========== Driver Services (SafeList) ==========

DRV - (DrvAgent64) -- C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (BIOS) -- C:\WINDOWS\SysWOW64\Drivers\BIOS64.sys (BIOSTAR Group)
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
DRV - (Winsock) -- C:\WINDOWS\SysWow64\winsock.dll (Microsoft Corporation)
DRV - (PxHelp64) -- C:\WINDOWS\SysWOW64\Drivers\pxhelp64.sys (Sonic Solutions)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {9B9DB46E-1D45-4CF6-8145-BB8C8DB9A2E5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{30BC77FE-4B53-41DD-9969-75CC51DDB96C}: "URL" = http://search.avg.com/route/?d=4dbb5d33&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={41691B8C-AB8D-4A20-8E6D-E0B17D6AAB59}&mid=42c70532a4de47d1a444d1a90bf8bb87-8d758629d5135f4470f57152dc116841b6490bd7&lang=en&ds=AVG&pr=fr&d=2011-12-19 10:01:31&v=9.0.0.21&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9B9DB46E-1D45-4CF6-8145-BB8C8DB9A2E5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com&lang=en&seamless=novl&offerId=newmail-en-us-v2&authLev=0&siteState=ver%3A4%7Crt%3ASTANDARD%7Cat%3ASNS%7Cld%3Amail.aol.com%7Cuv%3AAOL%7Clc%3Aen-us%7Cmt%3AANGELIA%7Csnt%3AScreenName%7Csid%3A860c879f-cfa2-4481-8a7b-abebafec9ff8&locale=us"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG2012\Firefox4\ [2012/05/29 14:17:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [2012/06/12 01:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG2012\Firefox\DoNotTrack\ [2012/05/16 02:24:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Firefox 4 0 1\components [2011/08/21 13:42:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Firefox 4 0 1\plugins [2012/06/03 01:38:27 | 000,000,000 | ---D | M]

[2011/04/29 22:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Extensions
[2012/04/07 17:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions
[2012/01/24 08:50:55 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/04/07 17:15:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\D J RAC\Application Data\Mozilla\Firefox\Profiles\6c58iex6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/04/29 12:05:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\11.0.0.9
[2012/01/24 08:50:52 | 000,031,123 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\D J RAC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\6C58IEX6.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
[2012/05/16 02:24:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG2012\FIREFOX\DONOTTRACK
[2012/05/29 14:17:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG2012\FIREFOX4

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Firefox 4 0 1\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Firefox 4 0 1\plugins\npwachk.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
O4:64bit: - HKLM..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login File not found
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD RADEON HD 6450\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files (x86)\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 1 6 2\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304050829321 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1304233757796 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\WINDOWS\Soap Bubbles.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Soap Bubbles.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/28 06:43:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell - "" = AutoRun
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d00ce060-8360-11e0-8e77-00e04d1c5274}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3af2fff-75ae-11e0-942b-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\splash.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 180 Days ==========

[2012/06/14 11:39:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/13 03:12:39 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\D J RAC\Desktop\OTL.exe
[2012/06/12 01:12:37 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\D J RAC\Desktop\aswMBR.exe
[2012/06/11 01:09:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\D J RAC\Recent
[2012/06/06 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVD Shrink ver 3 2 0 15
[2012/06/06 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2012/06/06 10:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink ver 3 2 0 15
[2012/06/03 23:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Sun
[2012/06/03 01:39:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/06/03 01:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/03 01:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Oracle
[2012/06/03 01:38:28 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javacpl.cpl
[2012/06/03 01:38:27 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2012/06/03 01:38:27 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2012/06/03 01:37:44 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2012/06/03 01:37:44 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2012/06/02 19:50:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/06/02 00:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/06/02 00:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/06/02 00:34:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\spybot progs
[2012/05/29 14:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/05/25 14:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis
[2012/05/25 14:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HijackThis 2 0 2
[2012/05/17 14:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\spotify cache
[2012/05/15 03:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Unity
[2012/05/15 01:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Unity
[2012/05/14 01:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab HD Decrypter 8 1 7 8 Qt
[2012/05/14 01:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab HD Decrypter 8 1 7 8 Qt
[2012/05/12 01:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2012/05/09 08:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Spotify
[2012/05/09 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\Spotify
[2012/04/30 03:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\AVG Secure Search
[2012/04/19 01:11:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\pics software
[2012/04/10 02:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2012/04/10 02:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/10 02:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Google
[2012/04/01 22:40:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/03/23 00:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Facebook
[2012/03/14 11:20:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\Identities
[2012/03/12 20:41:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\D J RAC\My Documents\My Data Sources
[2012/03/09 19:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\dvdfab
[2012/03/09 19:47:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab HD Decrypter 8 1 6 3
[2012/03/09 19:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab HD Decrypter 8 1 6 3
[2012/03/07 19:08:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2012/03/07 19:08:42 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2012/03/07 02:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/02/28 22:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/02/28 22:09:02 | 000,086,683 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\SysWow64\pthreadGC2.dll
[2012/02/28 22:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AoA Audio Extractor 2 2 8
[2012/02/28 22:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AoA Audio Extractor 2 2 8
[2012/02/16 23:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012/02/16 23:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/02/10 02:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\cpuz 151
[2012/01/29 19:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\My Documents\Chameleon files
[2012/01/25 21:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\Always On Top
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\ATI
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\ATI
[2012/01/25 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2012/01/25 18:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/01/25 18:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2012/01/25 18:29:15 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalrt.dll
[2012/01/25 18:29:14 | 004,669,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticaldd.dll
[2012/01/25 18:29:14 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll
[2012/01/25 18:29:14 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll
[2012/01/25 18:29:10 | 017,444,864 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atioglxx.dll
[2012/01/25 18:29:09 | 000,200,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll
[2012/01/25 18:29:09 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalcl.dll
[2012/01/25 18:29:07 | 000,212,992 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\SysWow64\atipdlxx.dll
[2012/01/25 18:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD RADEON HD 6450
[2012/01/25 18:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/01/25 18:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD RADEON HD 6450
[2012/01/21 02:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\External
[2012/01/20 02:25:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\D J RAC\My Documents\My Videos
[2012/01/19 13:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\cache
[2012/01/16 13:07:08 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\SysWow64\drivers\DrvAgent64.SYS
[2012/01/16 13:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\eSupport.com
[2012/01/15 14:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2012/01/15 14:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner 3 14 1616
[2011/12/31 20:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\2gb from letys cell
[2011/12/24 15:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Desktop\from camara
[2011/12/23 01:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\drivers\AVG
[2011/12/19 11:01:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\AVG Secure Search
[2011/12/19 11:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/12/19 11:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2011/12/19 11:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2011/12/19 10:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\D J RAC\Application Data\AVG2012
[2011/12/19 10:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/12/19 10:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG2012

========== Files - Modified Within 180 Days ==========

[2012/06/14 18:28:08 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\MBR.dat
[2012/06/14 18:25:11 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/14 15:44:12 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002UA.job
[2012/06/14 12:12:56 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/14 12:12:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/14 11:39:50 | 001,644,918 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\untitled.bmp
[2012/06/13 03:12:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\D J RAC\Desktop\OTL.exe
[2012/06/12 01:13:08 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\D J RAC\Desktop\aswMBR.exe
[2012/06/11 00:44:01 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002Core.job
[2012/06/10 01:16:58 | 001,067,062 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\vaca.bmp
[2012/06/06 10:20:15 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Shrink 3.2.lnk
[2012/06/04 19:27:02 | 000,000,137 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\DVD-CD X.lnk
[2012/06/03 01:37:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2012/06/03 01:37:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2012/06/02 20:09:34 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/06/02 00:39:50 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/02 00:39:44 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk
[2012/05/27 17:00:49 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/27 02:45:26 | 003,037,982 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\HP Pavilion dv7t Quad Edition customizable Notebook PC.bmp
[2012/05/25 18:59:21 | 000,000,026 | ---- | M] () -- C:\Documents and Settings\D J RAC\My Documents\Default.PLS
[2012/05/25 14:56:23 | 000,001,688 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\HijackThis.lnk
[2012/05/20 18:37:14 | 000,001,927 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\Google Chrome.lnk
[2012/05/14 01:30:57 | 000,000,884 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab HD Decrypter 8 1 7 8 Qt.lnk
[2012/05/12 10:54:02 | 000,593,378 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/05/09 09:02:17 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Spotify.lnk
[2012/04/19 01:03:58 | 000,177,639 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.jpg
[2012/04/19 00:12:21 | 024,253,890 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.bmp
[2012/04/18 23:54:24 | 060,000,054 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\javana.bmp
[2012/04/10 02:24:51 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/04 18:47:36 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javacpl.cpl
[2012/04/04 18:47:24 | 000,227,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2012/04/04 18:47:08 | 000,772,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2012/04/04 18:47:02 | 000,687,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll
[2012/04/01 22:40:01 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/03/29 07:43:18 | 001,176,438 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\laptop program files.bmp
[2012/03/09 19:57:53 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab Profile Editor.lnk
[2012/03/07 19:08:42 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2012/03/07 19:08:42 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2012/03/07 19:08:42 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2012/03/07 19:08:42 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2012/03/07 19:08:42 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ie4uinit.exe
[2012/03/07 19:08:42 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2012/03/07 19:08:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2012/03/07 19:08:42 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2012/02/28 22:24:51 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AoA Audio Extractor.lnk
[2012/02/06 19:23:50 | 072,166,876 | ---- | M] () -- C:\Documents and Settings\D J RAC\Desktop\Madonna ~ Halftime Super Bowl XLVI.mp4
[2012/01/25 18:37:46 | 000,007,792 | ---- | M] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2012/01/25 18:29:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012/01/16 13:07:08 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\SysWow64\drivers\DrvAgent64.SYS
[2012/01/15 14:38:26 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner 3 14 1616.lnk
[2011/12/23 01:31:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\AVG\incavi.avm
[2011/12/23 01:31:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\AVG\iavichjw.avm
[2011/12/19 12:47:34 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2012.lnk

========== Files Created - No Company Name ==========

[2012/06/14 18:28:08 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\MBR.dat
[2012/06/14 11:39:50 | 001,644,918 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\untitled.bmp
[2012/06/10 01:16:58 | 001,067,062 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\vaca.bmp
[2012/06/06 10:20:15 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Shrink 3.2.lnk
[2012/06/02 00:39:50 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/02 00:39:44 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk
[2012/05/27 02:43:13 | 003,037,982 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\HP Pavilion dv7t Quad Edition customizable Notebook PC.bmp
[2012/05/25 14:56:23 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\HijackThis.lnk
[2012/05/14 01:30:57 | 000,000,884 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab HD Decrypter 8 1 7 8 Qt.lnk
[2012/05/09 09:02:17 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Spotify.lnk
[2012/05/09 08:51:19 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\D J RAC\Start Menu\Programs\Spotify.lnk
[2012/04/19 00:33:03 | 000,177,639 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.jpg
[2012/04/19 00:11:36 | 024,253,890 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana 01.bmp
[2012/04/18 23:54:23 | 060,000,054 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\javana.bmp
[2012/04/10 02:24:51 | 000,001,927 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\Google Chrome.lnk
[2012/04/10 02:24:51 | 000,001,845 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/10 02:20:46 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/10 02:20:45 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/01 22:40:01 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/03/29 07:43:18 | 001,176,438 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\laptop program files.bmp
[2012/03/23 00:39:28 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002UA.job
[2012/03/23 00:39:28 | 000,000,984 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-334292207-2319730254-1780565897-1002Core.job
[2012/03/09 19:57:53 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\DVDFab Profile Editor.lnk
[2012/02/28 22:24:51 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AoA Audio Extractor.lnk
[2012/02/06 19:08:04 | 072,166,876 | ---- | C] () -- C:\Documents and Settings\D J RAC\Desktop\Madonna ~ Halftime Super Bowl XLVI.mp4
[2012/01/25 18:37:46 | 000,007,792 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2012/01/25 18:29:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/01/25 18:29:42 | 000,030,831 | R--- | C] () -- C:\WINDOWS\atiogl.xml
[2012/01/16 13:34:30 | 000,000,921 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/01/15 14:38:26 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner 3 14 1616.lnk
[2011/12/24 15:08:44 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\D J RAC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/23 01:31:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AVG\incavi.avm
[2011/12/23 01:31:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AVG\iavichjw.avm
[2011/12/19 12:47:34 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\D J RAC\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2012.lnk
[2011/05/06 19:20:31 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/05/06 19:20:31 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011/04/30 23:55:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/04/29 22:57:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/04/29 14:52:03 | 000,593,378 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2011/04/28 08:20:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\SysWow64\ChCfg.exe
[2011/04/28 08:20:26 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\RtlCPAPI.dll
[2011/04/28 08:20:25 | 000,037,376 | ---- | C] () -- C:\WINDOWS\CPLUtl64.exe
[2011/04/28 06:48:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/04/27 22:48:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5547042D
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE

< End of report >
 
Hey,

There is a rash of infections going around now that infect your Master Boot Record, these are the files that boot your computer , they cause redirects and all sorts of problems, but the log from aswMBR looks fine so we dont have any issues in that department.

OTL has restored your Hosts file, how are things running now ?
 
: - (...

Its slower than ever... It took almost 5 minutes from the moment that I pressed the power button till I got to the log in page, and another 5 or 6 minutes after I typed my password till I could use it...

Any ideas?...
 
Let me ask you a few things, how old is this computer ? Prior to your FB account being hacked was it booting up normally ? Have you installed or uninstalled any new hardware or software prior to this happening ?


Lets run another tool to check for a different type of rootkit

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
 
Hello again & thanks...

In answer to your questions:

The compuer is about 6 or 7 years old... Im saving to buy a laptop replacement...

Prior to the hacking of my facebook acct it was booting up what I always tought real fast in comparison to what I have seen in other computers, about 2 or 3 minutes...

Before that, I installed a new gpu, about 3 weeks before all these started with its software...

I ran the ""TDSSKiller"" & it gave me a ""No Threats found"" message...

I found on the same folder a txt file named ""immudebug.log"" its 116 463 KB in size, to me its kind of big for that type of file, what do you think is it safe? is it supposed to be there?...

Here is the log:


16:45:31.0640 1696 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
16:45:32.0515 1696 ============================================================
16:45:32.0515 1696 Current date / time: 2012/06/15 16:45:32.0515
16:45:32.0515 1696 SystemInfo:
16:45:32.0515 1696
16:45:32.0515 1696 OS Version: 5.2.3790 ServicePack: 2.0
16:45:32.0515 1696 Product type: Workstation
16:45:32.0515 1696 ComputerName: FAM-PUTTER
16:45:32.0515 1696 UserName: D J RAC
16:45:32.0515 1696 Windows directory: C:\WINDOWS
16:45:32.0515 1696 System windows directory: C:\WINDOWS
16:45:32.0515 1696 Running under WOW64
16:45:32.0515 1696 Processor architecture: Intel x64
16:45:32.0515 1696 Number of processors: 2
16:45:32.0515 1696 Page size: 0x1000
16:45:32.0515 1696 Boot type: Normal boot
16:45:32.0515 1696 ============================================================
16:45:33.0750 1696 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
16:45:33.0828 1696 ============================================================
16:45:33.0828 1696 \Device\Harddisk0\DR0:
16:45:33.0828 1696 MBR partitions:
16:45:33.0828 1696 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
16:45:33.0828 1696 ============================================================
16:45:33.0859 1696 C: <-> \Device\Harddisk0\DR0\Partition0
16:45:33.0859 1696 ============================================================
16:45:33.0859 1696 Initialize success
16:45:33.0859 1696 ============================================================
16:45:41.0906 1508 ============================================================
16:45:41.0906 1508 Scan started
16:45:41.0906 1508 Mode: Manual;
16:45:41.0906 1508 ============================================================
16:45:42.0296 1508 Abiosdsk - ok
16:45:42.0359 1508 ACPI (0cc42d1fb637112de6f6196ddaf83dec) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:45:42.0375 1508 ACPI - ok
16:45:42.0406 1508 ACPIEC (a4d4f508bc6613442b0c32cde443e382) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:45:42.0406 1508 ACPIEC - ok
16:45:42.0406 1508 adpu160m - ok
16:45:42.0421 1508 adpu320 - ok
16:45:42.0468 1508 aec (92500bc3a6e241bbc357f532dd500a75) C:\WINDOWS\system32\drivers\aec.sys
16:45:42.0484 1508 aec - ok
16:45:42.0531 1508 AeLookupSvc (ac7010dde9111a1c65d7391ada5c7257) C:\WINDOWS\System32\aelupsvc.dll
16:45:42.0531 1508 AeLookupSvc - ok
16:45:42.0593 1508 AFD (886c37d055020d0d02c35ac5b84e76ab) C:\WINDOWS\System32\drivers\afd.sys
16:45:42.0609 1508 AFD - ok
16:45:42.0609 1508 aic78u2 - ok
16:45:42.0625 1508 aic78xx - ok
16:45:42.0890 1508 ALCXWDM (e355c9e7d0bd98c4d6356a2b61daadec) C:\WINDOWS\system32\drivers\ALCWDM64.SYS
16:45:42.0921 1508 ALCXWDM - ok
16:45:42.0984 1508 Alerter (afa2cf7cb731ca177cccffffe5d88776) C:\WINDOWS\system32\alrsvc.dll
16:45:42.0984 1508 Alerter - ok
16:45:43.0015 1508 ALG (2d21ff6d4cd30e679f1a294d5ba3d97b) C:\WINDOWS\System32\alg.exe
16:45:43.0015 1508 ALG - ok
16:45:43.0031 1508 AliIde - ok
16:45:43.0046 1508 AmdIde - ok
16:45:43.0062 1508 AmdK8 (2540324c0c4dfca1d942050fbda55c92) C:\WINDOWS\system32\DRIVERS\amdk8.sys
16:45:43.0062 1508 AmdK8 - ok
16:45:43.0203 1508 APC UPS Service (29deb59de57ea97553b1566f04b39d11) C:\Program Files (x86)\APC PowerChute Personal Edition\mainserv.exe
16:45:43.0203 1508 APC UPS Service - ok
16:45:43.0265 1508 AppMgmt (4f6b2de8bc199c542f174844bb64485a) C:\WINDOWS\System32\appmgmts.dll
16:45:43.0265 1508 AppMgmt - ok
16:45:43.0281 1508 arc - ok
16:45:43.0390 1508 aspnet_state (f9f0f095586009e5da0c32e648aa99fa) C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
16:45:43.0390 1508 aspnet_state - ok
16:45:43.0421 1508 AsyncMac (7380acdd2d8e6621392e56d9a0467fe4) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:45:43.0421 1508 AsyncMac - ok
16:45:43.0484 1508 atapi (7a1814d0d112f50f828e25557a1ed29f) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:45:43.0484 1508 atapi - ok
16:45:43.0484 1508 Atdisk - ok
16:45:43.0609 1508 Ati HotKey Poller (0dad7395184b8c7abc9f596fd0af9704) C:\WINDOWS\system32\Ati2evxx.exe
16:45:43.0625 1508 Ati HotKey Poller - ok
16:45:44.0218 1508 ati2mtag (b73ddb154e45d4a0ae8f91a5b490fd5f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:45:44.0296 1508 ati2mtag - ok
16:45:44.0406 1508 AtiHDAudioService (c208e4fdaa9d05215b438b879dd449fa) C:\WINDOWS\system32\drivers\AtihdXP6.sys
16:45:44.0406 1508 AtiHDAudioService - ok
16:45:44.0468 1508 Atmarpc (62d65fce5695b53a2ddf92e83111ea06) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:45:44.0468 1508 Atmarpc - ok
16:45:44.0515 1508 AudioSrv (0da015ab1ee54988572cfc4b7644556a) C:\WINDOWS\System32\audiosrv.dll
16:45:44.0515 1508 AudioSrv - ok
16:45:44.0562 1508 audstub (1437089f59dba75fee4ed959077a938e) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:45:44.0562 1508 audstub - ok
16:45:44.0609 1508 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\WINDOWS\system32\DRIVERS\avgidsha.sys
16:45:44.0609 1508 AVGIDSHA - ok
16:45:44.0671 1508 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\WINDOWS\system32\DRIVERS\avgldx64.sys
16:45:44.0687 1508 Avgldx64 - ok
16:45:44.0703 1508 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
16:45:44.0703 1508 Avgmfx64 - ok
16:45:44.0734 1508 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
16:45:44.0734 1508 Avgrkx64 - ok
16:45:44.0796 1508 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\WINDOWS\system32\DRIVERS\avgtdia.sys
16:45:44.0796 1508 Avgtdia - ok
16:45:44.0906 1508 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG2012\avgwdsvc.exe
16:45:44.0906 1508 avgwd - ok
16:45:44.0953 1508 Beep (8ba2e5cdfde406dc4646afb894804844) C:\WINDOWS\system32\drivers\Beep.sys
16:45:44.0953 1508 Beep - ok
16:45:44.0984 1508 BIOS (00cadb1bc2d0030f0b2a1063618b6bd7) C:\WINDOWS\system32\drivers\BIOS64.sys
16:45:44.0984 1508 BIOS - ok
16:45:45.0046 1508 BITS (749c15323919984a6e08bad427d89936) C:\WINDOWS\system32\qmgr.dll
16:45:45.0046 1508 BITS - ok
16:45:45.0125 1508 Browser (3a8e1df1a159df863af4e5b84019a2bc) C:\WINDOWS\System32\browser.dll
16:45:45.0125 1508 Browser - ok
16:45:45.0171 1508 CdaC15BA (982563cf02cd6d4e5d8e0f4b5cbb9b6a) C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys
16:45:45.0171 1508 CdaC15BA - ok
16:45:45.0187 1508 CdaD10BA (9067d96899d98ca4535a76e8c8b2e3a5) C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys
16:45:45.0187 1508 CdaD10BA - ok
16:45:45.0203 1508 Cdfs (4d99e36322fb51a8d1b2b6d6b69d9889) C:\WINDOWS\system32\drivers\Cdfs.sys
16:45:45.0218 1508 Cdfs - ok
16:45:45.0265 1508 Cdrom (11663fe50e499ffee77979542b285f38) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:45:45.0265 1508 Cdrom - ok
16:45:45.0265 1508 Changer - ok
16:45:45.0296 1508 CiSvc (46c54f209031afa0f100d0703fc346da) C:\WINDOWS\system32\cisvc.exe
16:45:45.0296 1508 CiSvc - ok
16:45:45.0328 1508 ClipSrv (74f11d0323666d9f615a2d3692590122) C:\WINDOWS\system32\clipsrv.exe
16:45:45.0328 1508 ClipSrv - ok
16:45:45.0421 1508 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:45.0437 1508 clr_optimization_v2.0.50727_32 - ok
16:45:45.0515 1508 clr_optimization_v2.0.50727_64 (fa58b51ed71c9133e141164eaa7c54eb) c:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:45.0515 1508 clr_optimization_v2.0.50727_64 - ok
16:45:45.0593 1508 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:45.0593 1508 clr_optimization_v4.0.30319_32 - ok
16:45:45.0640 1508 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:45.0640 1508 clr_optimization_v4.0.30319_64 - ok
16:45:45.0656 1508 CmdIde - ok
16:45:45.0671 1508 Compbatt (35f6977863f97d80d3e30f8ff0c293a4) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:45:45.0671 1508 Compbatt - ok
16:45:45.0671 1508 COMSysApp - ok
16:45:45.0734 1508 crcdisk (423f7a6e3af4c2a73c8c8ad945f72cba) C:\WINDOWS\system32\DRIVERS\crcdisk.sys
16:45:45.0734 1508 crcdisk - ok
16:45:45.0796 1508 CryptSvc (8b0b3744c60936acae31012799db3982) C:\WINDOWS\System32\cryptsvc.dll
16:45:45.0796 1508 CryptSvc - ok
16:45:45.0906 1508 DcomLaunch (a6130365606f3d6332b014fc3da931aa) C:\WINDOWS\system32\rpcss.dll
16:45:45.0921 1508 DcomLaunch - ok
16:45:45.0953 1508 Dhcp (de4c841dda8d5800515a5ca908580a36) C:\WINDOWS\System32\dhcpcsvc.dll
16:45:45.0968 1508 Dhcp - ok
16:45:45.0968 1508 Disk (417d7b9c6f36685a417e54690f8bd7b2) C:\WINDOWS\system32\DRIVERS\disk.sys
16:45:45.0984 1508 Disk - ok
16:45:45.0984 1508 dmadmin - ok
16:45:46.0046 1508 dmboot (19d704c92c2e2bd4dc99db18a3523918) C:\WINDOWS\system32\drivers\dmboot.sys
16:45:46.0046 1508 dmboot - ok
16:45:46.0093 1508 dmio (b293ce1c9243219f6b9e5dbcaa75b962) C:\WINDOWS\system32\drivers\dmio.sys
16:45:46.0093 1508 dmio - ok
16:45:46.0125 1508 dmload (c294e31d6cb7407a43c96ec1fec1f8a4) C:\WINDOWS\system32\drivers\dmload.sys
16:45:46.0125 1508 dmload - ok
16:45:46.0156 1508 dmserver (76f7e7922f428be040f800920bb8ff3b) C:\WINDOWS\System32\dmserver.dll
16:45:46.0171 1508 dmserver - ok
16:45:46.0203 1508 Dnscache (19c1612c4f5d828935d2270c7af13e6e) C:\WINDOWS\System32\dnsrslvr.dll
16:45:46.0203 1508 Dnscache - ok
16:45:46.0203 1508 dpti2o - ok
16:45:46.0281 1508 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
16:45:46.0281 1508 DrvAgent64 - ok
16:45:46.0296 1508 ERSvc (b063a36e4e027a9dbe2b019ebbbeae86) C:\WINDOWS\System32\ersvc.dll
16:45:46.0296 1508 ERSvc - ok
16:45:46.0343 1508 Eventlog (1e07ee3f50dff2fe9b0a9d196e82698f) C:\WINDOWS\system32\services.exe
16:45:46.0343 1508 Eventlog - ok
16:45:46.0406 1508 EventSystem (cdef30a1dcffcaf6a4e8b7812ae79c95) C:\WINDOWS\system32\es.dll
16:45:46.0406 1508 EventSystem - ok
16:45:46.0453 1508 Fastfat (7c713b9f6f968f135d3d819492882cdd) C:\WINDOWS\system32\drivers\Fastfat.sys
16:45:46.0453 1508 Fastfat - ok
16:45:46.0515 1508 Fdc (7e35d423ff10ab5b8af1d3de86236690) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:45:46.0515 1508 Fdc - ok
16:45:46.0531 1508 Fips (73ea9000f8fb2e060954eb7c3377a3c7) C:\WINDOWS\system32\drivers\Fips.sys
16:45:46.0531 1508 Fips - ok
16:45:46.0546 1508 Flpydisk (8ac77974378eac3548330951a5deeebf) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:45:46.0546 1508 Flpydisk - ok
16:45:46.0578 1508 FltMgr (087db260f98056ac40261acae4240882) C:\WINDOWS\system32\drivers\fltmgr.sys
16:45:46.0578 1508 FltMgr - ok
16:45:46.0656 1508 FontCache3.0.0.0 (8a4dcd28d2be12946f6d5d308b0942a6) c:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
16:45:46.0671 1508 FontCache3.0.0.0 - ok
16:45:46.0671 1508 Fs_Rec (70df80567a55a97894b4e8952ec5e7fc) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:45:46.0671 1508 Fs_Rec - ok
16:45:46.0703 1508 Ftdisk (e90aa7c073519dd8571670818cb85ccb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:45:46.0703 1508 Ftdisk - ok
16:45:46.0734 1508 Gpc (865d4d0b4e3730ef8040000cfb846d9f) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:45:46.0734 1508 Gpc - ok
16:45:46.0859 1508 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:46.0875 1508 gupdate - ok
16:45:46.0875 1508 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:46.0875 1508 gupdatem - ok
16:45:46.0937 1508 HDAudBus (d36e47728cdbc8d17a77d36a6cbc29bb) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:45:46.0937 1508 HDAudBus - ok
16:45:47.0031 1508 helpsvc (40e274b64843813a81c42687592339d7) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:45:47.0031 1508 helpsvc - ok
16:45:47.0046 1508 HidBatt (ddd74d94d018bcb66ca31e4533925695) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
16:45:47.0046 1508 HidBatt - ok
16:45:47.0093 1508 HidServ (9648ad494be12b39acc2db638e2340a0) C:\WINDOWS\System32\hidserv.dll
16:45:47.0093 1508 HidServ - ok
16:45:47.0109 1508 hidusb (f32bec5614a61bbb2bede070d279f88b) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:45:47.0109 1508 hidusb - ok
16:45:47.0187 1508 HTTP (b54738df11d0e06072bf9c332db1d254) C:\WINDOWS\system32\Drivers\HTTP.sys
16:45:47.0203 1508 HTTP - ok
16:45:47.0218 1508 HTTPFilter (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\System32\lsass.exe
16:45:47.0218 1508 HTTPFilter - ok
16:45:47.0234 1508 i2omgmt - ok
16:45:47.0250 1508 i8042prt (50fd608643d9b56c4c75c0784513f77e) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:45:47.0250 1508 i8042prt - ok
16:45:47.0312 1508 IASJet - ok
16:45:47.0421 1508 idsvc (501cf65702d7f64c38db360f7eb07adc) c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:45:47.0437 1508 idsvc - ok
16:45:47.0437 1508 iirsp - ok
16:45:47.0453 1508 imapi (d2e541613b72ff9fcedf37b166930706) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:45:47.0453 1508 imapi - ok
16:45:47.0515 1508 ImapiService (9014c144cd95eee1f5884664a4bfb4d8) C:\WINDOWS\system32\imapi.exe
16:45:47.0515 1508 ImapiService - ok
16:45:47.0531 1508 IntelIde - ok
16:45:47.0562 1508 Ip6Fw (6601a43ee389d0adb11aaede9a98036b) C:\WINDOWS\system32\drivers\ip6fw.sys
16:45:47.0578 1508 Ip6Fw - ok
16:45:47.0593 1508 IpFilterDriver (1b1b4654a5492a42d2e1bf5b2b22d32b) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:45:47.0593 1508 IpFilterDriver - ok
16:45:47.0593 1508 IpInIp - ok
16:45:47.0640 1508 IpNat (088ecb04137df1f52ec10c29d57a8cca) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:45:47.0640 1508 IpNat - ok
16:45:47.0718 1508 IPSec (db841ec6f027c780002ef47aabfddf86) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:45:47.0718 1508 IPSec - ok
16:45:47.0781 1508 IRENUM (8b7015ea0171242cca03c2fb48ccc771) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:45:47.0781 1508 IRENUM - ok
16:45:47.0828 1508 isapnp (d994162e4d8e931fc16a892a87852bbb) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:45:47.0828 1508 isapnp - ok
16:45:47.0937 1508 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
16:45:47.0937 1508 JavaQuickStarterService - ok
16:45:47.0953 1508 Kbdclass (e85095372008a9194c7ed6206cb782da) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:45:47.0953 1508 Kbdclass - ok
16:45:48.0015 1508 kmixer (1b280b3b4c10cc2e3ec3aec17eb6b658) C:\WINDOWS\system32\drivers\kmixer.sys
16:45:48.0015 1508 kmixer - ok
16:45:48.0062 1508 KSecDD (e9bc44a069593b8bfce33610a0196d6b) C:\WINDOWS\system32\drivers\KSecDD.sys
16:45:48.0062 1508 KSecDD - ok
16:45:48.0093 1508 ksthunk (5cb302b6caace41af70c34b56eb3db23) C:\WINDOWS\system32\drivers\ksthunk.sys
16:45:48.0093 1508 ksthunk - ok
16:45:48.0140 1508 lanmanserver (4d8e9a805add244b5c511147a5d9bb8c) C:\WINDOWS\System32\srvsvc.dll
16:45:48.0156 1508 lanmanserver - ok
16:45:48.0234 1508 lanmanworkstation (bf4105d3eb357652a4ea73f170715acd) C:\WINDOWS\System32\wkssvc.dll
16:45:48.0234 1508 lanmanworkstation - ok
16:45:48.0265 1508 LmHosts (80db42573f8ef6cbb6a7a0ff6966a352) C:\WINDOWS\System32\lmhsvc.dll
16:45:48.0265 1508 LmHosts - ok
16:45:48.0390 1508 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:45:48.0390 1508 MDM - ok
16:45:48.0437 1508 Messenger (34ef8cbea95ef5108a1349fc22d87513) C:\WINDOWS\System32\msgsvc.dll
16:45:48.0437 1508 Messenger - ok
16:45:48.0484 1508 mnmdd (ad6bc1efa0c1b53409947f06de87fc89) C:\WINDOWS\system32\drivers\mnmdd.sys
16:45:48.0484 1508 mnmdd - ok
16:45:48.0500 1508 mnmsrvc - ok
16:45:48.0531 1508 Modem (9a67a96a0cbc2bc658abf8c9b5ee065a) C:\WINDOWS\system32\drivers\Modem.sys
16:45:48.0531 1508 Modem - ok
16:45:48.0546 1508 Mouclass (12acf32edf03e46805347817acb9f64c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:45:48.0546 1508 Mouclass - ok
16:45:48.0562 1508 MountMgr (7e9cc7e4282a8e7a480560a6f817c177) C:\WINDOWS\system32\drivers\MountMgr.sys
16:45:48.0562 1508 MountMgr - ok
16:45:48.0578 1508 mraid35x - ok
16:45:48.0640 1508 MRxDAV (3d33208e5a7414d8633d34d24f119173) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:45:48.0640 1508 MRxDAV - ok
16:45:48.0734 1508 MRxSmb (9385e695b33068b90cf419186ecaa3de) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:45:48.0734 1508 MRxSmb - ok
16:45:48.0765 1508 MSDTC (d42976785ba169c2361f97cc6a20681f) C:\WINDOWS\system32\msdtc.exe
16:45:48.0765 1508 MSDTC - ok
16:45:48.0796 1508 Msfs (983f4ab7a50d56cd33e2061ee733bd55) C:\WINDOWS\system32\drivers\Msfs.sys
16:45:48.0812 1508 Msfs - ok
16:45:48.0812 1508 MSIServer - ok
16:45:48.0843 1508 MSKSSRV (308ec6fbef38871cb2c4cace9c8f4808) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:45:48.0843 1508 MSKSSRV - ok
16:45:48.0859 1508 MSPCLOCK (8d3226738479719aab3b6d2617d7a55c) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:45:48.0859 1508 MSPCLOCK - ok
16:45:48.0875 1508 MSPQM (058d63e8d000ae678d4549bfa8eb0deb) C:\WINDOWS\system32\drivers\MSPQM.sys
16:45:48.0875 1508 MSPQM - ok
16:45:48.0890 1508 mssmbios (5992d1f9ed64017a76afee2b79f5cfb9) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:45:48.0906 1508 mssmbios - ok
16:45:48.0937 1508 Mup (5902c8e565fe346076786f43103ef02e) C:\WINDOWS\system32\drivers\Mup.sys
16:45:48.0937 1508 Mup - ok
16:45:48.0968 1508 NDIS (6fe83d05aebef7930d7ce91568dc99df) C:\WINDOWS\system32\drivers\NDIS.sys
16:45:48.0968 1508 NDIS - ok
16:45:48.0984 1508 NdisTapi (389cfab53aa9807ea4536cb0b03609c3) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:45:48.0984 1508 NdisTapi - ok
16:45:49.0015 1508 Ndisuio (49c1207c1ae8c6958f1c1747132814c2) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:45:49.0015 1508 Ndisuio - ok
16:45:49.0046 1508 NdisWan (6157a7aeae6d2b948ff2e872ffac765b) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:45:49.0046 1508 NdisWan - ok
16:45:49.0078 1508 NDProxy (01b8acf7c9afa9005db6378077137bce) C:\WINDOWS\system32\drivers\NDProxy.sys
16:45:49.0078 1508 NDProxy - ok
16:45:49.0093 1508 NetBIOS (b1cee06471a069149b11fada23ff00fd) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:45:49.0093 1508 NetBIOS - ok
16:45:49.0156 1508 NetBT (fedaafb6cd700b9e0787c94d81c07db5) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:45:49.0156 1508 NetBT - ok
16:45:49.0203 1508 NetDDE (fb13279d8c89add5b0f7497c45bcf1c3) C:\WINDOWS\system32\netdde.exe
16:45:49.0203 1508 NetDDE - ok
16:45:49.0218 1508 NetDDEdsdm (fb13279d8c89add5b0f7497c45bcf1c3) C:\WINDOWS\system32\netdde.exe
16:45:49.0218 1508 NetDDEdsdm - ok
16:45:49.0250 1508 Netlogon (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\system32\lsass.exe
16:45:49.0250 1508 Netlogon - ok
16:45:49.0296 1508 Netman (f28fd9dba68a85d6ee4225a83f127d2b) C:\WINDOWS\System32\netman.dll
16:45:49.0296 1508 Netman - ok
16:45:49.0390 1508 NetTcpPortSharing (8bc776595238ab62072aa6beb17ddf59) c:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:45:49.0390 1508 NetTcpPortSharing - ok
16:45:49.0468 1508 Nla (ba13c3c32a69dc37653c9543e065950e) C:\WINDOWS\System32\mswsock.dll
16:45:49.0468 1508 Nla - ok
16:45:49.0500 1508 Normandy - ok
16:45:49.0515 1508 Npfs (81819038621a2c524781ec503d400287) C:\WINDOWS\system32\drivers\Npfs.sys
16:45:49.0515 1508 Npfs - ok
16:45:49.0625 1508 Ntfs (c8904b5f90ab2236692e83d491c4d426) C:\WINDOWS\system32\drivers\Ntfs.sys
16:45:49.0625 1508 Ntfs - ok
16:45:49.0640 1508 NtLmSsp (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\system32\lsass.exe
16:45:49.0640 1508 NtLmSsp - ok
16:45:49.0734 1508 NtmsSvc (a398462077f68a41b4dff9fb7e8fc7b8) C:\WINDOWS\system32\ntmssvc.dll
16:45:49.0750 1508 NtmsSvc - ok
16:45:49.0781 1508 Null (501039187c444fa7ab9d97b6a6c667b3) C:\WINDOWS\system32\drivers\Null.sys
16:45:49.0781 1508 Null - ok
16:45:50.0703 1508 nv (b8444db3041357c47cab0b107ed7074b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:45:50.0843 1508 nv - ok
16:45:50.0968 1508 nvata64 (6b92b28c34904e157ca6fbf31f64e5f5) C:\WINDOWS\system32\DRIVERS\nvata64.sys
16:45:50.0968 1508 nvata64 - ok
16:45:51.0031 1508 NVENETFD (c52746064df36edc4b8fda49321ef481) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
16:45:51.0031 1508 NVENETFD - ok
16:45:51.0078 1508 nvnetbus (f32f7a0cc1d3633098b470ab8ba9dcc0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
16:45:51.0078 1508 nvnetbus - ok
16:45:51.0109 1508 NVSvc (4730e76c3afdbc57ffd6a8f164615eef) C:\WINDOWS\system32\nvsvc64.exe
16:45:51.0109 1508 NVSvc - ok
16:45:51.0343 1508 nvUpdatusService (e424d08e2dc7f788bc8597573e642b90) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:45:51.0359 1508 nvUpdatusService - ok
16:45:51.0468 1508 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:45:51.0468 1508 ose - ok
16:45:51.0593 1508 Parport (7ddaa09186da9f1d304e819b5a6bbc5a) C:\WINDOWS\system32\DRIVERS\parport.sys
16:45:51.0593 1508 Parport - ok
16:45:51.0625 1508 PartMgr (5f9a703240468a0c35a629d17ffca847) C:\WINDOWS\system32\drivers\PartMgr.sys
16:45:51.0625 1508 PartMgr - ok
16:45:51.0640 1508 PCI (5b2c8d6971d8df4937c2fa013cd4c00d) C:\WINDOWS\system32\DRIVERS\pci.sys
16:45:51.0656 1508 PCI - ok
16:45:51.0656 1508 PCIIde (f1978c7849a0047306db3b8bb94f0764) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:45:51.0671 1508 PCIIde - ok
16:45:51.0703 1508 Pcmcia (037f3a19f49a4c6a320c4154ebd6ee9d) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:45:51.0703 1508 Pcmcia - ok
16:45:51.0703 1508 PDCOMP - ok
16:45:51.0718 1508 PDFRAME - ok
16:45:51.0734 1508 PDRELI - ok
16:45:51.0734 1508 PDRFRAME - ok
16:45:51.0812 1508 PlugPlay (1e07ee3f50dff2fe9b0a9d196e82698f) C:\WINDOWS\system32\services.exe
16:45:51.0812 1508 PlugPlay - ok
16:45:51.0859 1508 PolicyAgent (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\system32\lsass.exe
16:45:51.0859 1508 PolicyAgent - ok
16:45:51.0906 1508 PptpMiniport (e176f640ee6bf550f61faa9ce9a683f4) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:45:51.0921 1508 PptpMiniport - ok
16:45:51.0921 1508 ProtectedStorage (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\system32\lsass.exe
16:45:51.0921 1508 ProtectedStorage - ok
16:45:51.0937 1508 PSched (01aae06e543c0956ac247546a8f2dafe) C:\WINDOWS\system32\DRIVERS\psched.sys
16:45:51.0937 1508 PSched - ok
16:45:51.0968 1508 Ptilink (35e39a969d227c2a56c1dc98361d8e35) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:45:51.0968 1508 Ptilink - ok
16:45:51.0984 1508 PxHelp64 - ok
16:45:52.0000 1508 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
16:45:52.0000 1508 PxHlpa64 - ok
16:45:52.0015 1508 RasAcd (d646a315e6386dac1d96c8ce8a4bfee7) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:45:52.0015 1508 RasAcd - ok
16:45:52.0031 1508 RasAuto (3f573d0c001b982c3180860366783bc0) C:\WINDOWS\System32\rasauto.dll
16:45:52.0031 1508 RasAuto - ok
16:45:52.0046 1508 Rasl2tp (d81fdc53ee9c0f68d709e504342d1d74) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:45:52.0062 1508 Rasl2tp - ok
16:45:52.0109 1508 RasMan (47f7838f77a42f85c763899ab1b77d14) C:\WINDOWS\System32\rasmans.dll
16:45:52.0125 1508 RasMan - ok
16:45:52.0140 1508 RasPppoe (31fa5ab662c58cc5cf92396224f6b29a) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:45:52.0140 1508 RasPppoe - ok
16:45:52.0156 1508 Raspti (701493f9a6ede759af8d3fa7c08bab3b) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:45:52.0156 1508 Raspti - ok
16:45:52.0187 1508 Rdbss (251a8b39645c5b3dc7dcbbd03a3140cb) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:45:52.0187 1508 Rdbss - ok
16:45:52.0203 1508 RDPCDD (c013379d04060318c3b2e4967d82739a) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:45:52.0203 1508 RDPCDD - ok
16:45:52.0250 1508 rdpdr (0482a9be0be2098a12a61464306bf24b) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:45:52.0250 1508 rdpdr - ok
16:45:52.0312 1508 RDPWD (e87df32229d27afbd9ea4efc70bd0daa) C:\WINDOWS\system32\drivers\RDPWD.sys
16:45:52.0312 1508 RDPWD - ok
16:45:52.0343 1508 RDSessMgr (a72be0b07655141ab4eabecf0d66528a) C:\WINDOWS\system32\sessmgr.exe
16:45:52.0343 1508 RDSessMgr - ok
16:45:52.0390 1508 redbook (1d793394201000d2d56e848c18fe9a62) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:45:52.0390 1508 redbook - ok
16:45:52.0421 1508 RemoteAccess (60c8a5d4954cce7d280369dff5068019) C:\WINDOWS\System32\mprdim.dll
16:45:52.0421 1508 RemoteAccess - ok
16:45:52.0468 1508 RemoteRegistry (b2d55ce8c7c946c625b687f75040ad3f) C:\WINDOWS\system32\regsvc.dll
16:45:52.0484 1508 RemoteRegistry - ok
16:45:52.0531 1508 RpcLocator (809785cf7be1b857f3b52d9b1af10817) C:\WINDOWS\system32\locator.exe
16:45:52.0531 1508 RpcLocator - ok
16:45:52.0625 1508 RpcSs (a6130365606f3d6332b014fc3da931aa) C:\WINDOWS\system32\rpcss.dll
16:45:52.0625 1508 RpcSs - ok
16:45:52.0687 1508 SamSs (1a782d5ca033f553f0be54546ebf3b4f) C:\WINDOWS\system32\lsass.exe
16:45:52.0687 1508 SamSs - ok
16:45:52.0718 1508 SCardSvr (a2069ffa2a6febb3818f180373c84a89) C:\WINDOWS\System32\SCardSvr.exe
16:45:52.0734 1508 SCardSvr - ok
16:45:52.0781 1508 Schedule (71cd398385835c08613c65e5bf91e7fa) C:\WINDOWS\system32\schedsvc.dll
16:45:52.0781 1508 Schedule - ok
16:45:52.0843 1508 Secdrv (3ea8a16169c26afbeb544e0e48421186) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:45:52.0843 1508 Secdrv - ok
16:45:52.0875 1508 seclogon (b4e054549321372d995e4db9a5304e77) C:\WINDOWS\System32\seclogon.dll
16:45:52.0875 1508 seclogon - ok
16:45:52.0890 1508 SENS (222c0a6c354d6a90700956c60574a09a) C:\WINDOWS\system32\sens.dll
16:45:52.0890 1508 SENS - ok
16:45:52.0937 1508 serenum (111b29f3fcf9fb61c903a01e3706f7dc) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:45:52.0953 1508 serenum - ok
16:45:52.0968 1508 Serial (c0dc97399576fccff5fe877ec2d8dacc) C:\WINDOWS\system32\DRIVERS\serial.sys
16:45:52.0968 1508 Serial - ok
16:45:53.0000 1508 Sfloppy (c6eacc8920a31b8d5842d1f7a28e2113) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:45:53.0000 1508 Sfloppy - ok
16:45:53.0062 1508 SharedAccess (d71a8153d3cf0ed527f6ba1f087faa22) C:\WINDOWS\system32\ipnathlp.dll
16:45:53.0078 1508 SharedAccess - ok
16:45:53.0125 1508 ShellHWDetection (15de8eae99a0f4e313e83aba5b849faa) C:\WINDOWS\System32\shsvcs.dll
16:45:53.0140 1508 ShellHWDetection - ok
16:45:53.0156 1508 Simbad - ok
16:45:53.0203 1508 splitter (17ec29105989101db536c49e1279a0eb) C:\WINDOWS\system32\drivers\splitter.sys
16:45:53.0218 1508 splitter - ok
16:45:53.0250 1508 Spooler (206fd327b4aad3aeaa8e0d7d03f2044a) C:\WINDOWS\system32\spoolsv.exe
16:45:53.0250 1508 Spooler - ok
16:45:53.0296 1508 sr (dae1d5553d42a06034001d6ef4f5cb36) C:\WINDOWS\system32\DRIVERS\sr.sys
16:45:53.0296 1508 sr - ok
16:45:53.0359 1508 srservice (7b6da719973755bd091131e53ad6ec23) C:\WINDOWS\system32\srsvc.dll
16:45:53.0359 1508 srservice - ok
16:45:53.0453 1508 Srv (2a08328562d0ba596b699eeb90b511d1) C:\WINDOWS\system32\DRIVERS\srv.sys
16:45:53.0468 1508 Srv - ok
16:45:53.0484 1508 SSDPSRV (94ad81c8ee2385eddb08c7e34fedb7a8) C:\WINDOWS\System32\ssdpsrv.dll
16:45:53.0484 1508 SSDPSRV - ok
16:45:53.0562 1508 stisvc (f6d4f452db507820f726525a1425f0cc) C:\WINDOWS\system32\wiaservc.dll
16:45:53.0562 1508 stisvc - ok
16:45:53.0593 1508 swenum (b6536185feeb8f0c86ad3bf2fbab4f2f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:45:53.0593 1508 swenum - ok
16:45:53.0625 1508 swmidi (8e9e35b36a27ad154a5f92397cde343c) C:\WINDOWS\system32\drivers\swmidi.sys
16:45:53.0625 1508 swmidi - ok
16:45:53.0687 1508 swprv (2e54746998139cb708b83974f1ac09f3) C:\WINDOWS\System32\swprv.dll
16:45:53.0703 1508 swprv - ok
16:45:53.0718 1508 symc8xx - ok
16:45:53.0718 1508 symmpi - ok
16:45:53.0734 1508 sym_hi - ok
16:45:53.0750 1508 sym_u3 - ok
16:45:53.0781 1508 sysaudio (2e843f129daf4c789df7acd40e26208f) C:\WINDOWS\system32\drivers\sysaudio.sys
16:45:53.0781 1508 sysaudio - ok
16:45:53.0812 1508 SysmonLog (d3fffea8c94ba3c1ceac9694ac390472) C:\WINDOWS\system32\smlogsvc.exe
16:45:53.0812 1508 SysmonLog - ok
16:45:53.0859 1508 TapiSrv (fafefc85fc929b81571bff315c93e299) C:\WINDOWS\System32\tapisrv.dll
16:45:53.0875 1508 TapiSrv - ok
16:45:53.0937 1508 Tcpip (34d970b38e9e835009e1ad07c5422b58) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:45:53.0953 1508 Tcpip - ok
16:45:54.0000 1508 TDPIPE (da1e9cd22238fa4db565ef41c7312e1b) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:45:54.0000 1508 TDPIPE - ok
16:45:54.0015 1508 TDTCP (47d24ebb1c442dcc18d89b8b89bafb49) C:\WINDOWS\system32\drivers\TDTCP.sys
16:45:54.0015 1508 TDTCP - ok
16:45:54.0046 1508 TermDD (8ab9ad44907d4c57ad10e175c8720ecf) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:45:54.0046 1508 TermDD - ok
16:45:54.0093 1508 TermService (f4849a4962779132b02ca4bbf696f434) C:\WINDOWS\System32\termsrv.dll
16:45:54.0093 1508 TermService - ok
16:45:54.0156 1508 Themes (15de8eae99a0f4e313e83aba5b849faa) C:\WINDOWS\System32\shsvcs.dll
16:45:54.0156 1508 Themes - ok
16:45:54.0203 1508 TlntSvr (0fdf294d30ca53391485132854151b26) C:\WINDOWS\system32\tlntsvr.exe
16:45:54.0203 1508 TlntSvr - ok
16:45:54.0203 1508 TosIde - ok
16:45:54.0250 1508 TrkWks (483ffcd8e5080198d87eeed44246e6a9) C:\WINDOWS\system32\trkwks.dll
16:45:54.0250 1508 TrkWks - ok
16:45:54.0281 1508 Udfs (a6dd2dfcc44ec61d18aa645620cd8f63) C:\WINDOWS\system32\drivers\Udfs.sys
16:45:54.0281 1508 Udfs - ok
16:45:54.0296 1508 ultra - ok
16:45:54.0312 1508 Update (70ca9db8119fff67d9938f2ab2b8d50c) C:\WINDOWS\system32\DRIVERS\update.sys
16:45:54.0312 1508 Update - ok
16:45:54.0375 1508 upnphost (78c605cb6e0ce966d3347ff7caf3f8ac) C:\WINDOWS\System32\upnphost.dll
16:45:54.0390 1508 upnphost - ok
16:45:54.0421 1508 UPS (3ec1501aa03cecd66ed093428fbc8b0e) C:\WINDOWS\System32\ups.exe
16:45:54.0421 1508 UPS - ok
16:45:54.0468 1508 usbccgp (3421b0691a0e365a020836369a296f0c) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:45:54.0468 1508 usbccgp - ok
16:45:54.0531 1508 usbehci (ae6521a1c79fc955ff26be9ca5521b51) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:45:54.0531 1508 usbehci - ok
16:45:54.0546 1508 usbhub (d63cb1b59d54f9c2bb8a4107584a664f) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:45:54.0546 1508 usbhub - ok
16:45:54.0593 1508 usbohci (fa9c0d7c2dc899d3e7c2a8721d17a3f8) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:45:54.0609 1508 usbohci - ok
16:45:54.0625 1508 usbprint (040f6f425a6cc4fb156470502cafb31b) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:45:54.0625 1508 usbprint - ok
16:45:54.0640 1508 usbscan (280894f834f5b9910dadff7568f37b31) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:45:54.0656 1508 usbscan - ok
16:45:54.0656 1508 usbstor (edce8a162e8023fd1751e08e23e41948) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:45:54.0656 1508 usbstor - ok
16:45:54.0718 1508 vds (b1e327aea4ecf42ddf7c579b0fb0de4c) C:\WINDOWS\System32\vds.exe
16:45:54.0734 1508 vds - ok
16:45:54.0750 1508 vga (b40cfd2ffdd838b0ce0c35ee449407bd) C:\WINDOWS\system32\DRIVERS\vgapnp.sys
16:45:54.0750 1508 vga - ok
16:45:54.0796 1508 VgaSave (78ebfe6f11f10db8237b910e9158ca91) C:\WINDOWS\System32\drivers\vga.sys
16:45:54.0796 1508 VgaSave - ok
16:45:54.0796 1508 ViaIde - ok
16:45:54.0875 1508 VolSnap (fd6d28d1bbf31c719d9c5ec2d20fb5c2) C:\WINDOWS\system32\DRIVERS\volsnap.sys
16:45:54.0875 1508 VolSnap - ok
16:45:55.0062 1508 VSS (0a05de966b412d6289632ac05fc6ada2) C:\WINDOWS\System32\vssvc.exe
16:45:55.0093 1508 VSS - ok
16:45:55.0234 1508 vToolbarUpdater (980e45498392e6659d2e7c44e7de2336) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
16:45:55.0250 1508 vToolbarUpdater - ok
16:45:55.0375 1508 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
16:45:55.0375 1508 vToolbarUpdater11.1.0 - ok
16:45:55.0531 1508 W32Time (6fe371026674baf189f7a81746a67c87) C:\WINDOWS\system32\w32time.dll
16:45:55.0531 1508 W32Time - ok
16:45:55.0593 1508 Wanarp (d2a01d73fe4a455c1d741b48c56763b2) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:45:55.0593 1508 Wanarp - ok
16:45:55.0609 1508 WDICA - ok
16:45:55.0640 1508 wdmaud (daff7e89c84079022b9606f83e1bd29a) C:\WINDOWS\system32\drivers\wdmaud.sys
16:45:55.0640 1508 wdmaud - ok
16:45:55.0703 1508 WebClient (fe8590fa0367a29bc7ed7bfc4962ad1c) C:\WINDOWS\System32\webclnt.dll
16:45:55.0703 1508 WebClient - ok
16:45:55.0718 1508 WinHttpAutoProxySvc - ok
16:45:55.0781 1508 winmgmt (881271d649e778690a365d73b8958509) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:45:55.0781 1508 winmgmt - ok
16:45:55.0843 1508 WmdmPmSN (beee2c812019d6d8e7e22f37e6f1f560) C:\WINDOWS\system32\mspmsnsv.dll
16:45:55.0843 1508 WmdmPmSN - ok
16:45:55.0953 1508 Wmi (b51966db20d5c700228dfe222fdf9e67) C:\WINDOWS\System32\advapi32.dll
16:45:55.0968 1508 Wmi - ok
16:45:56.0015 1508 WmiApSrv (56980be8b5a6861b5d9175eaba8ac7dc) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:45:56.0015 1508 WmiApSrv - ok
16:45:56.0171 1508 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
16:45:56.0187 1508 WMPNetworkSvc - ok
16:45:56.0343 1508 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:45:56.0359 1508 WPFFontCache_v0400 - ok
16:45:56.0437 1508 wscsvc (82960ce97c1898c28d7ae62ba6721d27) C:\WINDOWS\system32\wscsvc.dll
16:45:56.0437 1508 wscsvc - ok
16:45:56.0484 1508 wuauserv (ef7576af44b484f7a3e6072d633bab34) C:\WINDOWS\system32\wuauserv.dll
16:45:56.0484 1508 wuauserv - ok
16:45:56.0531 1508 WudfPf (3f98a4e57933963cf2a941bb48f9d47a) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:45:56.0546 1508 WudfPf - ok
16:45:56.0578 1508 WudfRd (881c0c35cdd09077b0e95ec2269cb44c) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:45:56.0578 1508 WudfRd - ok
16:45:56.0593 1508 WudfSvc (9dcf6c499773b709de8f70cd5013cb38) C:\WINDOWS\System32\WUDFSvc.dll
16:45:56.0609 1508 WudfSvc - ok
16:45:56.0687 1508 WZCSVC (f4ec5c736bba9a27f9c36412c930b386) C:\WINDOWS\System32\wzcsvc.dll
16:45:56.0703 1508 WZCSVC - ok
16:45:56.0750 1508 xmlprov (a1aba5a0b4f1ff9b83c50f92f8c080a2) C:\WINDOWS\System32\xmlprov.dll
16:45:56.0750 1508 xmlprov - ok
16:45:56.0781 1508 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:45:57.0250 1508 \Device\Harddisk0\DR0 - ok
16:45:57.0265 1508 Boot (0x1200) (0dc385e3c246b64c3e52197df3379532) \Device\Harddisk0\DR0\Partition0
16:45:57.0265 1508 \Device\Harddisk0\DR0\Partition0 - ok
16:45:57.0265 1508 ============================================================
16:45:57.0265 1508 Scan finished
16:45:57.0265 1508 ============================================================
16:45:57.0296 1800 Detected object count: 0
16:45:57.0296 1800 Actual detected object count: 0
16:46:51.0906 1656 Deinitialize success
 
Hello Jose,

immudebug.log <--This is part of Spybot Search and Destroy, its not malicious but the jury is out on to delete it or not, so at this point just leave it be.

Myself, I have built computers from the ground up for many years, over 20 or so, but my new love are laptops, I dont think I will ever get another desktop so I feel your heading in the right direction.


I installed a new gpu
Click to expand...
This possibly can be the culprit but not sure


All the scans we have run have not found any malware, viruses or rootkit activity, my guess it just an old computer and may have some hardware issues.


All us forums work together, why dont you post here in there windows forum, you can link them to this thread if you wish so they can see what we have done, they may be able to sort out your drivers and programs to see what the slow boot up is all about, the reason for this is we just do malware removal on this forum. Like this forum the service is free but you will have to register

http://forums.whatthetech.com/index.php?showforum=119



Good luck,

Ken :)
 
Again thanks...

Well I dont really think the new gpu I installed has anything to do with the issues I have right now, since it was about 3 weeks after I installed it...

But I will post a request on the forum you are proposing...

So is there anything else you can so for me?...

Thanks...
 
You must log in or register to reply here.
Back
Top