Lag in Game

MBA_M?

this was the latest logfile from mbam

00:06:31 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:06:31 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:07:47 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:07:52 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:08:04 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
00:09:03 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:09:04 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:09:11 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
00:10:36 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:10:40 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:10:40 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:10:58 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:10:59 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
00:11:03 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:12:52 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:12:52 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:13:02 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:13:03 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:13:13 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:13:13 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:13:45 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
00:13:45 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:19:55 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
00:21:00 Rae Anthony MESSAGE Scheduled update executed successfully
00:21:10 Rae Anthony MESSAGE Database updated successfully
00:29:00 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
01:03:16 Rae Anthony DETECTION C:\Windows\mstwain32.exe Trojan.Backdoor ALLOW
03:42:50 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
11:47:30 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
11:47:31 Rae Anthony DETECTION C:\WINDOWS\NTDTCSTP.DLL Backdoor.Turkojan ALLOW
11:47:31 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
11:47:59 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
11:48:17 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
11:48:21 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
11:50:23 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
11:51:33 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
11:51:38 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
11:55:15 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:54:59 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:55:07 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
12:55:08 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:55:24 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:55:27 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:55:37 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
12:57:15 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
12:57:26 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
12:57:37 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
12:57:37 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:02:54 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
13:02:55 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:03:14 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
13:18:50 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:18:53 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
13:20:46 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:20:49 Rae Anthony DETECTION C:\Windows\ntdtcstp.dll Backdoor.Turkojan ALLOW
13:20:52 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:22:37 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:22:49 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:22:56 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:22:56 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:22:58 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:23:08 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:23:23 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan ALLOW
13:23:31 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:24:51 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:24:51 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:26:34 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan ALLOW
13:26:34 Rae Anthony DETECTION C:\WINDOWS\NTDTCSTP.DLL Backdoor.Turkojan ALLOW
13:28:53 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:28:53 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:28:53 Rae Anthony DETECTION C:\WINDOWS\MSTWAIN32.EXE Trojan.Backdoor ALLOW
13:36:00 Rae Anthony MESSAGE Protection started successfully
13:36:10 Rae Anthony MESSAGE Database updated successfully
14:20:45 Rae Anthony MESSAGE Protection started successfully
14:34:50 Rae Anthony MESSAGE Protection started successfully
15:33:34 Rae Anthony MESSAGE Protection started successfully
15:33:56 Rae Anthony DETECTION C:\WINDOWS\CMSETAC.DLL Backdoor.Turkojan QUARANTINE
15:33:57 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:33:57 Rae Anthony ERROR Quarantine failed: DeleteFile failed with error code 5
15:33:57 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:04 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:04 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:19 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:19 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:29 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:29 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:46 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:46 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:56 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:34:57 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:35:50 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:35:50 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:38:04 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:38:05 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:38:11 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:38:11 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:38:24 Rae Anthony MESSAGE Database updated successfully
15:41:09 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan QUARANTINE
15:41:09 Rae Anthony DETECTION C:\Windows\cmsetac.dll Backdoor.Turkojan DENY
15:41:10 Rae Anthony ERROR Quarantine failed: DeleteFile failed with error code 5
16:29:12 Rae Anthony MESSAGE Protection started successfully

Does not look like any MBA_M log I've seen. Is that from the purchased version?

Where are the log headers? You need to run a full scan and post the log as per the instructions in the sticky.

sorry here it is

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7821

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28/09/2011 3:41:01 PM
mbam-log-2011-09-28 (15-41-01).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 42406
Time elapsed: 2 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Windows\cmsetac.dll (Backdoor.Turkojan) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mstwain32 (Trojan.Backdoor) -> Value: mstwain32 -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\cmsetac.dll (Backdoor.Turkojan) -> Quarantined and deleted successfully.
c:\Windows\mstwain32.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
c:\$RECYCLE.BIN\s-1-5-21-3016430573-901052433-3033151164-1000\$RXTT5D4.exe (HackTool.Wpakill) -> Quarantined and deleted successfully.

Looks more familiar :).

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

OTL logfile created on: 30/09/2011 9:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rae Anthony\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 69.35% Memory free
7.99 Gb Paging File | 6.26 Gb Available in Paging File | 78.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 165.76 Gb Free Space | 35.60% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 81.60 Gb Free Space | 83.56% Space Free | Partition Type: NTFS
Drive E: | 88.64 Gb Total Space | 22.59 Gb Free Space | 25.48% Space Free | Partition Type: NTFS

Computer Name: RAEANTHONY-PC | User Name: Rae Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2011/05/11 13:59:57 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dda6d8c7413334b605fcf590a702e9f1\Microsoft.VisualBasic.ni.dll
MOD - [2011/05/11 01:59:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/05/11 01:59:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/05/11 01:59:19 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/05/11 01:59:06 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/05/11 01:59:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/05/11 01:59:02 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/05/11 01:58:55 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
MOD - [2010/05/12 14:06:36 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\BonjourService.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 16:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/07/28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/07/28 14:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/12/14 15:45:00 | 003,994,768 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/07/01 04:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/28 15:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 13:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/06 15:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/11 05:39:53 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/02/16 17:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010/07/01 04:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2010/05/10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 48 BC 04 90 0F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/30 15:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/25 23:03:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]

[2011/05/10 21:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/05/11 05:39:44 | 000,002,055 | ---- | M] () -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\searchplugins\daemon-search.xml
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/30 15:25:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/06 08:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/18 18:06:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 08:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/06/28 21:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/09/30 15:25:53 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/30 15:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/30 15:25:53 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/30 15:25:53 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/30 15:25:53 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3172544B-3990-4249-8FF7-741F9D8A1BA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E035A311-F61D-47F4-A5CF-E770FCF8B253}: NameServer = 64.59.144.90,64.59.144.91
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/02 12:15:49 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/30 21:06:36 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/29 15:11:29 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Car
[2011/09/29 14:56:04 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\New folder (2)
[2011/09/29 14:54:25 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Ahead
[2011/09/28 22:35:07 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\AirMouse
[2011/09/28 21:28:38 | 000,000,000 | ---D | C] -- C:\MGtools
[2011/09/28 21:28:28 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\SUPERAntiSpyware.com
[2011/09/28 21:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/28 21:25:58 | 012,609,904 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 16:52:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/09/28 14:31:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/28 13:22:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/28 13:22:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/28 13:22:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/28 13:22:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/28 13:21:59 | 004,232,663 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 00:22:15 | 945,742,145 | ---- | C] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:47 | 000,454,120 | ---- | C] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/28 00:13:03 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\HPAppData
[2011/09/25 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/25 23:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/09/25 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Google
[2011/09/25 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/09/25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonSaga
[2011/09/25 02:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Saga
[2011/09/25 02:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gravity
[2011/09/24 21:28:32 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Dragonica
[2011/09/24 21:11:14 | 000,000,000 | ---D | C] -- C:\gPotato.eu
[2011/09/24 20:23:46 | 000,590,320 | ---- | C] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 17:38:06 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5
[2011/09/23 01:31:57 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Winject
[2011/09/19 10:49:24 | 000,000,000 | ---D | C] -- C:\Data
[2011/09/18 11:03:56 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Need for Speed World
[2011/09/17 00:04:54 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Need for Speed World
[2011/09/16 10:47:31 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Data
[2011/09/11 09:21:39 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Electronic_Arts_Inc
[2011/09/11 09:20:47 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Need For Speed World
[2011/09/11 09:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011/09/03 17:47:58 | 000,000,000 | ---D | C] -- C:\B
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonNest
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/30 20:34:26 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 20:34:26 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 20:17:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/30 16:30:13 | 000,000,416 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/09/30 16:30:12 | 000,497,344 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/09/30 16:30:10 | 000,090,568 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/09/30 15:03:17 | 003,342,199 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:59 | 006,420,839 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 23:29:24 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/29 17:20:03 | 000,019,689 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:22:55 | 000,038,829 | ---- | M] () -- C:\Users\Rae Anthony\Documents\car.nri
[2011/09/29 16:06:21 | 007,299,365 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/29 14:40:37 | 000,031,113 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hiph0p.m3u
[2011/09/28 22:38:35 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/28 22:38:35 | 000,630,928 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/28 22:38:35 | 000,111,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/28 22:34:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/28 22:34:04 | 3219,841,024 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/28 21:35:41 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:28:39 | 000,018,098 | ---- | M] () -- C:\MGlogs.zip
[2011/09/28 21:27:08 | 012,609,904 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 21:26:44 | 002,420,346 | ---- | M] () -- C:\MGtools.exe
[2011/09/28 16:53:00 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,003,003 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:52:03 | 001,402,880 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 13:22:06 | 004,232,663 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 06:14:20 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/28 00:39:26 | 945,742,145 | ---- | M] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:56 | 000,001,274 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/28 00:19:51 | 000,454,120 | ---- | M] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/27 22:49:04 | 000,000,000 | ---- | M] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2011/09/27 20:07:14 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:24 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:29 | 000,209,731 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:17:53 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/25 23:03:48 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | M] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 22:59:47 | 000,140,521 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 02:39:03 | 1996,558,848 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 21:11:03 | 957,004,851 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:53:18 | 1565,415,296 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:47 | 000,590,320 | ---- | M] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 20:23:19 | 000,689,976 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:33:10 | 000,001,123 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:41 | 000,650,048 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/22 13:45:14 | 000,031,102 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hip-h0p combine.m3u
[2011/09/16 11:48:48 | 000,137,254 | ---- | M] () -- C:\Windows\hpoins44.dat
[2011/09/15 18:29:07 | 000,032,256 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/15 16:59:14 | 000,439,808 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/13 11:20:20 | 074,468,719 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:47 | 003,843,175 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:31:43 | 000,000,696 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:53 | 007,516,092 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:15 | 005,287,269 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/08 03:59:52 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/05 14:25:37 | 000,002,930 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:47:18 | 012,239,298 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:58 | 008,139,089 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | M] () -- C:\Users\Public\Desktop\DragonNest.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/30 15:03:12 | 003,342,199 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:47 | 006,420,839 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 17:16:43 | 000,019,689 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:06:04 | 007,299,365 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/28 21:28:39 | 000,018,098 | ---- | C] () -- C:\MGlogs.zip
[2011/09/28 21:27:57 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:26:42 | 002,420,346 | ---- | C] () -- C:\MGtools.exe
[2011/09/28 20:52:02 | 000,000,416 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/09/28 20:51:58 | 000,497,344 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/09/28 20:50:11 | 000,090,568 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/09/28 16:52:34 | 000,003,003 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:51:57 | 001,402,880 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 00:19:56 | 000,001,274 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/27 22:49:04 | 000,000,000 | ---- | C] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2011/09/27 22:17:12 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/27 20:07:00 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:01 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:22 | 000,209,731 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:03:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/25 23:03:48 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | C] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 23:02:21 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/25 23:02:20 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/25 22:59:46 | 000,140,521 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 01:57:55 | 1996,558,848 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 20:53:18 | 957,004,851 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:23:47 | 1565,415,296 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:18 | 000,689,976 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:32:26 | 000,001,123 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:37 | 000,650,048 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/19 09:18:50 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/19 09:18:50 | 000,439,808 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/19 09:18:50 | 000,032,256 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/16 11:48:46 | 000,170,043 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2011/09/16 11:48:46 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2011/09/13 11:17:19 | 074,468,719 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:39 | 003,843,175 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:30:57 | 000,000,696 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:17 | 007,516,092 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:07 | 005,287,269 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/05 14:25:37 | 000,002,930 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:46:51 | 012,239,298 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:41 | 008,139,089 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | C] () -- C:\Users\Public\Desktop\DragonNest.url
[2011/07/17 23:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/01 12:41:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/06/01 12:40:21 | 000,734,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/01 12:10:48 | 000,000,600 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Roaming\winscp.rnd
[2011/05/25 12:27:29 | 000,137,254 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011/05/25 12:27:29 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2011/05/17 13:51:09 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/05/15 02:21:34 | 000,007,168 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/10 21:30:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/17 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/06/01 13:57:30 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Blackberry Desktop
[2011/05/11 05:41:29 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\DAEMON Tools Lite
[2011/08/25 18:43:03 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\fofix
[2011/06/06 16:22:43 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\FreeStone Group
[2011/08/20 10:45:10 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\fretsonfire
[2011/05/11 06:34:21 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\ImgBurn
[2011/07/04 18:32:21 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1
[2011/09/17 00:04:54 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Need for Speed World
[2011/07/29 18:46:35 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\redsn0w
[2011/06/01 13:52:44 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Research In Motion
[2011/09/30 09:50:08 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\uTorrent
[2009/07/13 22:08:49 | 000,032,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2011/09/24 20:23:47 | 000,590,320 | ---- | M] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2011/09/28 21:26:44 | 002,420,346 | ---- | M] () -- C:\MGtools.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< MD5 for: AGP440.SYS >
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2011/03/10 23:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/10 23:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/10 23:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/10 23:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >

< End of report >

OTL logfile created on: 30/09/2011 9:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rae Anthony\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 69.35% Memory free
7.99 Gb Paging File | 6.26 Gb Available in Paging File | 78.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 165.76 Gb Free Space | 35.60% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 81.60 Gb Free Space | 83.56% Space Free | Partition Type: NTFS
Drive E: | 88.64 Gb Total Space | 22.59 Gb Free Space | 25.48% Space Free | Partition Type: NTFS

Computer Name: RAEANTHONY-PC | User Name: Rae Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2011/05/11 13:59:57 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dda6d8c7413334b605fcf590a702e9f1\Microsoft.VisualBasic.ni.dll
MOD - [2011/05/11 01:59:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/05/11 01:59:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/05/11 01:59:19 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/05/11 01:59:06 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/05/11 01:59:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/05/11 01:59:02 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/05/11 01:58:55 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
MOD - [2010/05/12 14:06:36 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\BonjourService.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 16:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/07/28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/07/28 14:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/12/14 15:45:00 | 003,994,768 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/07/01 04:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/28 15:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 13:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/06 15:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/11 05:39:53 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/02/16 17:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010/07/01 04:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2010/05/10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 48 BC 04 90 0F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/30 15:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/25 23:03:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]

[2011/05/10 21:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/05/11 05:39:44 | 000,002,055 | ---- | M] () -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\searchplugins\daemon-search.xml
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/30 15:25:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/06 08:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/18 18:06:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 08:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/06/28 21:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/09/30 15:25:53 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/30 15:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/30 15:25:53 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/30 15:25:53 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/30 15:25:53 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3172544B-3990-4249-8FF7-741F9D8A1BA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E035A311-F61D-47F4-A5CF-E770FCF8B253}: NameServer = 64.59.144.90,64.59.144.91
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/02 12:15:49 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/30 21:06:36 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/29 15:11:29 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Car
[2011/09/29 14:56:04 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\New folder (2)
[2011/09/29 14:54:25 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Ahead
[2011/09/28 22:35:07 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\AirMouse
[2011/09/28 21:28:38 | 000,000,000 | ---D | C] -- C:\MGtools
[2011/09/28 21:28:28 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\SUPERAntiSpyware.com
[2011/09/28 21:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/28 21:25:58 | 012,609,904 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 16:52:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/09/28 14:31:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/28 13:22:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/28 13:22:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/28 13:22:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/28 13:22:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/28 13:21:59 | 004,232,663 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 00:22:15 | 945,742,145 | ---- | C] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:47 | 000,454,120 | ---- | C] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/28 00:13:03 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\HPAppData
[2011/09/25 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/25 23:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/09/25 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Google
[2011/09/25 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/09/25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonSaga
[2011/09/25 02:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Saga
[2011/09/25 02:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gravity
[2011/09/24 21:28:32 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Dragonica
[2011/09/24 21:11:14 | 000,000,000 | ---D | C] -- C:\gPotato.eu
[2011/09/24 20:23:46 | 000,590,320 | ---- | C] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 17:38:06 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5
[2011/09/23 01:31:57 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Winject
[2011/09/19 10:49:24 | 000,000,000 | ---D | C] -- C:\Data
[2011/09/18 11:03:56 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Need for Speed World
[2011/09/17 00:04:54 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Need for Speed World
[2011/09/16 10:47:31 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Data
[2011/09/11 09:21:39 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Electronic_Arts_Inc
[2011/09/11 09:20:47 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Need For Speed World
[2011/09/11 09:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011/09/03 17:47:58 | 000,000,000 | ---D | C] -- C:\B
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonNest
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/30 20:34:26 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 20:34:26 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 20:17:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/30 16:30:13 | 000,000,416 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/09/30 16:30:12 | 000,497,344 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/09/30 16:30:10 | 000,090,568 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/09/30 15:03:17 | 003,342,199 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:59 | 006,420,839 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 23:29:24 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/29 17:20:03 | 000,019,689 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:22:55 | 000,038,829 | ---- | M] () -- C:\Users\Rae Anthony\Documents\car.nri
[2011/09/29 16:06:21 | 007,299,365 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/29 14:40:37 | 000,031,113 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hiph0p.m3u
[2011/09/28 22:38:35 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/28 22:38:35 | 000,630,928 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/28 22:38:35 | 000,111,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/28 22:34:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/28 22:34:04 | 3219,841,024 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/28 21:35:41 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:28:39 | 000,018,098 | ---- | M] () -- C:\MGlogs.zip
[2011/09/28 21:27:08 | 012,609,904 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 21:26:44 | 002,420,346 | ---- | M] () -- C:\MGtools.exe
[2011/09/28 16:53:00 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,003,003 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:52:03 | 001,402,880 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 13:22:06 | 004,232,663 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 06:14:20 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/28 00:39:26 | 945,742,145 | ---- | M] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:56 | 000,001,274 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/28 00:19:51 | 000,454,120 | ---- | M] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/27 22:49:04 | 000,000,000 | ---- | M] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2011/09/27 20:07:14 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:24 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:29 | 000,209,731 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:17:53 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/25 23:03:48 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | M] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 22:59:47 | 000,140,521 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 02:39:03 | 1996,558,848 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 21:11:03 | 957,004,851 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:53:18 | 1565,415,296 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:47 | 000,590,320 | ---- | M] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 20:23:19 | 000,689,976 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:33:10 | 000,001,123 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:41 | 000,650,048 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/22 13:45:14 | 000,031,102 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hip-h0p combine.m3u
[2011/09/16 11:48:48 | 000,137,254 | ---- | M] () -- C:\Windows\hpoins44.dat
[2011/09/15 18:29:07 | 000,032,256 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/15 16:59:14 | 000,439,808 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/13 11:20:20 | 074,468,719 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:47 | 003,843,175 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:31:43 | 000,000,696 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:53 | 007,516,092 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:15 | 005,287,269 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/08 03:59:52 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/05 14:25:37 | 000,002,930 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:47:18 | 012,239,298 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:58 | 008,139,089 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | M] () -- C:\Users\Public\Desktop\DragonNest.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/30 15:03:12 | 003,342,199 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:47 | 006,420,839 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 17:16:43 | 000,019,689 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:06:04 | 007,299,365 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/28 21:28:39 | 000,018,098 | ---- | C] () -- C:\MGlogs.zip
[2011/09/28 21:27:57 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:26:42 | 002,420,346 | ---- | C] () -- C:\MGtools.exe
[2011/09/28 20:52:02 | 000,000,416 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/09/28 20:51:58 | 000,497,344 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/09/28 20:50:11 | 000,090,568 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/09/28 16:52:34 | 000,003,003 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:51:57 | 001,402,880 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 00:19:56 | 000,001,274 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/27 22:49:04 | 000,000,000 | ---- | C] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2011/09/27 22:17:12 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/27 20:07:00 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:01 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:22 | 000,209,731 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:03:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/25 23:03:48 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | C] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 23:02:21 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/25 23:02:20 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/25 22:59:46 | 000,140,521 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 01:57:55 | 1996,558,848 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 20:53:18 | 957,004,851 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:23:47 | 1565,415,296 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:18 | 000,689,976 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:32:26 | 000,001,123 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:37 | 000,650,048 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/19 09:18:50 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/19 09:18:50 | 000,439,808 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/19 09:18:50 | 000,032,256 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/16 11:48:46 | 000,170,043 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2011/09/16 11:48:46 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2011/09/13 11:17:19 | 074,468,719 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:39 | 003,843,175 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:30:57 | 000,000,696 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:17 | 007,516,092 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:07 | 005,287,269 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/05 14:25:37 | 000,002,930 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:46:51 | 012,239,298 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:41 | 008,139,089 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | C] () -- C:\Users\Public\Desktop\DragonNest.url
[2011/07/17 23:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/01 12:41:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/06/01 12:40:21 | 000,734,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/01 12:10:48 | 000,000,600 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Roaming\winscp.rnd
[2011/05/25 12:27:29 | 000,137,254 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011/05/25 12:27:29 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2011/05/17 13:51:09 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/05/15 02:21:34 | 000,007,168 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/10 21:30:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/17 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/06/01 13:57:30 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Blackberry Desktop
[2011/05/11 05:41:29 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\DAEMON Tools Lite
[2011/08/25 18:43:03 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\fofix
[2011/06/06 16:22:43 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\FreeStone Group
[2011/08/20 10:45:10 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\fretsonfire
[2011/05/11 06:34:21 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\ImgBurn
[2011/07/04 18:32:21 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1
[2011/09/17 00:04:54 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Need for Speed World
[2011/07/29 18:46:35 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\redsn0w
[2011/06/01 13:52:44 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\Research In Motion
[2011/09/30 09:50:08 | 000,000,000 | ---D | M] -- C:\Users\Rae Anthony\AppData\Roaming\uTorrent
[2009/07/13 22:08:49 | 000,032,222 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2011/09/24 20:23:47 | 000,590,320 | ---- | M] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2011/09/28 21:26:44 | 002,420,346 | ---- | M] () -- C:\MGtools.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< MD5 for: AGP440.SYS >
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2011/03/10 23:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/10 23:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/10 23:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/10 23:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\System32\config\*.sav >

< End of report >

OTL Extras logfile created on: 30/09/2011 9:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rae Anthony\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 69.35% Memory free
7.99 Gb Paging File | 6.26 Gb Available in Paging File | 78.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 165.76 Gb Free Space | 35.60% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 81.60 Gb Free Space | 83.56% Space Free | Partition Type: NTFS
Drive E: | 88.64 Gb Total Space | 22.59 Gb Free Space | 25.48% Space Free | Partition Type: NTFS

Computer Name: RAEANTHONY-PC | User Name: Rae Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{2AF2EABE-CF18-CACB-E57C-A4902A3C36C8}" = AMD Media Foundation Decoders
"{39024C9F-4BEF-4B91-A35C-ACD8BCA7B1CD}" = ATI AVIVO64 Codecs
"{3C9B2770-E66E-D289-56A0-95CFADA8EB26}" = AMD Catalyst Install Manager
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
"{8C95F41B-70D9-7EF8-BC80-B1C896B5B747}" = AMD Fuel
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D79C2CD4-7BCC-60AC-76C9-834CEEF1CDBE}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E33AC780-456C-6295-E0F3-10A8D39A09FB}" = AMD Drag and Drop Transcoding
"{F5011D7D-0DC2-4669-8B7F-52064D40CCEC}" = iTunes
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.01 beta 1 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04634A14-619B-4F53-88B3-2A48FB3A99C6}" = TwelveSky2
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{330D5210-3C4F-E632-2714-BE23C7C10B9F}" = Catalyst Control Center Graphics Previews Common
"{3FFF605A-B4CE-0706-16C3-7313BBF32DFA}" = iTunes Export
"{43544FB5-BC1D-939A-7FDA-F7F3E5AEC35B}" = AMD VISION Engine Control Center
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AB36A6C-27A8-4CB1-89A1-9D05F3F16625}" = Mobile Mouse Server
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DBB66CD-38C7-472C-BBB9-06BFDA182A29}" = F2400
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{78D2854E-5DBF-11E7-B41F-47D203C8ED66}" = CCC Help English
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C264441-3025-8760-396B-CEF83ADA7C88}" = HydraVision
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{A0284E02-8114-4D23-B7C7-C2C4FAD2C355}" = Dragon Saga
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD3F7BD-02E6-9150-2D34-F9F3109FA466}" = Catalyst Control Center InstallProxy
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DragonNest" = DragonNest
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ffdshow_is1" = ffdshow v1.1.3851 [2011-05-12]
"Frets on Fire" = Frets On Fire
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"ImgBurn" = ImgBurn
"iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1" = iTunes Export
"Liveupdate5_is1" = Liveupdate5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MapleStory" = MapleStory
"Mozilla Firefox 7.0.1 (x86 en-GB)" = Mozilla Firefox 7.0.1 (x86 en-GB)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PlayerScore" = PlayerScore
"Postal 2_is1" = Portal 2
"Rohan_RBF" = Rohan_RBF
"Sapphire TRIXX" = Sapphire TRIXX
"Tansee iPod Transfer_is1" = Tansee iPod Transfer v3.8
"uTorrent" = µTorrent
"Video Card Stability Test" = Video Card Stability Test
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"winscp3_is1" = WinSCP 4.3.3
"winscpfar_is1" = WinSCP plugin for FAR 1.6.2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/09/2011 6:34:46 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 6.0.2.4262, time
stamp: 0x4e6163d9 Faulting module name: USER32.dll, version: 6.1.7600.16385, time
stamp: 0x4a5bdb3c Exception code: 0xc0000409 Fault offset: 0x00030195 Faulting process
id: 0x47c Faulting application start time: 0x01cc7e2ed1b920d1 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Windows\syswow64\USER32.dll
Report
Id: 110179c0-ea22-11e0-b809-406186f12390

Error - 28/09/2011 6:34:57 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 14.0.835.186, time
stamp: 0x4e77dea9 Faulting module name: USER32.dll, version: 6.1.7600.16385, time
stamp: 0x4a5bdb3c Exception code: 0xc0000409 Fault offset: 0x00030195 Faulting process
id: 0xf0c Faulting application start time: 0x01cc7e2ed938dec8 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Windows\syswow64\USER32.dll Report Id: 17991225-ea22-11e0-b809-406186f12390

Error - 28/09/2011 6:35:50 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DllHost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc6b7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc00000fd Fault offset: 0x73d2e2c4 Faulting process id: 0xbfc Faulting application
start time: 0x01cc7e2ef96060a7 Faulting application path: C:\Windows\SysWOW64\DllHost.exe
Faulting
module path: unknown Report Id: 371b33c9-ea22-11e0-b809-406186f12390

Error - 28/09/2011 6:38:05 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: regsvr32.exe, version: 6.1.7600.16385,
time stamp: 0x4a5bca28 Faulting module name: USER32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdb3c Exception code: 0xc0000409 Fault offset: 0x00030195 Faulting
process id: 0x4e0 Faulting application start time: 0x01cc7e2f496e8dcb Faulting application
path: C:\Windows\SysWOW64\regsvr32.exe Faulting module path: C:\Windows\syswow64\USER32.dll
Report
Id: 8777ee56-ea22-11e0-b809-406186f12390

Error - 28/09/2011 6:38:11 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: regsvr32.exe, version: 6.1.7600.16385,
time stamp: 0x4a5bca28 Faulting module name: USER32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdb3c Exception code: 0xc0000409 Fault offset: 0x00030195 Faulting
process id: 0x1b8 Faulting application start time: 0x01cc7e2f4d7eb787 Faulting application
path: C:\Windows\SysWOW64\regsvr32.exe Faulting module path: C:\Windows\syswow64\USER32.dll
Report
Id: 8b414b09-ea22-11e0-b809-406186f12390

Error - 28/09/2011 6:41:09 PM | Computer Name = RaeAnthony-PC | Source = Application Error | ID = 1000
Description = Faulting application name: NOTEPAD.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bc60f Faulting module name: USER32.dll, version: 6.1.7600.16385, time
stamp: 0x4a5bdb3c Exception code: 0xc0000409 Fault offset: 0x00030195 Faulting process
id: 0x888 Faulting application start time: 0x01cc7e2fb2c4d936 Faulting application
path: C:\Windows\SysWOW64\NOTEPAD.EXE Faulting module path: C:\Windows\syswow64\USER32.dll
Report
Id: f53e36c0-ea22-11e0-b809-406186f12390

Error - 28/09/2011 7:26:56 PM | Computer Name = RaeAnthony-PC | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
0x80070005

Error - 28/09/2011 7:26:56 PM | Computer Name = RaeAnthony-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x00000000.

Error - 29/09/2011 1:34:16 AM | Computer Name = RaeAnthony-PC | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
0x80070005

Error - 29/09/2011 1:34:16 AM | Computer Name = RaeAnthony-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x00000000.

[ System Events ]
Error - 28/09/2011 6:42:41 PM | Computer Name = RaeAnthony-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 6:42:41 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 28/09/2011 6:42:42 PM | Computer Name = RaeAnthony-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 29/09/2011 1:33:13 AM | Computer Name = RaeAnthony-PC | Source = DCOM | ID = 10010
Description =

< End of report >

I noticed you had Wpakill on the PC. Only reason for that is to bypass Windows activation when one has a pirate copy of Windows. Hopefully yours is legit?

====

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  O4 - HKLM..\Run: [] File not found
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  :Commands
  [purity]
  [emptyflash]
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post log from this run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

====

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

====

I noticed you had Wpakill on the PC. Only reason for that is to bypass Windows activation when one has a pirate copy of Windows. Hopefully yours is legit?

====

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL
  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  O4 - HKLM..\Run: [] File not found
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  :Commands
  [purity]
  [emptyflash]
  [emptytemp]
  [resethosts]
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post log from this run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

====

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

====

to be honest, i got this rig as a birthday present from my friend who owns a computer shop. I do not know the full history.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56468 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Rae Anthony
->Flash cache emptied: 110575 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Rae Anthony
->Temp folder emptied: 2405482508 bytes
->Temporary Internet Files folder emptied: 31012567 bytes
->Java cache emptied: 395354 bytes
->FireFox cache emptied: 286926420 bytes
->Google Chrome cache emptied: 6326370 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 3978 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16356 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 6733559715 bytes

Total Files Cleaned = 9,025.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 10012011_113106

Files\Folders moved on Reboot...
C:\Users\Rae Anthony\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

OTL logfile created on: 01/10/2011 11:47:40 AM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rae Anthony\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 63.77% Memory free
7.99 Gb Paging File | 6.02 Gb Available in Paging File | 75.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 181.80 Gb Free Space | 39.04% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 81.60 Gb Free Space | 83.56% Space Free | Partition Type: NTFS
Drive E: | 88.64 Gb Total Space | 22.59 Gb Free Space | 25.48% Space Free | Partition Type: NTFS

Computer Name: RAEANTHONY-PC | User Name: Rae Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
PRC - [2011/09/30 15:25:54 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2010/06/28 21:01:20 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/30 15:25:54 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/29 15:09:26 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_yar.dll
MOD - [2011/09/25 11:00:27 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/05/14 12:20:46 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2011/05/14 12:20:46 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2011/05/14 12:20:45 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2011/05/14 12:20:44 | 000,623,104 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2011/05/14 12:20:44 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2011/05/14 12:20:44 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2011/05/14 12:20:44 | 000,086,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2011/05/14 12:20:44 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2011/05/14 12:20:44 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2011/05/14 12:20:44 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2011/05/14 12:20:44 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2011/05/14 12:20:44 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2011/05/14 12:20:44 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2011/05/14 12:20:44 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2011/05/14 12:20:44 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2011/05/14 12:20:44 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2011/05/14 12:20:43 | 000,135,680 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2011/05/14 12:20:43 | 000,115,200 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2011/05/14 12:20:43 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2011/05/14 12:20:43 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2011/05/14 12:20:43 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2011/05/14 12:20:42 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2011/05/14 12:20:42 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2011/05/14 12:20:42 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2011/05/14 12:20:42 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2011/05/14 12:20:42 | 000,051,200 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2011/05/14 12:20:42 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2011/05/14 12:20:42 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2011/05/14 12:20:42 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2011/05/14 12:20:42 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2011/05/14 12:20:41 | 000,291,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2011/05/14 12:20:41 | 000,199,680 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2011/05/14 12:20:41 | 000,056,320 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2011/05/14 12:20:41 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2011/05/14 12:20:41 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2011/05/14 12:20:41 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2011/05/14 12:20:40 | 000,312,320 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2011/05/14 12:20:40 | 000,304,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2011/05/14 12:20:40 | 000,285,184 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2011/05/14 12:20:40 | 000,216,576 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2011/05/14 12:20:40 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2011/05/14 12:20:40 | 000,164,352 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2011/05/14 12:20:40 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2011/05/14 12:20:40 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2011/05/14 12:20:40 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2011/05/14 12:20:40 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2011/05/14 12:20:40 | 000,068,096 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2011/05/14 12:20:40 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2011/05/14 12:20:40 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2011/05/14 12:20:40 | 000,050,176 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2011/05/14 12:20:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2011/05/14 12:20:40 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2011/05/14 12:20:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2011/05/14 12:20:40 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2011/05/14 12:20:40 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2011/05/14 12:20:40 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2011/05/14 12:20:40 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2011/05/14 12:20:39 | 001,735,680 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2011/05/14 12:20:39 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2011/05/14 12:20:38 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2011/05/14 12:20:38 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2011/05/14 12:20:37 | 000,252,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2011/05/11 13:59:57 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dda6d8c7413334b605fcf590a702e9f1\Microsoft.VisualBasic.ni.dll
MOD - [2011/05/11 01:59:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/05/11 01:59:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/05/11 01:59:19 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/05/11 01:59:06 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/05/11 01:59:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/05/11 01:59:02 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/05/11 01:58:55 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2010/12/27 15:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
MOD - [2010/05/12 14:06:36 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Air Mouse\Air Mouse\BonjourService.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 16:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/07/28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/07/28 14:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/12/14 15:45:00 | 003,994,768 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/07/01 04:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2003/04/18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/08/30 00:54:28 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/07/28 15:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 13:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/06 15:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/05/11 05:39:53 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/02/16 17:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2010/10/22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010/07/01 04:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2010/05/10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/02 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 48 BC 04 90 0F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/30 15:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/25 23:03:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/25 12:30:30 | 000,000,000 | ---D | M]

[2011/05/10 21:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions
[2011/09/09 07:19:52 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/05/11 05:39:44 | 000,002,055 | ---- | M] () -- C:\Users\Rae Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\593ud02r.default\searchplugins\daemon-search.xml
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/18 18:06:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/30 15:25:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/06 08:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/18 18:06:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 08:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/06/28 21:01:22 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/09/30 15:25:53 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/30 15:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/30 15:25:53 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/30 15:25:53 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/30 15:25:53 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/01 11:32:02 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3172544B-3990-4249-8FF7-741F9D8A1BA5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E035A311-F61D-47F4-A5CF-E770FCF8B253}: NameServer = 64.59.144.90,64.59.144.91
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/02 12:15:49 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b56a67bc-7b67-11e0-81df-806e6f6e6963}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/01 11:36:41 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\java
[2011/10/01 11:31:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/01 09:38:36 | 000,000,000 | ---D | C] -- C:\e
[2011/10/01 00:41:43 | 000,117,520 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/01 00:41:43 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\MotioninJoy
[2011/10/01 00:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2011/10/01 00:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2011/09/30 22:41:19 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\HPAppData
[2011/09/30 21:06:36 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/29 15:11:29 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Car
[2011/09/29 14:56:04 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\New folder (2)
[2011/09/29 14:54:25 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Ahead
[2011/09/28 22:35:07 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\AirMouse
[2011/09/28 21:28:38 | 000,000,000 | ---D | C] -- C:\MGtools
[2011/09/28 21:28:28 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\SUPERAntiSpyware.com
[2011/09/28 21:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/09/28 21:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/28 21:25:58 | 012,609,904 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 16:52:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/09/28 16:52:34 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/09/28 14:31:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/28 13:22:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/28 13:22:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/28 13:22:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/28 13:22:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/28 13:21:59 | 004,232,663 | R--- | C] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 00:22:15 | 945,742,145 | ---- | C] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:47 | 000,454,120 | ---- | C] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/25 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/25 23:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/09/25 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Google
[2011/09/25 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/09/25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonSaga
[2011/09/25 02:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Saga
[2011/09/25 02:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gravity
[2011/09/24 21:28:32 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Dragonica
[2011/09/24 21:11:14 | 000,000,000 | ---D | C] -- C:\gPotato.eu
[2011/09/24 20:23:46 | 000,590,320 | ---- | C] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 17:38:06 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5
[2011/09/23 01:31:57 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Winject
[2011/09/19 10:49:24 | 000,000,000 | ---D | C] -- C:\Data
[2011/09/18 11:03:56 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\Need for Speed World
[2011/09/17 00:04:54 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Roaming\Need for Speed World
[2011/09/16 10:47:31 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Data
[2011/09/11 09:21:39 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\AppData\Local\Electronic_Arts_Inc
[2011/09/11 09:20:47 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Desktop\Need For Speed World
[2011/09/11 09:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011/09/03 17:47:58 | 000,000,000 | ---D | C] -- C:\B
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/09/01 19:58:43 | 000,000,000 | ---D | C] -- C:\Users\Rae Anthony\Documents\DragonNest

========== Files - Modified Within 30 Days ==========

[2011/10/01 11:37:48 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/01 11:37:48 | 000,630,928 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/01 11:37:48 | 000,111,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/01 11:33:33 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/01 11:33:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/01 11:33:21 | 3219,841,024 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/01 11:32:50 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/01 11:32:49 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/01 11:32:02 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/10/01 11:17:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/01 10:17:57 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/10/01 09:38:37 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2011/10/01 09:38:37 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2011/10/01 09:38:37 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2011/10/01 09:38:37 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2011/10/01 09:38:37 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2011/10/01 09:38:37 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2011/10/01 09:38:37 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2011/10/01 09:38:37 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2011/10/01 09:38:37 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2011/10/01 09:38:37 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2011/10/01 09:38:37 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2011/10/01 09:38:37 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2011/10/01 09:38:37 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2011/10/01 09:38:37 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2011/10/01 09:38:37 | 000,000,113 | ---- | M] () -- C:\del_1.gif
[2011/10/01 09:31:32 | 000,000,416 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/10/01 09:31:31 | 000,497,344 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/10/01 09:31:29 | 000,090,568 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/10/01 00:45:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011/10/01 00:44:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2011/10/01 00:44:11 | 000,000,947 | ---- | M] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2011/10/01 00:44:11 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/09/30 23:22:08 | 003,581,573 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfshacks.rar
[2011/09/30 22:45:04 | 002,954,809 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.rar
[2011/09/30 21:06:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rae Anthony\Desktop\OTL.exe
[2011/09/30 15:03:17 | 003,342,199 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:59 | 006,420,839 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 17:20:03 | 000,019,689 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:22:55 | 000,038,829 | ---- | M] () -- C:\Users\Rae Anthony\Documents\car.nri
[2011/09/29 16:06:21 | 007,299,365 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/29 14:40:37 | 000,031,113 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hiph0p.m3u
[2011/09/28 21:35:41 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:28:39 | 000,018,098 | ---- | M] () -- C:\MGlogs.zip
[2011/09/28 21:27:08 | 012,609,904 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Rae Anthony\Desktop\SUPERAntiSpyware.exe
[2011/09/28 21:26:44 | 002,420,346 | ---- | M] () -- C:\MGtools.exe
[2011/09/28 16:53:00 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\dds.com
[2011/09/28 16:52:34 | 000,003,003 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:52:03 | 001,402,880 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 13:22:06 | 004,232,663 | R--- | M] (Swearware) -- C:\Users\Rae Anthony\Desktop\user123.exe
[2011/09/28 06:14:20 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/28 00:39:26 | 945,742,145 | ---- | M] (Acresso Software Inc.) -- C:\Users\Rae Anthony\Desktop\FreeStyleSetup1.63.exe
[2011/09/28 00:19:56 | 000,001,274 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/28 00:19:51 | 000,454,120 | ---- | M] (CBS Interactive) -- C:\Users\Rae Anthony\Desktop\cnet_FreeStyleSetup_exe.exe
[2011/09/27 22:49:04 | 000,000,000 | ---- | M] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2011/09/27 20:07:14 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:24 | 001,664,682 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:29 | 000,209,731 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:03:48 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | M] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 22:59:47 | 000,140,521 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 02:39:03 | 1996,558,848 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 21:11:03 | 957,004,851 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:53:18 | 1565,415,296 | ---- | M] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:47 | 000,590,320 | ---- | M] (GALA Networks Europe Limited ) -- C:\Dragonica_NewOrigin_20110920.exe
[2011/09/24 20:23:19 | 000,689,976 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:33:10 | 000,001,123 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:41 | 000,650,048 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/22 13:45:14 | 000,031,102 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\hip-h0p combine.m3u
[2011/09/16 11:48:48 | 000,137,254 | ---- | M] () -- C:\Windows\hpoins44.dat
[2011/09/15 18:29:07 | 000,032,256 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/15 16:59:14 | 000,439,808 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/13 11:20:20 | 074,468,719 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:47 | 003,843,175 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:31:43 | 000,000,696 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:53 | 007,516,092 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:15 | 005,287,269 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/08 03:59:52 | 003,252,736 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/05 14:25:37 | 000,002,930 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:47:18 | 012,239,298 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:58 | 008,139,089 | ---- | M] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | M] () -- C:\Users\Public\Desktop\DragonNest.url

========== Files Created - No Company Name ==========

[2011/10/01 09:38:37 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2011/10/01 09:38:37 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2011/10/01 09:38:37 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2011/10/01 09:38:37 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2011/10/01 09:38:37 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2011/10/01 09:38:37 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2011/10/01 09:38:37 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2011/10/01 09:38:37 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2011/10/01 09:38:37 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2011/10/01 09:38:37 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2011/10/01 09:38:37 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2011/10/01 09:38:37 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2011/10/01 09:38:37 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2011/10/01 09:38:37 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2011/10/01 09:38:37 | 000,000,113 | ---- | C] () -- C:\del_1.gif
[2011/10/01 00:45:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011/10/01 00:44:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2011/10/01 00:41:43 | 000,000,947 | ---- | C] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2011/10/01 00:41:43 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/09/30 23:21:22 | 003,581,573 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfshacks.rar
[2011/09/30 22:45:03 | 002,954,809 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.rar
[2011/09/30 15:03:12 | 003,342,199 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Mac Miller – Donald Trump (prod. Sap).mp3
[2011/09/30 14:52:47 | 006,420,839 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wale + Daniel Merriweather - The War.mp3
[2011/09/29 17:16:43 | 000,019,689 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\149094_127486373976792_100001462890577_165146_1709692_n.jpg
[2011/09/29 16:06:04 | 007,299,365 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DJ Drama Ft. Trey Songz, 2 Chainz & Big Sean - Oh My (Remix).mp3
[2011/09/29 14:55:50 | 000,021,734 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\car.m3u
[2011/09/28 21:28:39 | 000,018,098 | ---- | C] () -- C:\MGlogs.zip
[2011/09/28 21:27:57 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/28 21:26:42 | 002,420,346 | ---- | C] () -- C:\MGtools.exe
[2011/09/28 20:52:02 | 000,000,416 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileen.hsh
[2011/09/28 20:51:58 | 000,497,344 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFileTracksHigh.hsh
[2011/09/28 20:50:11 | 000,090,568 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HashFile.hsh
[2011/09/28 16:52:34 | 000,003,003 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.lnk
[2011/09/28 16:51:57 | 001,402,880 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\HiJackThis.msi
[2011/09/28 00:19:56 | 000,001,274 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Install FreeStyle Street Basketball (Gamekiss).lnk
[2011/09/27 22:49:04 | 000,000,000 | ---- | C] () -- C:\srch_loc_1.gif
[2011/09/27 22:49:02 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2011/09/27 22:49:02 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2011/09/27 22:17:12 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_6.EXE
[2011/09/27 20:07:00 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK(1).exe
[2011/09/27 19:59:01 | 001,664,682 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\NFSW HACK.exe
[2011/09/27 19:53:08 | 000,000,177 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Settings.ini
[2011/09/26 22:27:22 | 000,209,731 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\38974_416074484716_510414716_4445708_6237361_n.jpg
[2011/09/25 23:03:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/09/25 23:03:48 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/09/25 23:02:36 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/25 23:02:36 | 000,002,239 | ---- | C] () -- C:\Users\Rae Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/25 23:02:21 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/25 23:02:20 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/25 22:59:46 | 000,140,521 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\imedikate physicians recommendation form.pdf
[2011/09/25 02:47:39 | 000,002,063 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragon Saga.lnk
[2011/09/25 02:46:33 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Saga.lnk
[2011/09/25 01:57:55 | 1996,558,848 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonSagaInstaller-0.1.29-20110216.msi
[2011/09/24 21:15:36 | 000,000,771 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica.lnk
[2011/09/24 20:53:18 | 957,004,851 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1b.bin
[2011/09/24 20:23:47 | 1565,415,296 | ---- | C] () -- C:\Dragonica_NewOrigin_20110920-1a.bin
[2011/09/24 20:23:18 | 000,689,976 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Dragonica_EN.exe
[2011/09/24 17:07:38 | 000,000,612 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Winject - Shortcut.lnk
[2011/09/23 01:32:26 | 000,001,123 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\MapleStory - Shortcut.lnk
[2011/09/23 01:27:37 | 000,650,048 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\GGTrainer 1.2.5.zip
[2011/09/19 09:18:50 | 003,252,736 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\nfsw_trainer_v1_2_4.EXE
[2011/09/19 09:18:50 | 000,439,808 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\livedown_nfsw_bot.exe
[2011/09/19 09:18:50 | 000,032,256 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\PURSUIT HACK 29TH.exe
[2011/09/16 11:48:46 | 000,170,043 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2011/09/16 11:48:46 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2011/09/13 11:17:19 | 074,468,719 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Wiz Khalifa - Amber Kush.zip
[2011/09/13 10:47:39 | 003,843,175 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Baby Bash feat Slim Thug & Stooie Bros - Swananana BMF.mp3
[2011/09/11 09:21:26 | 000,001,678 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Need For Speed World.lnk
[2011/09/11 08:30:57 | 000,000,696 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\DragonNest - Shortcut.lnk
[2011/09/09 07:20:17 | 007,516,092 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Chris Brown Ft. Berner, Wiz Khalifa & Big K.R.I.T. - Yoko.mp3
[2011/09/08 23:46:07 | 005,287,269 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\Berner Ft. Wiz Khalifa & Big K.R.I.T. - Yoko (Prod. By Big K.R.I.T.).mp3
[2011/09/05 14:25:37 | 000,002,930 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\FoFiX - Shortcut (2).lnk
[2011/09/03 17:46:51 | 012,239,298 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviWanteddeadoralivev10111e10d784e905f19dc25aba7979718f.exe
[2011/09/03 17:46:41 | 008,139,089 | ---- | C] () -- C:\Users\Rae Anthony\Desktop\BonJoviLivinonaPrayerv10ac59020785911dd87d62cae159e9cca7.exe
[2011/09/01 19:58:30 | 000,000,175 | ---- | C] () -- C:\Users\Public\Desktop\DragonNest.url
[2011/07/17 23:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/06/01 12:41:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/06/01 12:40:21 | 000,734,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/01 12:10:48 | 000,000,600 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Roaming\winscp.rnd
[2011/05/25 12:27:29 | 000,137,254 | ---- | C] () -- C:\Windows\hpoins44.dat
[2011/05/25 12:27:29 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2011/05/17 13:51:09 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/05/15 02:21:34 | 000,007,168 | ---- | C] () -- C:\Users\Rae Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/10 21:30:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/17 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check

Not seeing anything untoward there. How is the PC now?

Not seeing anything untoward there. How is the PC now?

thanks so much, my PC is doing fine now! gladly appreciate your effort! thanks again so much.

No worries :).

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC by OldTimer:
Save it to your Desktop.
Double click OTC.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.