Scour redirect removal! HiJackThis help

Thread Status:
Not open for further replies.
  1. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    I have been recently infected with the scour redirect virus, and have run anti-spyware, malwarbytes' anit-malware and no luck.

    I downloaded hijackthis and ran a scan and log, here are the results, hopefully you can make out what is wrong from it: Also, does "URLSearchHook:FCToolbarURLSearchHook Class" have something to do with it? thank you!




    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:20:13 PM, on 9/28/2011
    Platform: Windows 2003 SP2 (WinNT 5.02.3790)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe
    C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\EPU\EPU.exe
    C:\WINDOWS\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\SysWOW64\svchost.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Micro Niche Finder\srvany.exe
    C:\Program Files (x86)\Micro Niche Finder\bggoogle.exe
    C:\WINDOWS\SysWOW64\NLSSRV32.EXE
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {edc8d02a-7ae5-1094-ddc0-16d2381944d0} - C:\Program Files (x86)\SocialRibbons LP 1\Helper.dll
    R3 - URLSearchHook: (no name) - - (no file)
    F2 - REG:system.ini: UserInit=userinit,
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: FCTBPos00Pos - {2F3D5040-D8E1-F5B4-150E-F532A5F23615} - C:\Program Files (x86)\SocialRibbons LP 1\Toolbar.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: DCA - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU\EPU.exe" -r
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - ESC Trusted Zone: http://runonce.msn.com
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
    O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files (x86)\Java\jre6\bin\jqs.exe
    O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Micro Niche Finder Background Download Service - Unknown owner - C:\Program Files (x86)\Micro Niche Finder\srvany.exe
    O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
    O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
    O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
    O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
    O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
    O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: TabletServicePen - Unknown owner - C:\WINDOWS\system32\Pen_Tablet.exe (file missing)
    O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
    O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
    O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

    --
    End of file - 9809 bytes
     
  2. vger

    vger Posts: 74000 back in the VB days.... Tech Member Elite Member

    Joined:
    Oct 29, 2007
    Posts:
    19,205
    Likes Received:
    1,815
    Local time:
    10:00
    My System
    Loading...

    Hello tinkertrain616 and welcome to the PCHF

    Please go to my red prework link click it,once there just follow the instructions..
     
  3. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    Hi,

    Before endeavoring to do the Prework, what Operating System is this? Windows Server 2003?
     
  4. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    I have a windows xp 64-bit. Thank you for taking the time to respond!
     
  5. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    Ok. That's a very rare OS :). Can you follow up with the Prework now please?
     
  6. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    Ill get on that right away!
     
  7. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    Here are the logs:
    1) OTL.Txt

    OTL logfile created on: 9/29/2011 2:35:22 PM - Run 1
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.81 Gb Available Physical Memory | 85.18% Memory free
    9.58 Gb Paging File | 8.72 Gb Available in Paging File | 91.03% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.25 Gb Free Space | 71.30% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/09/29 14:27:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
    PRC - [2011/09/19 20:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE
    PRC - [2011/02/22 15:03:08 | 001,151,488 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
    PRC - [2009/11/23 10:30:52 | 000,736,464 | ---- | M] ( James J. Jones, LLC.) -- C:\Program Files (x86)\Micro Niche Finder\bggoogle.exe
    PRC - [2009/04/27 15:20:02 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
    PRC - [2009/04/27 15:19:38 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
    PRC - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    PRC - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    PRC - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    PRC - [2007/02/18 05:00:00 | 001,681,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    PRC - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll
    MOD - [2011/09/19 20:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll
    MOD - [2011/09/19 20:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    MOD - [2011/09/19 20:06:36 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\Locales\en-US.dll
    MOD - [2011/09/19 20:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avutil-51.dll
    MOD - [2011/09/19 20:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avformat-53.dll
    MOD - [2011/09/19 20:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avcodec-53.dll
    MOD - [2011/03/03 12:50:58 | 000,233,472 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.dll
    MOD - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    MOD - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    MOD - [2008/12/15 20:01:54 | 000,131,072 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TvOcLib.dll
    MOD - [2008/12/13 01:29:46 | 001,298,944 | ---- | M] () -- C:\Program Files\ASUS\TurboV\OcProfile.dll
    MOD - [2008/12/10 20:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV\pngio.dll
    MOD - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    MOD - [2008/04/15 10:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\AsSpindownTimeout.dll
    MOD - [2006/01/10 01:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\SysWOW64\AsIO.dll
    MOD - [2005/05/11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\pngio.dll
    MOD - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/09/10 21:16:52 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2011/01/12 14:40:20 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
    SRV:64bit: - [2010/10/11 17:22:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2009/11/23 17:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
    SRV - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
    SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/08/15 16:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2010/10/11 17:22:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2007/04/19 15:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysWow64\lxczcoms.exe -- (lxcz_device)
    SRV - [2007/02/18 05:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
    SRV - [2006/10/18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
    SRV - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe -- (Micro Niche Finder Background Download Service)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/03 19:22:12 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
    DRV:64bit: - [2011/08/03 19:22:12 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
    DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysWow64\drivers\adfs.sys -- (adfs)
    DRV - [2007/02/18 05:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3001716&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3001716&SearchSource=13"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: MafiaaFire@mafiaafire.com:0.4b
    FF - prefs.js..keyword.URL: "http://serp.freecause.com/?ourmark=3&sid=100275&q="

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/09 17:07:52 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/09 17:07:51 | 000,000,000 | ---D | M]

    [2010/09/01 13:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/08/31 23:56:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions
    [2011/07/19 16:47:42 | 000,000,000 | ---D | M] (GameWrangler_v2b Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\{f689bafc-70f0-4550-9001-dc2a1cc8c0dd}
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\staged
    [2011/06/23 14:31:42 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\conduit.xml
    [2011/07/25 21:13:54 | 000,001,276 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\search-the-web.xml
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/09/05 19:08:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/06 20:34:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\{6E6347BC-3CF0-AA94-8D40-B0F3E4B41E92}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\MAFIAAFIRE@MAFIAAFIRE.COM.XPI
    [2010/08/31 23:54:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES (X86)\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/07/04 14:07:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
    [2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = ********:baseURL}search?********:RLZ}********:acceptedSuggestion}********:eek:riginalQueryForSuggestion}********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = ********:baseSuggestURL}search?********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
    CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: Aviary Screen Capture = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncgcgghbabbopfcpgcjpfffdgnbadegf\0.55.0_0\

    Hosts file not found
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
    O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
    O4:64bit: - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
    O4:64bit: - HKLM..\Run: [lxczbmgr.exe] C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
    O4:64bit: - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit File not found
    O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
    O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\EPU\EPU.exe ()
    O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
    O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - mswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
    O15 - HKCU\..Trusted Domains: google.com ([adwords] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8238CBF2-C16C-4281-B310-1D20B6100C18}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
    O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
    O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: System - (lsass.exe) - File not found
    O20 - HKLM Winlogon: UserInit - (userinit) -C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
    O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
    O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
    O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
    O21:64bit: - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
    O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
    O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
    O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    MsConfig:64bit - StartUpFolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk - - File not found
    MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found
    MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

    SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: sermouse.sys - Driver
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: wd.sys - Driver
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: wd.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootNet:64bit: Base - Driver Group
    SafeBootNet:64bit: Boot Bus Extender - Driver Group
    SafeBootNet:64bit: Boot file system - Driver Group
    SafeBootNet:64bit: File system - Driver Group
    SafeBootNet:64bit: Filter - Driver Group
    SafeBootNet:64bit: NDIS Wrapper - Driver Group
    SafeBootNet:64bit: NetBIOSGroup - Driver Group
    SafeBootNet:64bit: NetDDEGroup - Driver Group
    SafeBootNet:64bit: Network - Driver Group
    SafeBootNet:64bit: NetworkProvider - Driver Group
    SafeBootNet:64bit: PCI Configuration - Driver Group
    SafeBootNet:64bit: PNP Filter - Driver Group
    SafeBootNet:64bit: PNP_TDI - Driver Group
    SafeBootNet:64bit: Primary disk - Driver Group
    SafeBootNet:64bit: SCSI Class - Driver Group
    SafeBootNet:64bit: sermouse.sys - Driver
    SafeBootNet:64bit: Streams Drivers - Driver Group
    SafeBootNet:64bit: System Bus Extender - Driver Group
    SafeBootNet:64bit: TDI - Driver Group
    SafeBootNet:64bit: UploadMgr - Service
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
    SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: UploadMgr - Service
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX:64bit: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Reg Error: Value error.
    ActiveX:64bit: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX:64bit: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX:64bit: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} - Help and Support Center
    ActiveX:64bit: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX:64bit: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX:64bit: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX:64bit: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\SysWOW64\Rundll32.exe c:\WINDOWS\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32:64bit: aux - File not found
    Drivers32:64bit: midi - File not found
    Drivers32:64bit: midimapper - File not found
    Drivers32:64bit: mixer - File not found
    Drivers32:64bit: msacm.imaadpcm - File not found
    Drivers32:64bit: msacm.msadpcm - File not found
    Drivers32:64bit: msacm.msg711 - File not found
    Drivers32:64bit: msacm.msgsm610 - File not found
    Drivers32:64bit: msacm.trspch - File not found
    Drivers32:64bit: vidc.i420 - File not found
    Drivers32:64bit: vidc.iv31 - File not found
    Drivers32:64bit: vidc.iv32 - File not found
    Drivers32:64bit: vidc.iv41 - File not found
    Drivers32:64bit: vidc.iv50 - File not found
    Drivers32:64bit: vidc.iyuv - File not found
    Drivers32:64bit: vidc.mrle - File not found
    Drivers32:64bit: vidc.msvc - File not found
    Drivers32:64bit: vidc.uyvy - File not found
    Drivers32:64bit: vidc.yuy2 - File not found
    Drivers32:64bit: vidc.yvu9 - File not found
    Drivers32:64bit: vidc.yvyu - File not found
    Drivers32:64bit: wave - File not found
    Drivers32:64bit: wavemapper - File not found
    Drivers32: msacm.bdmpeg - C:\WINDOWS\SysWow64\bdmpega.acm ()
    Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\SysWow64\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\SysWow64\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\SysWOW64\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.mpeg - C:\WINDOWS\SysWow64\bdmpegv.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/09/29 13:19:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\HiJackThis
    [2011/09/28 13:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Hamachi
    [2011/09/28 13:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
    [2011/09/28 13:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/09/28 00:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/09/27 13:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
    [2011/09/27 13:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
    [2011/09/27 13:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
    [2011/09/27 13:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTDSETUP
    [2011/09/27 13:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
    [2011/09/27 13:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\uTorrent
    [2011/09/27 13:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2011/09/27 00:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system64
    [2011/09/26 23:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/09/21 00:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Quirky Multi-million Dollar Inventions
    [2011/09/13 13:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Software
    [2010/09/04 00:38:28 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczserv.dll
    [2010/09/04 00:38:28 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczusb1.dll
    [2010/09/04 00:38:28 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczhbn3.dll
    [2010/09/04 00:38:28 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomc.dll
    [2010/09/04 00:38:28 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpmui.dll
    [2010/09/04 00:38:28 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczlmpm.dll
    [2010/09/04 00:38:28 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcoms.exe
    [2010/09/04 00:38:28 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomm.dll
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczinpa.dll
    [2010/09/04 00:38:28 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxcziesc.dll
    [2010/09/04 00:38:28 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczih.exe
    [2010/09/04 00:38:28 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcfg.exe
    [2010/09/04 00:38:28 | 000,181,168 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczppls.exe
    [2010/09/04 00:38:28 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczprox.dll
    [2010/09/04 00:38:28 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpplc.dll
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/09/29 14:12:26 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500UA.job
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/09/29 13:18:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/09/28 22:12:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500Core.job
    [2011/09/28 17:58:10 | 002,425,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:07 | 000,002,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 14:44:41 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2007.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/27 13:08:09 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
    [2011/09/26 23:31:34 | 000,000,207 | ---- | M] () -- C:\WINDOWS\ANS2000.INI
    [2011/09/26 16:46:55 | 020,428,798 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/20 23:13:26 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
    [2011/09/20 23:13:26 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
    [2011/09/16 16:46:55 | 000,000,367 | ---- | M] () -- C:\WINDOWS\Lexstat.ini
    [2011/09/03 13:02:56 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/09/28 17:58:10 | 002,425,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:00 | 000,002,499 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 13:27:15 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Nitro PDF Professional.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/27 13:08:09 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
    [2011/09/26 16:46:56 | 020,428,798 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/10 21:19:29 | 000,000,526 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/08/11 19:19:35 | 000,000,447 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
    [2011/07/31 15:13:01 | 000,000,207 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
    [2011/07/31 15:13:01 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
    [2011/07/31 15:13:01 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
    [2011/05/26 00:01:01 | 000,000,024 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\ExpPDFSAMSystem.kje
    [2011/01/10 14:45:52 | 019,985,265 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.1.5-win32.exe
    [2011/01/10 14:35:39 | 000,003,120 | ---- | C] () -- C:\WINDOWS\SysWow64\1716030c-945d-4ce0-8cd0-5bc8659b2dab.dll
    [2010/11/07 04:04:39 | 000,547,084 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
    [2010/10/11 16:51:29 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/04 00:38:37 | 000,000,367 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] () -- C:\WINDOWS\SysWow64\lxczutil.dll
    [2010/09/04 00:38:28 | 000,274,432 | ---- | C] () -- C:\WINDOWS\SysWow64\LXCZinst.dll
    [2010/09/01 13:44:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/09/01 13:31:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d8caps.dat
    [2010/08/29 12:45:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
    [2010/08/29 12:33:10 | 000,024,576 | R--- | C] () -- C:\WINDOWS\SysWow64\AsIO.dll
    [2010/08/29 12:33:10 | 000,014,392 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
    [2010/08/29 12:33:09 | 000,011,832 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys
    [2010/08/29 12:33:09 | 000,010,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp32.sys
    [2010/08/29 12:22:03 | 000,049,152 | R--- | C] () -- C:\WINDOWS\SysWow64\ChCfg.exe
    [2010/08/29 12:21:39 | 000,037,376 | R--- | C] () -- C:\WINDOWS\CPLUtl64.exe
    [2010/08/29 12:17:27 | 000,038,639 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
    [2010/08/29 12:17:02 | 000,029,577 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2010/08/29 12:17:02 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
    [2010/08/29 02:33:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\SysWow64\ICCProfiles.dll
    [2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\SysWow64\bdmpegv.dll
    [2007/02/18 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
    [2007/02/18 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
    [2007/02/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
    [2007/02/18 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
    [2007/02/18 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
    [2007/02/18 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
    [2007/02/18 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
    [2007/02/18 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
    [2007/02/18 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
    [2007/02/18 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
    [2007/02/18 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
    [2007/02/18 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
    [2007/02/18 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
    [2007/02/18 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
    [2007/02/18 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
    [2007/02/18 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
    [2007/02/18 05:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe
    [2007/02/18 05:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin
    [2007/02/18 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
    [2007/02/18 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
    [2007/02/18 05:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe
    [2007/02/18 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
    [2007/02/18 05:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe
    [2001/12/31 22:56:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

    ========== LOP Check ==========

    [2011/09/28 14:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.minecraft
    [2011/08/13 22:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Barnes & Noble
    [2011/05/22 18:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blender Foundation
    [2011/03/03 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.FlipToast
    [2011/09/27 13:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations
    [2011/09/26 23:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/05/25 23:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
    [2010/08/29 14:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
    [2011/09/27 18:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nitro PDF
    [2011/06/03 17:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Scirra
    [2011/05/25 23:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Softplicity
    [2010/09/01 22:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/09/01 13:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
    [2011/07/24 19:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\The Longest Journey
    [2011/03/03 19:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uPlayer
    [2011/09/27 14:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2010/09/01 22:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WTouch
    [2010/08/29 13:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
    [2010/12/05 23:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
    [2011/06/30 01:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
    [2010/08/29 10:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETGEAR
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
    [2011/08/12 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2010/11/15 21:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
    [2010/09/13 00:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
    [2011/09/28 23:18:58 | 000,032,574 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\Fonts\*.com >
    [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2010/08/29 02:29:39 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2010/08/29 10:51:32 | 000,001,538 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\LastFlashConfig.WFC

    < %PROGRAMFILES%\*.* >
    [2007/02/18 05:00:00 | 000,000,002 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

    < %APPDATA%\Update\*.* >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
    [2010/08/29 02:30:03 | 000,000,290 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/08/29 02:34:52 | 000,000,117 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2010/08/29 02:34:51 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

    < %USERPROFILE%\Desktop\*.exe >
    [2011/05/07 15:08:14 | 000,270,142 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Minecraft.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\*.exe >
    [2011/04/14 09:25:40 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
    [2011/04/14 09:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    [2011/04/14 09:25:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    [2011/04/14 09:25:59 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/08/29 02:34:51 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Administrator\Favorites\Desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2011/06/30 02:03:18 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\bug niche.txt
    [2011/06/30 02:01:14 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_00_30.txt
    [2011/06/30 02:03:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_03_35.txt
    [2011/06/30 02:06:22 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_06_11.txt
    [2011/06/30 13:24:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 13_24_22.txt

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\*.sys >

    < %systemroot%\system32\drivers\*.dll >

    < %systemroot%\system32\drivers\*.ini >

    < %systemroot%\system32\drivers\*.exe >

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %SYSTEMDRIVE%\*.* >
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/29 12:17:45 | 000,000,225 | RHS- | M] () -- C:\boot.ini
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2011/09/26 23:28:58 | 000,000,300 | ---- | M] () -- C:\INSTALL.LOG
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2007/02/18 05:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
    [2007/02/18 05:00:00 | 000,297,072 | RHS- | M] () -- C:\ntldr
    [2011/09/29 13:18:18 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2010/08/29 12:22:04 | 000,000,563 | ---- | M] () -- C:\RHDSetup.log
    [2010/08/29 12:34:59 | 000,000,057 | ---- | M] () -- C:\splash.idx
    [2011/09/28 14:52:43 | 000,084,382 | ---- | M] () -- C:\TDSSKiller.2.6.2.0_28.09.2011_14.51.45_log.txt
    [2008/11/19 15:13:04 | 000,005,552 | -H-- | M] () -- C:\version

    < %PROGRAMFILES%\*. >
    [2010/09/20 17:33:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
    [2011/03/03 20:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2010/10/11 17:14:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Media Player
    [2011/08/26 18:45:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
    [2010/08/29 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
    [2010/08/29 12:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
    [2010/11/16 01:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
    [2011/08/13 22:07:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Barnes & Noble
    [2011/04/19 23:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BookSmart
    [2011/09/03 13:02:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
    [2011/06/08 15:13:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
    [2011/09/27 13:27:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2011/03/09 03:57:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
    [2010/08/29 12:34:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
    [2011/05/25 23:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy Pdf Merger Free
    [2011/07/03 13:33:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EasyPHP-5.3.1
    [2011/03/03 22:17:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\fliptoast
    [2011/03/03 20:05:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
    [2010/09/01 00:35:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2011/08/10 19:45:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2011/06/30 13:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2010/09/04 00:39:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 1200 Series
    [2011/08/11 20:23:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
    [2011/09/28 13:47:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/06/20 17:07:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Massive Anvil Technologies
    [2011/03/03 22:19:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MediaMonkey
    [2011/07/03 13:32:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder
    [2011/07/29 23:03:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder 5.0
    [2010/09/01 00:41:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\microsoft shared
    [2011/04/21 23:28:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010/09/01 00:41:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/09/01 00:41:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
    [2010/08/29 13:42:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MonitorDriver
    [2011/07/04 02:32:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Movie Maker
    [2011/07/25 21:21:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2011/08/12 23:36:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MS Word To EPUB Converter Software
    [2010/09/01 00:41:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/05/27 22:06:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
    [2010/08/29 02:27:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Gaming Zone
    [2011/07/04 03:05:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 6.0
    [2011/05/25 23:34:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\neeviaPDF.com
    [2010/08/29 02:28:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetMeeting
    [2011/09/27 13:27:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nitro PDF
    [2011/07/04 18:35:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
    [2010/09/20 17:34:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Orca
    [2011/07/04 02:33:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Outlook Express
    [2010/11/15 21:55:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
    [2011/08/11 19:22:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Password Cracker Enterprise v3.2
    [2010/09/20 18:08:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2010/08/29 12:21:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
    [2011/07/04 03:10:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2011/05/23 20:41:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Scirra
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\speechengines
    [2011/09/03 13:03:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\system
    [2010/09/01 13:45:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2010/09/01 22:34:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tablet
    [2010/09/01 22:35:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TabletPlugins
    [2011/05/28 14:56:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Ultimate PLR Article Collection
    [2011/09/28 15:18:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
    [2010/08/29 02:29:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
    [2011/03/03 19:22:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uPlayer
    [2011/09/27 13:08:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
    [2011/06/15 17:11:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VERTX Systems
    [2010/08/29 14:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\W3i
    [2011/03/03 19:18:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2010/08/29 02:28:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player[Strings]
    [2010/08/29 02:26:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2011/08/11 17:40:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free
    [2011/01/10 14:41:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YouTube Downloader
    [2011/09/28 01:10:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YTDSETUP

    < %appdata%\*.* >
    [2001/12/31 22:56:02 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini


    < MD5 for: AGP440.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:atapi.sys
    [2007/02/18 05:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7A1814D0D112F50F828E25557A1ED29F -- C:\WINDOWS\system64\drivers\atapi.sys

    < MD5 for: DISK.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:disk.sys
    [2007/02/18 05:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) MD5=417D7B9C6F36685A417E54690F8BD7B2 -- C:\WINDOWS\system64\drivers\disk.sys

    < MD5 for: EVENTLOG.DLL >
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\dllcache\eventlog.dll
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\eventlog.dll

    < MD5 for: NETLOGON.DLL >
    [2007/02/18 05:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) MD5=451564B8F22461D90CF8ED3945637845 -- C:\WINDOWS\SysWOW64\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\dllcache\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\dllcache\scecli.dll
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\scecli.dll
    [2007/02/18 05:00:00 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=E7B7FD7D8907DADED4928E922608887F -- C:\WINDOWS\SysWOW64\scecli.dll

    < MD5 for: USBSTOR.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\dllcache\usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\drivers\USBSTOR.SYS

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\WINDOWS\system64] -> \systemroot\system32 -> Mount Point

    < End of report >




    2) Extras.Txt


    OTL Extras logfile created on: 9/29/2011 2:35:22 PM - Run 1
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.81 Gb Available Physical Memory | 85.18% Memory free
    9.58 Gb Paging File | 8.72 Gb Available in Paging File | 91.03% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.25 Gb Free Space | 71.30% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    .js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    .vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1

    ========== System Restore Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22002
    "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1049:TCP" = 1049:TCP:*:Enabled:Akamai NetSession Interface
    "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()
    "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System -- ( )
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()
    "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}" = Nitro PDF Professional
    "Blender" = Blender
    "CCleaner" = CCleaner
    "ie8" = Windows Internet Explorer 8
    "Lexmark 1200 Series" = Lexmark 1200 Series
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinRAR archiver" = WinRAR 4.00 beta 3 (64-bit)
    "WMFDist11-64" = Windows Media Format 11 runtime
    "wmp11-64" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{13597237-E360-4F2B-9A43-332C4E9D5C9C}" = InstallIQ Updater
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
    "{209962E3-F989-416B-A31E-76CF8DEEFF36}" = PDF Merger Pro
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63A68338-16A3-4763-8478-A45F91A61E7A}" = Orca
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
    "{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU
    "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
    "{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
    "{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "7-Zip" = 7-Zip 4.65
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Akamai" = Akamai NetSession Interface
    "Amazon Kindle" = Amazon Kindle
    "BandiMPEG1" = Bandisoft MPEG-1 Decoder
    "BN_DesktopReader" = NOOK for PC
    "BookSmart® 3.0.3 3.0.3" = BookSmart® 3.0.3 3.0.3
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Construct Classic_is1" = Construct Classic r1.2
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
    "Micro Niche Finder 5.0_is1" = Micro Niche Finder 5.0
    "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
    "Pen Tablet Driver" = Bamboo
    "Steam App 33610" = Broken Sword III: The Sleeping Dragon
    "Steam App 400" = Portal
    "Steam App 6300" = Dreamfall: The Longest Journey
    "Steam App 6310" = The Longest Journey
    "Steam App 8980" = Borderlands
    "Steam App 9880" = Champions Online: Free For All
    "SystemRequirementsLab" = System Requirements Lab
    "The Ultimate PLR Article Collection_is1" = The Ultimate PLR Article Collection
    "uTorrent" = µTorrent
    "Vindictus" = Vindictus
    "VLC media player" = VLC media player 1.1.7
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "GoToMeeting" = GoToMeeting 5.0.0.799

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 9/27/2011 3:05:02 AM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application pumpa.exe, version 0.0.0.0, faulting module ,
    version 0.0.0.0, fault address 0x00000000.

    Error - 9/27/2011 3:17:29 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 1013
    Description = Product: Nitro PDF Professional -- Please remove Nitro PDF Professional
    via Add/Remove Programs and run setup again. Upgrading from the currently installed
    version is not supported.

    Error - 9/27/2011 3:20:00 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 10005
    Description = Product: Nitro PDF Professional -- You are running a 64-bit operating
    system. Please download the 64-bit Nitro PDF Professional installer from Product updates for Nitro PDF Professional

    Error - 9/27/2011 4:27:01 PM | Computer Name = DIEGO-B036C6245 | Source = nlsX86cc | ID = 0
    Description =

    Error - 9/27/2011 9:45:47 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:45:56 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:05 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:30 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XsdValidatingReader.Read()

    at System.Xml.XmlReader.MoveToContent() at System.Xml.XmlReader.IsStartElement(String
    localname, String ns) at Microsoft.InfoCards.CheckStoreFileValidityRequest.OnProcess()

    --- End of inner exception stack trace ---

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XmlLoader.Load(XmlDocument
    doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.RetrieveIssuerAndCheckSign(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.CreateCardFromXml(String
    filename) at Microsoft.InfoCards.InfoCardXmlSerializer.Deserialize(String filename)

    --- End of inner exception stack trace ---

    [ OSession Events ]
    Error - 9/11/2011 2:33:59 AM | Computer Name = DIEGO-B036C6245 | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 9/29/2011 4:48:26 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:29 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:29 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:31 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:31 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:34 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:50 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:56 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 5:22:16 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 5:26:20 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127


    < End of report >
     
  8. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    Here are the logs:
    1) OTL.Txt

    OTL logfile created on: 9/29/2011 2:35:22 PM - Run 1
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.81 Gb Available Physical Memory | 85.18% Memory free
    9.58 Gb Paging File | 8.72 Gb Available in Paging File | 91.03% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.25 Gb Free Space | 71.30% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/09/29 14:27:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
    PRC - [2011/09/19 20:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE
    PRC - [2011/02/22 15:03:08 | 001,151,488 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
    PRC - [2009/11/23 10:30:52 | 000,736,464 | ---- | M] ( James J. Jones, LLC.) -- C:\Program Files (x86)\Micro Niche Finder\bggoogle.exe
    PRC - [2009/04/27 15:20:02 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
    PRC - [2009/04/27 15:19:38 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
    PRC - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    PRC - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    PRC - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    PRC - [2007/02/18 05:00:00 | 001,681,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    PRC - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll
    MOD - [2011/09/19 20:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll
    MOD - [2011/09/19 20:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    MOD - [2011/09/19 20:06:36 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\Locales\en-US.dll
    MOD - [2011/09/19 20:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avutil-51.dll
    MOD - [2011/09/19 20:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avformat-53.dll
    MOD - [2011/09/19 20:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avcodec-53.dll
    MOD - [2011/03/03 12:50:58 | 000,233,472 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.dll
    MOD - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    MOD - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    MOD - [2008/12/15 20:01:54 | 000,131,072 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TvOcLib.dll
    MOD - [2008/12/13 01:29:46 | 001,298,944 | ---- | M] () -- C:\Program Files\ASUS\TurboV\OcProfile.dll
    MOD - [2008/12/10 20:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV\pngio.dll
    MOD - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    MOD - [2008/04/15 10:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\AsSpindownTimeout.dll
    MOD - [2006/01/10 01:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\SysWOW64\AsIO.dll
    MOD - [2005/05/11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\pngio.dll
    MOD - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/09/10 21:16:52 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2011/01/12 14:40:20 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
    SRV:64bit: - [2010/10/11 17:22:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2009/11/23 17:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
    SRV - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
    SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/08/15 16:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2010/10/11 17:22:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2007/04/19 15:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysWow64\lxczcoms.exe -- (lxcz_device)
    SRV - [2007/02/18 05:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
    SRV - [2006/10/18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
    SRV - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe -- (Micro Niche Finder Background Download Service)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/03 19:22:12 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
    DRV:64bit: - [2011/08/03 19:22:12 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
    DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysWow64\drivers\adfs.sys -- (adfs)
    DRV - [2007/02/18 05:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3001716&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3001716&SearchSource=13"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: MafiaaFire@mafiaafire.com:0.4b
    FF - prefs.js..keyword.URL: "http://serp.freecause.com/?ourmark=3&sid=100275&q="

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/09 17:07:52 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/09 17:07:51 | 000,000,000 | ---D | M]

    [2010/09/01 13:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/08/31 23:56:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions
    [2011/07/19 16:47:42 | 000,000,000 | ---D | M] (GameWrangler_v2b Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\{f689bafc-70f0-4550-9001-dc2a1cc8c0dd}
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\staged
    [2011/06/23 14:31:42 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\conduit.xml
    [2011/07/25 21:13:54 | 000,001,276 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\search-the-web.xml
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/09/05 19:08:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/06 20:34:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\{6E6347BC-3CF0-AA94-8D40-B0F3E4B41E92}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\MAFIAAFIRE@MAFIAAFIRE.COM.XPI
    [2010/08/31 23:54:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES (X86)\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/07/04 14:07:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
    [2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = ********:baseURL}search?********:RLZ}********:acceptedSuggestion}********:eek:riginalQueryForSuggestion}********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = ********:baseSuggestURL}search?********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
    CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: Aviary Screen Capture = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncgcgghbabbopfcpgcjpfffdgnbadegf\0.55.0_0\

    Hosts file not found
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
    O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
    O4:64bit: - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
    O4:64bit: - HKLM..\Run: [lxczbmgr.exe] C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
    O4:64bit: - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit File not found
    O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
    O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\EPU\EPU.exe ()
    O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
    O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - mswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
    O15 - HKCU\..Trusted Domains: google.com ([adwords] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8238CBF2-C16C-4281-B310-1D20B6100C18}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
    O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
    O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: System - (lsass.exe) - File not found
    O20 - HKLM Winlogon: UserInit - (userinit) -C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
    O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
    O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
    O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
    O21:64bit: - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
    O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
    O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
    O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    MsConfig:64bit - StartUpFolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk - - File not found
    MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found
    MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

    SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: sermouse.sys - Driver
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: wd.sys - Driver
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: wd.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootNet:64bit: Base - Driver Group
    SafeBootNet:64bit: Boot Bus Extender - Driver Group
    SafeBootNet:64bit: Boot file system - Driver Group
    SafeBootNet:64bit: File system - Driver Group
    SafeBootNet:64bit: Filter - Driver Group
    SafeBootNet:64bit: NDIS Wrapper - Driver Group
    SafeBootNet:64bit: NetBIOSGroup - Driver Group
    SafeBootNet:64bit: NetDDEGroup - Driver Group
    SafeBootNet:64bit: Network - Driver Group
    SafeBootNet:64bit: NetworkProvider - Driver Group
    SafeBootNet:64bit: PCI Configuration - Driver Group
    SafeBootNet:64bit: PNP Filter - Driver Group
    SafeBootNet:64bit: PNP_TDI - Driver Group
    SafeBootNet:64bit: Primary disk - Driver Group
    SafeBootNet:64bit: SCSI Class - Driver Group
    SafeBootNet:64bit: sermouse.sys - Driver
    SafeBootNet:64bit: Streams Drivers - Driver Group
    SafeBootNet:64bit: System Bus Extender - Driver Group
    SafeBootNet:64bit: TDI - Driver Group
    SafeBootNet:64bit: UploadMgr - Service
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
    SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: UploadMgr - Service
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX:64bit: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Reg Error: Value error.
    ActiveX:64bit: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX:64bit: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX:64bit: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} - Help and Support Center
    ActiveX:64bit: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX:64bit: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX:64bit: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX:64bit: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\SysWOW64\Rundll32.exe c:\WINDOWS\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32:64bit: aux - File not found
    Drivers32:64bit: midi - File not found
    Drivers32:64bit: midimapper - File not found
    Drivers32:64bit: mixer - File not found
    Drivers32:64bit: msacm.imaadpcm - File not found
    Drivers32:64bit: msacm.msadpcm - File not found
    Drivers32:64bit: msacm.msg711 - File not found
    Drivers32:64bit: msacm.msgsm610 - File not found
    Drivers32:64bit: msacm.trspch - File not found
    Drivers32:64bit: vidc.i420 - File not found
    Drivers32:64bit: vidc.iv31 - File not found
    Drivers32:64bit: vidc.iv32 - File not found
    Drivers32:64bit: vidc.iv41 - File not found
    Drivers32:64bit: vidc.iv50 - File not found
    Drivers32:64bit: vidc.iyuv - File not found
    Drivers32:64bit: vidc.mrle - File not found
    Drivers32:64bit: vidc.msvc - File not found
    Drivers32:64bit: vidc.uyvy - File not found
    Drivers32:64bit: vidc.yuy2 - File not found
    Drivers32:64bit: vidc.yvu9 - File not found
    Drivers32:64bit: vidc.yvyu - File not found
    Drivers32:64bit: wave - File not found
    Drivers32:64bit: wavemapper - File not found
    Drivers32: msacm.bdmpeg - C:\WINDOWS\SysWow64\bdmpega.acm ()
    Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\SysWow64\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\SysWow64\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\SysWOW64\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.mpeg - C:\WINDOWS\SysWow64\bdmpegv.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/09/29 13:19:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\HiJackThis
    [2011/09/28 13:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Hamachi
    [2011/09/28 13:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
    [2011/09/28 13:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/09/28 00:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/09/27 13:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
    [2011/09/27 13:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
    [2011/09/27 13:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
    [2011/09/27 13:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTDSETUP
    [2011/09/27 13:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
    [2011/09/27 13:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\uTorrent
    [2011/09/27 13:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2011/09/27 00:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system64
    [2011/09/26 23:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/09/21 00:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Quirky Multi-million Dollar Inventions
    [2011/09/13 13:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Software
    [2010/09/04 00:38:28 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczserv.dll
    [2010/09/04 00:38:28 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczusb1.dll
    [2010/09/04 00:38:28 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczhbn3.dll
    [2010/09/04 00:38:28 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomc.dll
    [2010/09/04 00:38:28 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpmui.dll
    [2010/09/04 00:38:28 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczlmpm.dll
    [2010/09/04 00:38:28 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcoms.exe
    [2010/09/04 00:38:28 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomm.dll
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczinpa.dll
    [2010/09/04 00:38:28 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxcziesc.dll
    [2010/09/04 00:38:28 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczih.exe
    [2010/09/04 00:38:28 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcfg.exe
    [2010/09/04 00:38:28 | 000,181,168 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczppls.exe
    [2010/09/04 00:38:28 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczprox.dll
    [2010/09/04 00:38:28 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpplc.dll
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/09/29 14:12:26 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500UA.job
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/09/29 13:18:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/09/28 22:12:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500Core.job
    [2011/09/28 17:58:10 | 002,425,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:07 | 000,002,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 14:44:41 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2007.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/27 13:08:09 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
    [2011/09/26 23:31:34 | 000,000,207 | ---- | M] () -- C:\WINDOWS\ANS2000.INI
    [2011/09/26 16:46:55 | 020,428,798 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/20 23:13:26 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
    [2011/09/20 23:13:26 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
    [2011/09/16 16:46:55 | 000,000,367 | ---- | M] () -- C:\WINDOWS\Lexstat.ini
    [2011/09/03 13:02:56 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/09/28 17:58:10 | 002,425,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:00 | 000,002,499 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 13:27:15 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Nitro PDF Professional.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/27 13:08:09 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
    [2011/09/26 16:46:56 | 020,428,798 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/10 21:19:29 | 000,000,526 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/08/11 19:19:35 | 000,000,447 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
    [2011/07/31 15:13:01 | 000,000,207 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
    [2011/07/31 15:13:01 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
    [2011/07/31 15:13:01 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
    [2011/05/26 00:01:01 | 000,000,024 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\ExpPDFSAMSystem.kje
    [2011/01/10 14:45:52 | 019,985,265 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.1.5-win32.exe
    [2011/01/10 14:35:39 | 000,003,120 | ---- | C] () -- C:\WINDOWS\SysWow64\1716030c-945d-4ce0-8cd0-5bc8659b2dab.dll
    [2010/11/07 04:04:39 | 000,547,084 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
    [2010/10/11 16:51:29 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/04 00:38:37 | 000,000,367 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] () -- C:\WINDOWS\SysWow64\lxczutil.dll
    [2010/09/04 00:38:28 | 000,274,432 | ---- | C] () -- C:\WINDOWS\SysWow64\LXCZinst.dll
    [2010/09/01 13:44:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/09/01 13:31:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d8caps.dat
    [2010/08/29 12:45:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
    [2010/08/29 12:33:10 | 000,024,576 | R--- | C] () -- C:\WINDOWS\SysWow64\AsIO.dll
    [2010/08/29 12:33:10 | 000,014,392 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
    [2010/08/29 12:33:09 | 000,011,832 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys
    [2010/08/29 12:33:09 | 000,010,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp32.sys
    [2010/08/29 12:22:03 | 000,049,152 | R--- | C] () -- C:\WINDOWS\SysWow64\ChCfg.exe
    [2010/08/29 12:21:39 | 000,037,376 | R--- | C] () -- C:\WINDOWS\CPLUtl64.exe
    [2010/08/29 12:17:27 | 000,038,639 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
    [2010/08/29 12:17:02 | 000,029,577 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2010/08/29 12:17:02 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
    [2010/08/29 02:33:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\SysWow64\ICCProfiles.dll
    [2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\SysWow64\bdmpegv.dll
    [2007/02/18 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
    [2007/02/18 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
    [2007/02/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
    [2007/02/18 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
    [2007/02/18 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
    [2007/02/18 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
    [2007/02/18 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
    [2007/02/18 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
    [2007/02/18 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
    [2007/02/18 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
    [2007/02/18 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
    [2007/02/18 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
    [2007/02/18 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
    [2007/02/18 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
    [2007/02/18 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
    [2007/02/18 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
    [2007/02/18 05:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe
    [2007/02/18 05:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin
    [2007/02/18 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
    [2007/02/18 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
    [2007/02/18 05:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe
    [2007/02/18 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
    [2007/02/18 05:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe
    [2001/12/31 22:56:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

    ========== LOP Check ==========

    [2011/09/28 14:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.minecraft
    [2011/08/13 22:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Barnes & Noble
    [2011/05/22 18:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blender Foundation
    [2011/03/03 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.FlipToast
    [2011/09/27 13:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations
    [2011/09/26 23:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/05/25 23:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
    [2010/08/29 14:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
    [2011/09/27 18:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nitro PDF
    [2011/06/03 17:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Scirra
    [2011/05/25 23:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Softplicity
    [2010/09/01 22:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/09/01 13:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
    [2011/07/24 19:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\The Longest Journey
    [2011/03/03 19:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uPlayer
    [2011/09/27 14:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2010/09/01 22:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WTouch
    [2010/08/29 13:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
    [2010/12/05 23:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
    [2011/06/30 01:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
    [2010/08/29 10:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETGEAR
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
    [2011/08/12 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2010/11/15 21:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
    [2010/09/13 00:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
    [2011/09/28 23:18:58 | 000,032,574 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\Fonts\*.com >
    [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2010/08/29 02:29:39 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2010/08/29 10:51:32 | 000,001,538 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\LastFlashConfig.WFC

    < %PROGRAMFILES%\*.* >
    [2007/02/18 05:00:00 | 000,000,002 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

    < %APPDATA%\Update\*.* >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
    [2010/08/29 02:30:03 | 000,000,290 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/08/29 02:34:52 | 000,000,117 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2010/08/29 02:34:51 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

    < %USERPROFILE%\Desktop\*.exe >
    [2011/05/07 15:08:14 | 000,270,142 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Minecraft.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\*.exe >
    [2011/04/14 09:25:40 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
    [2011/04/14 09:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    [2011/04/14 09:25:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    [2011/04/14 09:25:59 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/08/29 02:34:51 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Administrator\Favorites\Desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2011/06/30 02:03:18 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\bug niche.txt
    [2011/06/30 02:01:14 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_00_30.txt
    [2011/06/30 02:03:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_03_35.txt
    [2011/06/30 02:06:22 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_06_11.txt
    [2011/06/30 13:24:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 13_24_22.txt

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\*.sys >

    < %systemroot%\system32\drivers\*.dll >

    < %systemroot%\system32\drivers\*.ini >

    < %systemroot%\system32\drivers\*.exe >

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %SYSTEMDRIVE%\*.* >
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/29 12:17:45 | 000,000,225 | RHS- | M] () -- C:\boot.ini
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2011/09/26 23:28:58 | 000,000,300 | ---- | M] () -- C:\INSTALL.LOG
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2007/02/18 05:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
    [2007/02/18 05:00:00 | 000,297,072 | RHS- | M] () -- C:\ntldr
    [2011/09/29 13:18:18 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2010/08/29 12:22:04 | 000,000,563 | ---- | M] () -- C:\RHDSetup.log
    [2010/08/29 12:34:59 | 000,000,057 | ---- | M] () -- C:\splash.idx
    [2011/09/28 14:52:43 | 000,084,382 | ---- | M] () -- C:\TDSSKiller.2.6.2.0_28.09.2011_14.51.45_log.txt
    [2008/11/19 15:13:04 | 000,005,552 | -H-- | M] () -- C:\version

    < %PROGRAMFILES%\*. >
    [2010/09/20 17:33:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
    [2011/03/03 20:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2010/10/11 17:14:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Media Player
    [2011/08/26 18:45:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
    [2010/08/29 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
    [2010/08/29 12:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
    [2010/11/16 01:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
    [2011/08/13 22:07:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Barnes & Noble
    [2011/04/19 23:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BookSmart
    [2011/09/03 13:02:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
    [2011/06/08 15:13:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
    [2011/09/27 13:27:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2011/03/09 03:57:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
    [2010/08/29 12:34:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
    [2011/05/25 23:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy Pdf Merger Free
    [2011/07/03 13:33:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EasyPHP-5.3.1
    [2011/03/03 22:17:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\fliptoast
    [2011/03/03 20:05:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
    [2010/09/01 00:35:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2011/08/10 19:45:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2011/06/30 13:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2010/09/04 00:39:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 1200 Series
    [2011/08/11 20:23:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
    [2011/09/28 13:47:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/06/20 17:07:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Massive Anvil Technologies
    [2011/03/03 22:19:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MediaMonkey
    [2011/07/03 13:32:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder
    [2011/07/29 23:03:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder 5.0
    [2010/09/01 00:41:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\microsoft shared
    [2011/04/21 23:28:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010/09/01 00:41:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/09/01 00:41:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
    [2010/08/29 13:42:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MonitorDriver
    [2011/07/04 02:32:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Movie Maker
    [2011/07/25 21:21:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2011/08/12 23:36:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MS Word To EPUB Converter Software
    [2010/09/01 00:41:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/05/27 22:06:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
    [2010/08/29 02:27:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Gaming Zone
    [2011/07/04 03:05:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 6.0
    [2011/05/25 23:34:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\neeviaPDF.com
    [2010/08/29 02:28:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetMeeting
    [2011/09/27 13:27:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nitro PDF
    [2011/07/04 18:35:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
    [2010/09/20 17:34:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Orca
    [2011/07/04 02:33:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Outlook Express
    [2010/11/15 21:55:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
    [2011/08/11 19:22:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Password Cracker Enterprise v3.2
    [2010/09/20 18:08:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2010/08/29 12:21:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
    [2011/07/04 03:10:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2011/05/23 20:41:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Scirra
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\speechengines
    [2011/09/03 13:03:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\system
    [2010/09/01 13:45:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2010/09/01 22:34:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tablet
    [2010/09/01 22:35:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TabletPlugins
    [2011/05/28 14:56:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Ultimate PLR Article Collection
    [2011/09/28 15:18:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
    [2010/08/29 02:29:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
    [2011/03/03 19:22:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uPlayer
    [2011/09/27 13:08:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
    [2011/06/15 17:11:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VERTX Systems
    [2010/08/29 14:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\W3i
    [2011/03/03 19:18:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2010/08/29 02:28:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player[Strings]
    [2010/08/29 02:26:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2011/08/11 17:40:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free
    [2011/01/10 14:41:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YouTube Downloader
    [2011/09/28 01:10:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YTDSETUP

    < %appdata%\*.* >
    [2001/12/31 22:56:02 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini


    < MD5 for: AGP440.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:atapi.sys
    [2007/02/18 05:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7A1814D0D112F50F828E25557A1ED29F -- C:\WINDOWS\system64\drivers\atapi.sys

    < MD5 for: DISK.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:disk.sys
    [2007/02/18 05:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) MD5=417D7B9C6F36685A417E54690F8BD7B2 -- C:\WINDOWS\system64\drivers\disk.sys

    < MD5 for: EVENTLOG.DLL >
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\dllcache\eventlog.dll
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\eventlog.dll

    < MD5 for: NETLOGON.DLL >
    [2007/02/18 05:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) MD5=451564B8F22461D90CF8ED3945637845 -- C:\WINDOWS\SysWOW64\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\dllcache\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\dllcache\scecli.dll
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\scecli.dll
    [2007/02/18 05:00:00 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=E7B7FD7D8907DADED4928E922608887F -- C:\WINDOWS\SysWOW64\scecli.dll

    < MD5 for: USBSTOR.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\dllcache\usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\drivers\USBSTOR.SYS

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\WINDOWS\system64] -> \systemroot\system32 -> Mount Point

    < End of report >




    2) Extras.Txt


    OTL Extras logfile created on: 9/29/2011 2:35:22 PM - Run 1
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.81 Gb Available Physical Memory | 85.18% Memory free
    9.58 Gb Paging File | 8.72 Gb Available in Paging File | 91.03% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.25 Gb Free Space | 71.30% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    .js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    .vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1

    ========== System Restore Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22002
    "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1049:TCP" = 1049:TCP:*:Enabled:Akamai NetSession Interface
    "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()
    "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System -- ( )
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()
    "C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}" = Nitro PDF Professional
    "Blender" = Blender
    "CCleaner" = CCleaner
    "ie8" = Windows Internet Explorer 8
    "Lexmark 1200 Series" = Lexmark 1200 Series
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinRAR archiver" = WinRAR 4.00 beta 3 (64-bit)
    "WMFDist11-64" = Windows Media Format 11 runtime
    "wmp11-64" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{13597237-E360-4F2B-9A43-332C4E9D5C9C}" = InstallIQ Updater
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
    "{209962E3-F989-416B-A31E-76CF8DEEFF36}" = PDF Merger Pro
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63A68338-16A3-4763-8478-A45F91A61E7A}" = Orca
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
    "{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU
    "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
    "{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
    "{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "7-Zip" = 7-Zip 4.65
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Akamai" = Akamai NetSession Interface
    "Amazon Kindle" = Amazon Kindle
    "BandiMPEG1" = Bandisoft MPEG-1 Decoder
    "BN_DesktopReader" = NOOK for PC
    "BookSmart® 3.0.3 3.0.3" = BookSmart® 3.0.3 3.0.3
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Construct Classic_is1" = Construct Classic r1.2
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
    "Micro Niche Finder 5.0_is1" = Micro Niche Finder 5.0
    "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
    "Pen Tablet Driver" = Bamboo
    "Steam App 33610" = Broken Sword III: The Sleeping Dragon
    "Steam App 400" = Portal
    "Steam App 6300" = Dreamfall: The Longest Journey
    "Steam App 6310" = The Longest Journey
    "Steam App 8980" = Borderlands
    "Steam App 9880" = Champions Online: Free For All
    "SystemRequirementsLab" = System Requirements Lab
    "The Ultimate PLR Article Collection_is1" = The Ultimate PLR Article Collection
    "uTorrent" = µTorrent
    "Vindictus" = Vindictus
    "VLC media player" = VLC media player 1.1.7
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "GoToMeeting" = GoToMeeting 5.0.0.799

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 9/27/2011 3:05:02 AM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application pumpa.exe, version 0.0.0.0, faulting module ,
    version 0.0.0.0, fault address 0x00000000.

    Error - 9/27/2011 3:17:29 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 1013
    Description = Product: Nitro PDF Professional -- Please remove Nitro PDF Professional
    via Add/Remove Programs and run setup again. Upgrading from the currently installed
    version is not supported.

    Error - 9/27/2011 3:20:00 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 10005
    Description = Product: Nitro PDF Professional -- You are running a 64-bit operating
    system. Please download the 64-bit Nitro PDF Professional installer from Product updates for Nitro PDF Professional

    Error - 9/27/2011 4:27:01 PM | Computer Name = DIEGO-B036C6245 | Source = nlsX86cc | ID = 0
    Description =

    Error - 9/27/2011 9:45:47 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:45:56 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:05 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:30 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XsdValidatingReader.Read()

    at System.Xml.XmlReader.MoveToContent() at System.Xml.XmlReader.IsStartElement(String
    localname, String ns) at Microsoft.InfoCards.CheckStoreFileValidityRequest.OnProcess()

    --- End of inner exception stack trace ---

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XmlLoader.Load(XmlDocument
    doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.RetrieveIssuerAndCheckSign(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.CreateCardFromXml(String
    filename) at Microsoft.InfoCards.InfoCardXmlSerializer.Deserialize(String filename)

    --- End of inner exception stack trace ---

    [ OSession Events ]
    Error - 9/11/2011 2:33:59 AM | Computer Name = DIEGO-B036C6245 | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 9/29/2011 4:48:26 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:29 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:29 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:31 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:31 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:34 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:50 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 4:48:56 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 5:22:16 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/29/2011 5:26:20 PM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127


    < End of report >
     
  9. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    There are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    Please note that as long as you are using any form of P2P networking to download files you can anticipate infestations of malware to occur.

    P2P file sharing used to be fairly safe. This is no longer true; continue to use P2P sharing at your own risk!

    Keep in mind that this practice may be the source of your current malware infestation.

    References... citing the risk factors, of using P2P programs:

    Malware: Help prevent the Infection
    Perils of P2P File Sharing
    How to Prevent the Online Invasion of Spyware and Adware

    I strongly recommend that you uninstall:

    µTorrent

    You can do so using the Control Panel >> Add or Remove Programs function. However, that choice is up to you.

    As long as you have the P2P program(s) installed, per PCHF Policy, We can offer you no further assistance.

    If you choose to remove these programs, when finished: Please generate a new set of OTL logs and we'll go from there.
     
  10. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    Im sorry, I uninstalled utorrent and have the updated logs, first otl.text, then extras.txt:



    OTL logfile created on: 9/29/2011 11:45:15 PM - Run 2
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Desktop
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.87 Gb Available Physical Memory | 85.83% Memory free
    9.58 Gb Paging File | 8.76 Gb Available in Paging File | 91.50% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.40 Gb Free Space | 71.35% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/09/29 14:27:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    PRC - [2011/09/19 20:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011/08/15 16:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    PRC - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE
    PRC - [2011/02/22 15:03:08 | 001,151,488 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
    PRC - [2009/11/23 10:30:52 | 000,736,464 | ---- | M] ( James J. Jones, LLC.) -- C:\Program Files (x86)\Micro Niche Finder\bggoogle.exe
    PRC - [2009/04/27 15:20:02 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
    PRC - [2009/04/27 15:19:38 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
    PRC - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    PRC - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    PRC - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    PRC - [2007/02/18 05:00:00 | 001,681,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    PRC - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll
    MOD - [2011/09/19 20:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll
    MOD - [2011/09/19 20:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    MOD - [2011/09/19 20:06:36 | 000,309,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\Locales\en-US.dll
    MOD - [2011/09/19 20:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avutil-51.dll
    MOD - [2011/09/19 20:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avformat-53.dll
    MOD - [2011/09/19 20:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\avcodec-53.dll
    MOD - [2011/03/03 12:50:58 | 000,233,472 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.dll
    MOD - [2008/12/20 19:56:40 | 004,066,816 | ---- | M] () -- C:\Program Files\ASUS\EPU\EPU.exe
    MOD - [2008/12/19 16:00:40 | 005,381,120 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TurboV.exe
    MOD - [2008/12/15 20:01:54 | 000,131,072 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TvOcLib.dll
    MOD - [2008/12/13 01:29:46 | 001,298,944 | ---- | M] () -- C:\Program Files\ASUS\TurboV\OcProfile.dll
    MOD - [2008/12/10 20:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV\pngio.dll
    MOD - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    MOD - [2008/04/15 10:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\AsSpindownTimeout.dll
    MOD - [2006/01/10 01:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\SysWOW64\AsIO.dll
    MOD - [2005/05/11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU\pngio.dll
    MOD - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/09/10 21:16:52 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2011/01/12 14:40:20 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
    SRV:64bit: - [2010/10/11 17:22:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2009/11/23 17:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
    SRV - [2011/09/21 21:07:22 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
    SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/08/15 16:18:12 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2010/10/11 17:22:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/08/15 01:23:20 | 000,086,016 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2007/04/19 15:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\SysWow64\lxczcoms.exe -- (lxcz_device)
    SRV - [2007/02/18 05:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
    SRV - [2006/10/18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
    SRV - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Micro Niche Finder\srvany.exe -- (Micro Niche Finder Background Download Service)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/03 19:22:12 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
    DRV:64bit: - [2011/08/03 19:22:12 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
    DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SysWow64\drivers\adfs.sys -- (adfs)
    DRV - [2007/02/18 05:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3001716&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "GameWrangler_v2b Customized Web Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3001716&SearchSource=13"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: MafiaaFire@mafiaafire.com:0.4b
    FF - prefs.js..keyword.URL: "http://serp.freecause.com/?ourmark=3&sid=100275&q="

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/09 17:07:52 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/09 17:07:51 | 000,000,000 | ---D | M]

    [2010/09/01 13:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
    [2010/08/31 23:56:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions
    [2011/07/19 16:47:42 | 000,000,000 | ---D | M] (GameWrangler_v2b Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\{f689bafc-70f0-4550-9001-dc2a1cc8c0dd}
    [2011/09/28 00:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\extensions\staged
    [2011/06/23 14:31:42 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\conduit.xml
    [2011/07/25 21:13:54 | 000,001,276 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\oguijtfm.default\searchplugins\search-the-web.xml
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/09/05 19:08:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2011/04/06 20:34:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/06/30 13:27:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\{6E6347BC-3CF0-AA94-8D40-B0F3E4B41E92}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\OGUIJTFM.DEFAULT\EXTENSIONS\MAFIAAFIRE@MAFIAAFIRE.COM.XPI
    [2010/08/31 23:54:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES (X86)\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/07/04 14:07:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
    [2011/04/14 09:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = ********:baseURL}search?********:RLZ}********:acceptedSuggestion}********:eek:riginalQueryForSuggestion}********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = ********:baseSuggestURL}search?********:searchFieldtrialParameter}********:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
    CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: Aviary Screen Capture = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncgcgghbabbopfcpgcjpfffdgnbadegf\0.55.0_0\

    Hosts file not found
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
    O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
    O4:64bit: - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
    O4:64bit: - HKLM..\Run: [lxczbmgr.exe] C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
    O4:64bit: - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit File not found
    O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
    O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\EPU\EPU.exe ()
    O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
    O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - mswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
    O15 - HKCU\..Trusted Domains: google.com ([adwords] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8238CBF2-C16C-4281-B310-1D20B6100C18}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
    O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
    O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
    O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
    O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: System - (lsass.exe) - File not found
    O20 - HKLM Winlogon: UserInit - (userinit) -C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
    O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
    O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
    O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
    O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
    O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
    O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
    O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
    O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
    O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
    O21:64bit: - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
    O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
    O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
    O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    MsConfig:64bit - StartUpFolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk - - File not found
    MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - File not found
    MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

    SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: sermouse.sys - Driver
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: wd.sys - Driver
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: wd.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
    SafeBootNet:64bit: Base - Driver Group
    SafeBootNet:64bit: Boot Bus Extender - Driver Group
    SafeBootNet:64bit: Boot file system - Driver Group
    SafeBootNet:64bit: File system - Driver Group
    SafeBootNet:64bit: Filter - Driver Group
    SafeBootNet:64bit: NDIS Wrapper - Driver Group
    SafeBootNet:64bit: NetBIOSGroup - Driver Group
    SafeBootNet:64bit: NetDDEGroup - Driver Group
    SafeBootNet:64bit: Network - Driver Group
    SafeBootNet:64bit: NetworkProvider - Driver Group
    SafeBootNet:64bit: PCI Configuration - Driver Group
    SafeBootNet:64bit: PNP Filter - Driver Group
    SafeBootNet:64bit: PNP_TDI - Driver Group
    SafeBootNet:64bit: Primary disk - Driver Group
    SafeBootNet:64bit: SCSI Class - Driver Group
    SafeBootNet:64bit: sermouse.sys - Driver
    SafeBootNet:64bit: Streams Drivers - Driver Group
    SafeBootNet:64bit: System Bus Extender - Driver Group
    SafeBootNet:64bit: TDI - Driver Group
    SafeBootNet:64bit: UploadMgr - Service
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
    SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: UploadMgr - Service
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

    ActiveX:64bit: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Reg Error: Value error.
    ActiveX:64bit: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX:64bit: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX:64bit: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} - Help and Support Center
    ActiveX:64bit: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX:64bit: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX:64bit: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX:64bit: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\SysWOW64\Rundll32.exe c:\WINDOWS\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    Drivers32:64bit: aux - File not found
    Drivers32:64bit: midi - File not found
    Drivers32:64bit: midimapper - File not found
    Drivers32:64bit: mixer - File not found
    Drivers32:64bit: msacm.imaadpcm - File not found
    Drivers32:64bit: msacm.msadpcm - File not found
    Drivers32:64bit: msacm.msg711 - File not found
    Drivers32:64bit: msacm.msgsm610 - File not found
    Drivers32:64bit: msacm.trspch - File not found
    Drivers32:64bit: vidc.i420 - File not found
    Drivers32:64bit: vidc.iv31 - File not found
    Drivers32:64bit: vidc.iv32 - File not found
    Drivers32:64bit: vidc.iv41 - File not found
    Drivers32:64bit: vidc.iv50 - File not found
    Drivers32:64bit: vidc.iyuv - File not found
    Drivers32:64bit: vidc.mrle - File not found
    Drivers32:64bit: vidc.msvc - File not found
    Drivers32:64bit: vidc.uyvy - File not found
    Drivers32:64bit: vidc.yuy2 - File not found
    Drivers32:64bit: vidc.yvu9 - File not found
    Drivers32:64bit: vidc.yvyu - File not found
    Drivers32:64bit: wave - File not found
    Drivers32:64bit: wavemapper - File not found
    Drivers32: msacm.bdmpeg - C:\WINDOWS\SysWow64\bdmpega.acm ()
    Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\SysWow64\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\SysWow64\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\SysWow64\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\SysWOW64\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.mpeg - C:\WINDOWS\SysWow64\bdmpegv.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/09/29 23:40:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
    [2011/09/29 14:27:49 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2011/09/28 15:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\HiJackThis
    [2011/09/28 13:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\LogMeIn Hamachi
    [2011/09/28 13:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
    [2011/09/28 13:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/09/28 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/09/28 00:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/09/27 13:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
    [2011/09/27 13:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
    [2011/09/27 13:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
    [2011/09/27 13:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTDSETUP
    [2011/09/27 13:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2011/09/27 00:00:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system64
    [2011/09/26 23:09:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/09/21 00:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Quirky Multi-million Dollar Inventions
    [2011/09/13 13:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Software
    [2010/09/04 00:38:28 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczserv.dll
    [2010/09/04 00:38:28 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczusb1.dll
    [2010/09/04 00:38:28 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczhbn3.dll
    [2010/09/04 00:38:28 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomc.dll
    [2010/09/04 00:38:28 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpmui.dll
    [2010/09/04 00:38:28 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczlmpm.dll
    [2010/09/04 00:38:28 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcoms.exe
    [2010/09/04 00:38:28 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcomm.dll
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczinpa.dll
    [2010/09/04 00:38:28 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxcziesc.dll
    [2010/09/04 00:38:28 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczih.exe
    [2010/09/04 00:38:28 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczcfg.exe
    [2010/09/04 00:38:28 | 000,181,168 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczppls.exe
    [2010/09/04 00:38:28 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczprox.dll
    [2010/09/04 00:38:28 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lxczpplc.dll
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/09/29 23:12:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500UA.job
    [2011/09/29 23:06:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/09/29 14:27:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/09/28 22:12:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3489562214-2868442126-3874146476-500Core.job
    [2011/09/28 17:58:10 | 002,425,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:07 | 000,002,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 14:44:41 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Word 2007.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/26 23:31:34 | 000,000,207 | ---- | M] () -- C:\WINDOWS\ANS2000.INI
    [2011/09/26 16:46:55 | 020,428,798 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/20 23:13:26 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
    [2011/09/20 23:13:26 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe
    [2011/09/16 16:46:55 | 000,000,367 | ---- | M] () -- C:\WINDOWS\Lexstat.ini
    [2011/09/03 13:02:56 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    [5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/09/28 17:58:10 | 002,425,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\census.cache
    [2011/09/28 17:56:35 | 000,144,263 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ars.cache
    [2011/09/28 15:19:00 | 000,002,499 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
    [2011/09/28 14:53:00 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/09/28 13:47:59 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
    [2011/09/28 00:41:19 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/09/27 13:27:15 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Nitro PDF Professional.lnk
    [2011/09/27 13:27:15 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nitro PDF Professional.lnk
    [2011/09/26 16:46:56 | 020,428,798 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PYP-MS.pdf
    [2011/09/10 21:19:29 | 000,000,526 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job
    [2011/08/11 19:19:35 | 000,000,447 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
    [2011/07/31 15:13:01 | 000,000,207 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
    [2011/07/31 15:13:01 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
    [2011/07/31 15:13:01 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
    [2011/05/26 00:01:01 | 000,000,024 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\ExpPDFSAMSystem.kje
    [2011/01/10 14:45:52 | 019,985,265 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-1.1.5-win32.exe
    [2011/01/10 14:35:39 | 000,003,120 | ---- | C] () -- C:\WINDOWS\SysWow64\1716030c-945d-4ce0-8cd0-5bc8659b2dab.dll
    [2010/11/07 04:04:39 | 000,547,084 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
    [2010/10/11 16:51:29 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/04 00:38:37 | 000,000,367 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
    [2010/09/04 00:38:28 | 000,413,696 | ---- | C] () -- C:\WINDOWS\SysWow64\lxczutil.dll
    [2010/09/04 00:38:28 | 000,274,432 | ---- | C] () -- C:\WINDOWS\SysWow64\LXCZinst.dll
    [2010/09/01 13:44:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/09/01 13:31:55 | 000,000,552 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d8caps.dat
    [2010/08/29 12:45:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
    [2010/08/29 12:33:10 | 000,024,576 | R--- | C] () -- C:\WINDOWS\SysWow64\AsIO.dll
    [2010/08/29 12:33:10 | 000,014,392 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
    [2010/08/29 12:33:09 | 000,011,832 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys
    [2010/08/29 12:33:09 | 000,010,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp32.sys
    [2010/08/29 12:22:03 | 000,049,152 | R--- | C] () -- C:\WINDOWS\SysWow64\ChCfg.exe
    [2010/08/29 12:21:39 | 000,037,376 | R--- | C] () -- C:\WINDOWS\CPLUtl64.exe
    [2010/08/29 12:17:27 | 000,038,639 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
    [2010/08/29 12:17:02 | 000,029,577 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
    [2010/08/29 12:17:02 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
    [2010/08/29 02:33:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\SysWow64\ICCProfiles.dll
    [2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\SysWow64\bdmpegv.dll
    [2007/02/18 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
    [2007/02/18 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
    [2007/02/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
    [2007/02/18 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
    [2007/02/18 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
    [2007/02/18 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
    [2007/02/18 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
    [2007/02/18 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
    [2007/02/18 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
    [2007/02/18 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
    [2007/02/18 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
    [2007/02/18 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
    [2007/02/18 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
    [2007/02/18 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
    [2007/02/18 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
    [2007/02/18 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
    [2007/02/18 05:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe
    [2007/02/18 05:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin
    [2007/02/18 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
    [2007/02/18 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
    [2007/02/18 05:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe
    [2007/02/18 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
    [2007/02/18 05:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe
    [2001/12/31 22:56:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

    ========== LOP Check ==========

    [2011/09/28 14:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.minecraft
    [2011/08/13 22:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Barnes & Noble
    [2011/05/22 18:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Blender Foundation
    [2011/03/03 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.FlipToast
    [2011/09/27 13:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations
    [2011/09/26 23:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EbkReader
    [2011/05/25 23:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
    [2010/08/29 14:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
    [2011/09/27 18:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nitro PDF
    [2011/06/03 17:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Scirra
    [2011/05/25 23:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Softplicity
    [2010/09/01 22:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2010/09/01 13:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
    [2011/07/24 19:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\The Longest Journey
    [2011/03/03 19:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uPlayer
    [2011/09/29 23:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
    [2010/09/01 22:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WTouch
    [2010/08/29 13:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
    [2010/12/05 23:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASUS OC Profiles
    [2011/06/30 01:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Niche Finder
    [2010/08/29 10:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETGEAR
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
    [2010/12/18 15:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
    [2011/08/12 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2010/11/15 21:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
    [2010/09/13 00:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
    [2011/09/29 19:57:10 | 000,032,574 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
    [2011/09/29 13:19:01 | 000,000,526 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28c7e666-000b-4188-b448-194d0bf3b762.job

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\Fonts\*.com >
    [2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
    [2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
    [2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
    [2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2010/08/29 02:29:39 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2010/08/29 10:51:32 | 000,001,538 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\LastFlashConfig.WFC

    < %PROGRAMFILES%\*.* >
    [2007/02/18 05:00:00 | 000,000,002 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

    < %APPDATA%\Update\*.* >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
    [2010/08/29 02:30:03 | 000,000,290 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/08/29 02:34:52 | 000,000,117 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2010/08/29 02:34:51 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

    < %USERPROFILE%\Desktop\*.exe >
    [2011/05/07 15:08:14 | 000,270,142 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Minecraft.exe
    [2011/09/29 14:27:50 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >
    [2011/09/20 16:04:14 | 000,060,304 | ---- | M] () -- C:\Documents and Settings\Administrator\g2mdlhlpx.exe

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\*.exe >
    [2011/04/14 09:25:40 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
    [2011/04/14 09:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    [2011/04/14 09:25:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    [2011/04/14 09:25:59 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/08/29 02:34:51 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Administrator\Favorites\Desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2011/06/30 02:03:18 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\bug niche.txt
    [2011/06/30 02:01:14 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_00_30.txt
    [2011/06/30 02:03:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_03_35.txt
    [2011/06/30 02:06:22 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 02_06_11.txt
    [2011/06/30 13:24:38 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\All Users\hot trends_ 06_30_11 at 13_24_22.txt

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\system32\*.exe /lockedfiles >
    [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\*.sys >

    < %systemroot%\system32\drivers\*.dll >

    < %systemroot%\system32\drivers\*.ini >

    < %systemroot%\system32\drivers\*.exe >

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
    [2008/07/06 17:57:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

    < %SYSTEMDRIVE%\*.* >
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2010/08/29 12:17:45 | 000,000,225 | RHS- | M] () -- C:\boot.ini
    [2010/08/29 02:30:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2011/09/26 23:28:58 | 000,000,300 | ---- | M] () -- C:\INSTALL.LOG
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/29 02:30:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2007/02/18 05:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
    [2007/02/18 05:00:00 | 000,297,072 | RHS- | M] () -- C:\ntldr
    [2011/09/29 23:06:10 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
    [2010/08/29 12:22:04 | 000,000,563 | ---- | M] () -- C:\RHDSetup.log
    [2010/08/29 12:34:59 | 000,000,057 | ---- | M] () -- C:\splash.idx
    [2011/09/28 14:52:43 | 000,084,382 | ---- | M] () -- C:\TDSSKiller.2.6.2.0_28.09.2011_14.51.45_log.txt
    [2008/11/19 15:13:04 | 000,005,552 | -H-- | M] () -- C:\version

    < %PROGRAMFILES%\*. >
    [2010/09/20 17:33:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
    [2011/03/03 20:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2010/10/11 17:14:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Media Player
    [2011/08/26 18:45:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
    [2010/08/29 12:17:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
    [2010/08/29 12:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
    [2010/11/16 01:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
    [2011/08/13 22:07:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Barnes & Noble
    [2011/04/19 23:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BookSmart
    [2011/09/03 13:02:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
    [2011/06/08 15:13:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
    [2011/09/27 13:27:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2011/03/09 03:57:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
    [2010/08/29 12:34:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
    [2011/05/25 23:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy Pdf Merger Free
    [2011/07/03 13:33:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EasyPHP-5.3.1
    [2011/03/03 22:17:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\fliptoast
    [2011/03/03 20:05:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
    [2010/09/01 00:35:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2011/08/10 19:45:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2011/06/30 13:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2010/09/04 00:39:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 1200 Series
    [2011/08/11 20:23:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
    [2011/09/28 13:47:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/09/28 00:41:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/06/20 17:07:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Massive Anvil Technologies
    [2011/03/03 22:19:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MediaMonkey
    [2011/07/03 13:32:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder
    [2011/07/29 23:03:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Micro Niche Finder 5.0
    [2010/09/01 00:41:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\microsoft shared
    [2011/04/21 23:28:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010/09/01 00:41:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/09/01 00:41:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
    [2010/08/29 13:42:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MonitorDriver
    [2011/07/04 02:32:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Movie Maker
    [2011/07/25 21:21:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2011/08/12 23:36:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MS Word To EPUB Converter Software
    [2010/09/01 00:41:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/05/27 22:06:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
    [2010/08/29 02:27:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Gaming Zone
    [2011/07/04 03:05:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 6.0
    [2011/05/25 23:34:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\neeviaPDF.com
    [2010/08/29 02:28:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetMeeting
    [2011/09/27 13:27:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nitro PDF
    [2011/07/04 18:35:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
    [2010/09/20 17:34:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Orca
    [2011/07/04 02:33:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Outlook Express
    [2010/11/15 21:55:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
    [2011/08/11 19:22:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PDF Password Cracker Enterprise v3.2
    [2010/09/20 18:08:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2010/08/29 12:21:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
    [2011/07/04 03:10:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2011/05/23 20:41:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Scirra
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\speechengines
    [2011/09/03 13:03:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
    [2010/08/29 02:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\system
    [2010/09/01 13:45:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2010/09/01 22:34:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tablet
    [2010/09/01 22:35:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TabletPlugins
    [2011/05/28 14:56:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Ultimate PLR Article Collection
    [2011/09/28 15:18:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
    [2010/08/29 02:29:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
    [2011/03/03 19:22:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uPlayer
    [2011/06/15 17:11:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VERTX Systems
    [2010/08/29 14:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
    [2011/03/03 20:04:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\W3i
    [2011/03/03 19:18:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2010/08/29 02:28:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player[Strings]
    [2010/08/29 02:26:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2011/08/11 17:40:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free
    [2011/01/10 14:41:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YouTube Downloader
    [2011/09/28 01:10:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\YTDSETUP

    < %appdata%\*.* >
    [2001/12/31 22:56:02 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini


    < MD5 for: AGP440.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:atapi.sys
    [2007/02/18 05:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7A1814D0D112F50F828E25557A1ED29F -- C:\WINDOWS\system64\drivers\atapi.sys

    < MD5 for: DISK.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:disk.sys
    [2007/02/18 05:00:00 | 000,063,488 | ---- | M] (Microsoft Corporation) MD5=417D7B9C6F36685A417E54690F8BD7B2 -- C:\WINDOWS\system64\drivers\disk.sys

    < MD5 for: EVENTLOG.DLL >
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\dllcache\eventlog.dll
    [2007/02/18 05:00:00 | 000,130,560 | ---- | M] (Microsoft Corporation) MD5=589B15B2B3254E2745CB205243EB8588 -- C:\WINDOWS\system64\eventlog.dll

    < MD5 for: NETLOGON.DLL >
    [2007/02/18 05:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) MD5=451564B8F22461D90CF8ED3945637845 -- C:\WINDOWS\SysWOW64\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\dllcache\netlogon.dll
    [2007/02/18 05:00:00 | 000,681,472 | ---- | M] (Microsoft Corporation) MD5=BFF99E983A1F35B4E8AA74DEA19D014B -- C:\WINDOWS\system64\netlogon.dll

    < MD5 for: SCECLI.DLL >
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\dllcache\scecli.dll
    [2007/02/18 05:00:00 | 000,315,392 | ---- | M] (Microsoft Corporation) MD5=40453F57AAC02F32F785642F5C2E211E -- C:\WINDOWS\system64\scecli.dll
    [2007/02/18 05:00:00 | 000,188,928 | ---- | M] (Microsoft Corporation) MD5=E7B7FD7D8907DADED4928E922608887F -- C:\WINDOWS\SysWOW64\scecli.dll

    < MD5 for: USBSTOR.SYS >
    [2007/02/18 05:00:00 | 011,678,589 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\amd64\sp2.cab:usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\dllcache\usbstor.sys
    [2007/02/17 01:00:50 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=EDCE8A162E8023FD1751E08E23E41948 -- C:\WINDOWS\system64\drivers\USBSTOR.SYS

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\WINDOWS\system64] -> \systemroot\system32 -> Mount Point

    < End of report >







    OTL Extras logfile created on: 9/29/2011 11:45:15 PM - Run 2
    OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Desktop
    64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.87 Gb Available Physical Memory | 85.83% Memory free
    9.58 Gb Paging File | 8.76 Gb Available in Paging File | 91.50% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 279.46 Gb Total Space | 199.40 Gb Free Space | 71.35% Space Free | Partition Type: NTFS

    Computer Name: DIEGO-B036C6245 | User Name: Administrator | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    .url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    .js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    .vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
    .wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1

    ========== System Restore Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22002
    "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
    "58601:TCP" = 58601:TCP:*:Enabled:pando Media Booster
    "58601:UDP" = 58601:UDP:*:Enabled:pando Media Booster
    "1044:TCP" = 1044:TCP:*:Enabled:Akamai NetSession Interface
    "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019
    "C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
    "C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe" = C:\Program Files (x86)\Steam\steamapps\common\broken sword 3\BSTSD.exe:*:Enabled:Broken Sword III: The Sleeping Dragon -- ()
    "C:\WINDOWS\SysWOW64\lxczcoms.exe" = C:\WINDOWS\SysWOW64\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
    "C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:Lexmark Communications System -- ( )
    "C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
    "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
    "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:pando Media Booster -- ()
    "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
    "C:\Nexon\Vindictus\en-US\NMService.exe" = C:\Nexon\Vindictus\en-US\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
    "C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe" = C:\Program Files (x86)\Steam\steamapps\common\dreamfall the longest journey\dreamfall.exe:*:Enabled:Dreamfall: The Longest Journey -- (Funcom Oslo A/S)
    "C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe" = C:\Program Files (x86)\Steam\steamapps\common\the longest journey\game.exe:*:Enabled:The Longest Journey -- (Funcom)
    "C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files (x86)\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
    "C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe" = C:\Program Files (x86)\Steam\steamapps\common\champions online\Champions Online.exe:*:Enabled:Champions Online: Free For All -- ()


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}" = Nitro PDF Professional
    "Blender" = Blender
    "CCleaner" = CCleaner
    "ie8" = Windows Internet Explorer 8
    "Lexmark 1200 Series" = Lexmark 1200 Series
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "WinRAR archiver" = WinRAR 4.00 beta 3 (64-bit)
    "WMFDist11-64" = Windows Media Format 11 runtime
    "wmp11-64" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{13597237-E360-4F2B-9A43-332C4E9D5C9C}" = InstallIQ Updater
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
    "{209962E3-F989-416B-A31E-76CF8DEEFF36}" = PDF Merger Pro
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63A68338-16A3-4763-8478-A45F91A61E7A}" = Orca
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
    "{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
    "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU
    "{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
    "{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
    "{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "7-Zip" = 7-Zip 4.65
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Akamai" = Akamai NetSession Interface
    "Amazon Kindle" = Amazon Kindle
    "BandiMPEG1" = Bandisoft MPEG-1 Decoder
    "BN_DesktopReader" = NOOK for PC
    "BookSmart® 3.0.3 3.0.3" = BookSmart® 3.0.3 3.0.3
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "Construct Classic_is1" = Construct Classic r1.2
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
    "Micro Niche Finder 5.0_is1" = Micro Niche Finder 5.0
    "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
    "Pen Tablet Driver" = Bamboo
    "Steam App 33610" = Broken Sword III: The Sleeping Dragon
    "Steam App 400" = Portal
    "Steam App 6300" = Dreamfall: The Longest Journey
    "Steam App 6310" = The Longest Journey
    "Steam App 8980" = Borderlands
    "Steam App 9880" = Champions Online: Free For All
    "SystemRequirementsLab" = System Requirements Lab
    "The Ultimate PLR Article Collection_is1" = The Ultimate PLR Article Collection
    "Vindictus" = Vindictus
    "VLC media player" = VLC media player 1.1.7
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "GoToMeeting" = GoToMeeting 5.0.0.799

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 9/27/2011 3:05:02 AM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application pumpa.exe, version 0.0.0.0, faulting module ,
    version 0.0.0.0, fault address 0x00000000.

    Error - 9/27/2011 3:17:29 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 1013
    Description = Product: Nitro PDF Professional -- Please remove Nitro PDF Professional
    via Add/Remove Programs and run setup again. Upgrading from the currently installed
    version is not supported.

    Error - 9/27/2011 3:20:00 AM | Computer Name = DIEGO-B036C6245 | Source = MsiInstaller | ID = 10005
    Description = Product: Nitro PDF Professional -- You are running a 64-bit operating
    system. Please download the 64-bit Nitro PDF Professional installer from Product updates for Nitro PDF Professional

    Error - 9/27/2011 4:27:01 PM | Computer Name = DIEGO-B036C6245 | Source = nlsX86cc | ID = 0
    Description =

    Error - 9/27/2011 9:45:47 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:45:56 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:05 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/27/2011 9:46:30 PM | Computer Name = DIEGO-B036C6245 | Source = Application Error | ID = 1000
    Description = Faulting application nitropdf.exe, version 6.2.0.44, faulting module
    nprender.dll, version 1.7.6.0, fault address 0x0002ccf0.

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XsdValidatingReader.Read()

    at System.Xml.XmlReader.MoveToContent() at System.Xml.XmlReader.IsStartElement(String
    localname, String ns) at Microsoft.InfoCards.CheckStoreFileValidityRequest.OnProcess()

    --- End of inner exception stack trace ---

    Error - 9/28/2011 9:11:07 PM | Computer Name = DIEGO-B036C6245 | Source = CardSpace 3.0.0.0 | ID = 327940
    Description = An error occurred during the import of a card. Errors in reading the
    imported card file. Inner Exception: The data at the root level is invalid. Line
    1, position 1. Additional Information: Microsoft.InfoCards.ImportException: Errors
    in reading the imported card file. ---> System.Xml.XmlException: The data at the
    root level is invalid. Line 1, position 1. at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader
    reader, String res, String arg1, String arg2, String arg3) at System.Xml.XmlUTF8TextReader.Read()

    at System.Xml.XmlCharCheckingReader.Read() at System.Xml.XmlLoader.Load(XmlDocument
    doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.RetrieveIssuerAndCheckSign(XmlReader
    reader) at Microsoft.InfoCards.InfoCardXmlSerializer.CreateCardFromXml(String
    filename) at Microsoft.InfoCards.InfoCardXmlSerializer.Deserialize(String filename)

    --- End of inner exception stack trace ---

    [ OSession Events ]
    Error - 9/11/2011 2:33:59 AM | Computer Name = DIEGO-B036C6245 | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 9/30/2011 2:38:39 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:38:50 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:40:48 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:43:09 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:43:26 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:46:27 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:46:34 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:46:36 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:47:08 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127

    Error - 9/30/2011 2:50:57 AM | Computer Name = DIEGO-B036C6245 | Source = Service Control Manager | ID = 7023
    Description = The Network Location Awareness (NLA) service terminated with the following
    error: %%127


    < End of report >
     
  11. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    Can you run aswMBR again as well please?
     
  12. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    Here it is:


    aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
    Run date: 2011-10-02 15:48:11
    -----------------------------
    15:48:11.328 OS Version: Windows x64 5.2.3790 Service Pack 2
    15:48:11.328 Number of processors: 4 586 0x402
    15:48:11.328 ComputerName: DIEGO-B036C6245 UserName: Administrator
    15:48:11.812 Initialize success
    15:48:26.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
    15:48:26.781 Disk 0 Vendor: WDC_WD3000HLFS-01G6U0 04.04V01 Size: 286168MB BusType: 3
    15:48:28.796 Disk 0 MBR read successfully
    15:48:28.796 Disk 0 MBR scan
    15:48:28.796 Disk 0 Windows XP default MBR code
    15:48:28.796 Service scanning
    15:48:29.687 Modules scanning
    15:48:29.687 Disk 0 trace - called modules:
    15:48:29.687 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS hal.dll
    15:48:29.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffadf3795d770]
    15:48:29.687 3 CLASSPNP.SYS[fffffadf2920c8c9] -> nt!IofCallDriver -> \Device\0000006f[0xfffffadf3795fa10]
    15:48:29.687 5 ACPI.sys[fffffadf293a9e69] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0xfffffadf37919c30]
    15:48:29.687 Scan finished successfully
    15:49:00.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
    15:49:00.453 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"
     
  13. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    Hi,



    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    Link 3

    When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.


    Refer to this image:

    To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
    • Close any open windows and double click PCHelpForum.exe to run it.

      You will see the following image:
    [​IMG]

    Click I Agree to start the program.

    ComboFix will then extract the necessary files and you will see this:

    [​IMG]

    As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

    It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    If you did not have it installed, you will see the prompt below. Choose YES.

    [​IMG]

    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]

    Click on Yes, to continue scanning for malware.

    When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

    Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

    Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.
     
  14. tinkertrain616

    tinkertrain616 New Member Bronze Member

    Joined:
    Sep 28, 2011
    Posts:
    11
    Likes Received:
    1
    Local time:
    07:00
    My System
    Loading...

    combo fix wont run on my windows xp 64 bit version, is there any solutions?
     
  15. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    2
    Local time:
    10:00
    My System
    Loading...

    Hi,

    That was my fault. ComboFix doesn't run on XP 64 bit. I see you have TDSSKiller on your desktop. Have you run that?
     
Similar Threads
Forum Title Date
System Security Search results getting redirected to scour.com Jun 2, 2011
System Security Computer #2 - Browser redirect to "scour" search results May 4, 2011
System Security Scour redirecting virus. Please help remove. Sep 29, 2010
System Security Redirected to another site Jun 30, 2014

Thread Status:
Not open for further replies.