1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Laptop is very poor

Discussion in 'Virus & Other Malware Removal' started by watugot, Apr 6, 2010.

Thread Status:
Not open for further replies.
  1. watugot

    watugot Thread Starter

    Joined:
    Apr 6, 2010
    Messages:
    3
    Hello my laptop is very infected, I keep getting redirected to other sites i cannot download spy doctor updates or go to many sites. Combofix just crashes, chkdsk freezes on stage 2, I have scanned with hijack this and report is below. I hope it can help

    Also avast keeps finding C:\Windows\System32\tdlcmd.dll\[UPX]

    Many thanks

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 13:45:59, on 06/04/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\taskeng.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
    C:\windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
    O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Blackjack Ballroom Casino - {773A5C59-DF7E-421E-AC57-732C4737321C} - C:\Microgaming\Casino\BJBallroom\casinogame.exe (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{940B4252-0F84-4122-86BE-832BC593C49C}: NameServer = 93.188.164.230,93.188.166.78
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A0A978ED-6825-4045-A5DF-117E5F3CA80B}: NameServer = 93.188.164.230,93.188.166.78
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.164.230,93.188.166.78
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.230,93.188.166.78
    O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
    O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

    --
    End of file - 5612 bytes
     
  2. watugot

    watugot Thread Starter

    Joined:
    Apr 6, 2010
    Messages:
    3
    Hi i did a scan with OTS aswell

    Code:
    OTS logfile created on: 06/04/2010 14:25:38 - Run 8
    OTS by OldTimer - Version 3.1.28.0     Folder = C:\Users\Ben\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18882)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
     
    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
    6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
    Paging file location(s): c:\pagefile.sys 0 0 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 223.88 Gb Total Space | 57.05 Gb Free Space | 25.48% Space Free | Partition Type: NTFS
    Drive D: | 9.00 Gb Total Space | 1.07 Gb Free Space | 11.86% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: PIMP
    Current User Name: Ben
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
     
    [Processes - Safe List]
    ots.exe -> C:\Users\Ben\Desktop\OTS.exe -> [2010/04/05 20:22:00 | 000,638,976 | ---- | M] (OldTimer Tools)
    firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/04/04 00:49:17 | 000,910,296 | ---- | M] (Mozilla Corporation)
    pctssvc.exe -> C:\Program Files\Spyware Doctor\pctsSvc.exe -> [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools)
    pctsauxs.exe -> C:\Program Files\Spyware Doctor\pctsAuxs.exe -> [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools)
    pctstray.exe -> C:\Program Files\Spyware Doctor\pctsTray.exe -> [2010/03/09 09:40:26 | 001,286,608 | ---- | M] (PC Tools)
    bdtupdateservice.exe -> C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.)
    ashdisp.exe -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe -> [2009/11/24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software)
    explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
    audiodg.exe -> C:\Windows\System32\audiodg.exe -> [2009/04/11 07:27:20 | 000,088,576 | ---- | M] (Microsoft Corporation)
    wlidsvc.exe -> C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation)
    wlidsvcm.exe -> C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE -> [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation)
     
    [Modules - Safe List]
    ots.exe -> C:\Users\Ben\Desktop\OTS.exe -> [2010/04/05 20:22:00 | 000,638,976 | ---- | M] (OldTimer Tools)
    smum32.dll -> C:\Program Files\Spyware Doctor\smum32.dll -> [2010/02/26 08:16:18 | 000,154,160 | ---- | M] (PC Tools)
    pctgmhk.dll -> C:\Program Files\Spyware Doctor\PCTGMhk.dll -> [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools)
    comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation)
     
    [Win32 Services - Safe List]
    (sdCoreService) PC Tools Security Service [Auto | Running] -> C:\Program Files\Spyware Doctor\pctsSvc.exe -> [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools)
    (sdAuxService) PC Tools Auxiliary Service [Auto | Running] -> C:\Program Files\Spyware Doctor\pctsAuxs.exe -> [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools)
    (Akamai) Akamai NetSession Interface [Auto | Running] -> c:\Program Files\Common Files\Akamai\rswin_3648.dll -> [2010/03/04 14:25:44 | 002,462,256 | ---- | M] ()
    (ServiceLayer) ServiceLayer [Disabled | Stopped] -> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -> [2010/01/26 13:41:08 | 000,652,800 | ---- | M] (Nokia)
    (Browser Defender Update Service) Browser Defender Update Service [Auto | Running] -> C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -> [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.)
    (FLEXnet Licensing Service) FLEXnet Licensing Service [Disabled | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2009/12/09 19:43:58 | 000,655,624 | ---- | M] (Acresso Software Inc.)
    (avast! Antivirus) avast! Antivirus [Disabled | Stopped] -> C:\Program Files\Alwil Software\Avast4\ashServ.exe -> [2009/11/24 23:51:35 | 000,138,680 | ---- | M] (ALWIL Software)
    (avast! Mail Scanner) avast! Mail Scanner [Disabled | Stopped] -> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -> [2009/11/24 23:51:21 | 000,254,040 | ---- | M] (ALWIL Software)
    (avast! Web Scanner) avast! Web Scanner [Disabled | Stopped] -> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -> [2009/11/24 23:48:48 | 000,352,920 | ---- | M] (ALWIL Software)
    (aswUpdSv) avast! iAVS4 Control Service [Disabled | Stopped] -> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -> [2009/11/24 23:43:56 | 000,018,752 | ---- | M] (ALWIL Software)
    (RapportMgmtService) Rapport Management Service [Disabled | Stopped] -> C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -> [2009/11/01 19:08:06 | 000,972,008 | ---- | M] (Trusteer Ltd.)
    (PCToolsSSDMonitorSvc) PC Tools Startup and Shutdown Monitor service [Disabled | Stopped] -> C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -> [2009/10/14 16:42:38 | 000,583,640 | ---- | M] (PC Tools)
    (FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation)
    (EhttpSrv) ESET HTTP Server [Disabled | Stopped] -> C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -> [2009/09/11 08:33:18 | 000,020,680 | ---- | M] (ESET)
    (ekrn) ESET Service [Disabled | Stopped] -> C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -> [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET)
    (FsUsbExService) FsUsbExService [Disabled | Stopped] -> C:\Windows\System32\FsUsbExService.Exe -> [2009/03/31 10:39:36 | 000,233,472 | ---- | M] (Teruten)
    (wlidsvc) Windows Live ID Sign-in Assistant [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation)
    (TwonkyMedia) TwonkyMedia [Disabled | Stopped] -> C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -> [2009/01/29 16:54:44 | 000,102,400 | ---- | M] (PacketVideo)
    (IAANTMON) Intel(R) Matrix Storage Event Monitor [Disabled | Stopped] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2008/04/18 14:54:02 | 000,354,840 | ---- | M] (Intel Corporation)
    (WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation)
    (AgereModemAudio) Agere Modem Call Progress Audio [Disabled | Stopped] -> C:\Windows\System32\agrsmsvc.exe -> [2007/12/11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems)
    (lxdi_device) lxdi_device [Disabled | Stopped] -> C:\windows\System32\lxdicoms.exe -> [2007/06/11 11:14:52 | 000,517,040 | ---- | M] ( )
    (lxdiCATSCustConnectService) lxdiCATSCustConnectService [Disabled | Stopped] -> C:\windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -> [2007/06/11 11:14:42 | 000,099,248 | ---- | M] ()
    (FLCDLOCK) HP ProtectTools Device Locking / Auditing [Disabled | Stopped] -> C:\Windows\System32\flcdlock.exe -> [2007/06/08 18:06:42 | 000,172,131 | ---- | M] (Hewlett-Packard Ltd)
    (pdfcDispatcher) PDF Document Manager [Disabled | Stopped] -> C:\Program Files\PDF Complete\pdfsvc.exe -> [2007/05/08 08:38:46 | 000,540,448 | ---- | M] (PDF Complete Inc)
    (AEADIFilters) Andrea ADI Filters Service [Disabled | Stopped] -> C:\Windows\System32\AEADISRV.EXE -> [2007/02/06 08:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation)
    (IviRegMgr) IviRegMgr [Disabled | Stopped] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/05 03:48:52 | 000,112,152 | R--- | M] (InterVideo)
     
    [Driver Services - Safe List]
    (PCTCore) PCTools KDS [Kernel | Boot | Running] -> C:\windows\system32\drivers\PCTCore.sys -> [2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools)
    (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -> [2010/02/19 11:46:49 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/02/19 11:46:48 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    (SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2010/02/19 11:46:48 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
    (nmwcd) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ccdcmb.sys -> [2010/01/21 15:53:16 | 000,018,048 | ---- | M] (Nokia)
    (nmwcdc) Nokia USB Generic [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ccdcmbo.sys -> [2009/12/30 12:30:48 | 000,022,016 | ---- | M] (Nokia)
    (upperdev) upperdev [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbser_lowerflt.sys -> [2009/12/30 12:30:48 | 000,007,936 | ---- | M] (Nokia)
    (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2009/11/24 23:49:07 | 000,048,560 | ---- | M] (ALWIL Software)
    (aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2009/11/24 23:48:57 | 000,023,120 | ---- | M] (ALWIL Software)
    (FlyUsb) FLY Fusion [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\FlyUsb.sys -> [2009/11/10 10:27:06 | 000,019,456 | ---- | M] (LeapFrog)
    (NETw5v32) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NETw5v32.sys -> [2009/10/26 14:47:34 | 004,247,552 | ---- | M] (Intel Corporation)
    (WinVd32) WinVd32 [Kernel | Auto | Running] -> C:\Windows\System32\WinVd32.sys -> [2009/09/21 10:31:04 | 000,180,224 | ---- | M] ()
    (WinFLdrv) WinFLdrv [File_System | Auto | Running] -> C:\windows\System32\WinFLdrv.sys -> [2009/09/21 10:31:00 | 000,010,752 | ---- | M] ()
    (aswSP) avast! Self Protection [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2009/09/15 11:55:30 | 000,114,768 | ---- | M] (ALWIL Software)
    (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2009/09/15 11:55:19 | 000,020,560 | ---- | M] (ALWIL Software)
    (aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2009/09/15 11:55:09 | 000,053,328 | ---- | M] (ALWIL Software)
    (epfwwfpr) epfwwfpr [Kernel | Auto | Running] -> C:\Windows\System32\drivers\epfwwfpr.sys -> [2009/09/11 08:26:28 | 000,095,896 | ---- | M] (ESET)
    (ehdrv) ehdrv [Kernel | System | Running] -> C:\Windows\System32\drivers\ehdrv.sys -> [2009/09/11 08:23:50 | 000,108,792 | ---- | M] (ESET)
    (eamon) eamon [File_System | Auto | Running] -> C:\Windows\System32\drivers\eamon.sys -> [2009/09/11 08:17:16 | 000,116,008 | ---- | M] (ESET)
    (VClone) VClone [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VClone.sys -> [2009/05/23 00:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG)
    (xusb21) Xbox 360 Wireless Receiver Driver Service 21 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\xusb21.sys -> [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation)
    (FsUsbExDisk) FsUsbExDisk [Kernel | On_Demand | Stopped] -> C:\Windows\System32\FsUsbExDisk.Sys -> [2009/03/31 10:39:36 | 000,036,608 | ---- | M] ()
    (ss_bmdm) SAMSUNG USB Mobile Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ss_bmdm.sys -> [2009/03/20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation)
    (ss_bbus) SAMSUNG USB Mobile Device (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ss_bbus.sys -> [2009/03/20 11:01:26 | 000,090,112 | ---- | M] (MCCI)
    (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ss_bmdfl.sys -> [2009/03/20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation)
    (VCSVADHWSer) Avnex Virtual Audio Device (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\vcsvad.sys -> [2008/12/10 18:56:26 | 000,017,792 | ---- | M] (Avnex)
    (e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\e1e6032.sys -> [2008/12/05 07:55:40 | 000,217,728 | ---- | M] (Intel Corporation)
    (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2008/11/21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems)
    (pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\pccsmcfd.sys -> [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia)
    (adfs) adfs [Kernel | Auto | Running] -> C:\Windows\System32\drivers\adfs.sys -> [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.)
    (btwavdt) Bluetooth AVDT Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwavdt.sys -> [2008/06/23 11:54:08 | 000,081,960 | ---- | M] (Broadcom Corporation.)
    (btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwaudio.sys -> [2008/06/23 11:54:08 | 000,080,424 | ---- | M] (Broadcom Corporation.)
    (btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwrchid.sys -> [2008/06/23 11:54:08 | 000,016,168 | ---- | M] (Broadcom Corporation.)
    (ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ADIHdAud.sys -> [2008/04/24 14:26:28 | 000,309,248 | ---- | M] (Analog Devices, Inc.)
    (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\windows\system32\drivers\iastor.sys -> [2008/04/15 18:53:44 | 000,312,344 | ---- | M] ()
    (HBtnKey) HBtnKey [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CPQBttn.sys -> [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.)
    (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2008/03/27 19:14:06 | 000,224,672 | ---- | M] (Synaptics, Inc.)
    (BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2008/03/21 19:35:24 | 001,207,288 | ---- | M] (Broadcom Corporation)
    (igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 13:36:10 | 002,302,976 | ---- | M] (Intel Corporation)
    (UMPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\umpass.sys -> [2008/01/21 03:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation)
    (MegaSR) MegaSR [Kernel | Boot | Running] -> C:\windows\system32\drivers\megasr.sys -> [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.)
    (adpu320) adpu320 [Kernel | Boot | Running] -> C:\windows\system32\drivers\adpu320.sys -> [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.)
    (megasas) megasas [Kernel | Boot | Running] -> C:\windows\system32\drivers\megasas.sys -> [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation)
    (adpu160m) adpu160m [Kernel | Boot | Running] -> C:\windows\system32\drivers\adpu160m.sys -> [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.)
    (SiSRaid4) SiSRaid4 [Kernel | Boot | Running] -> C:\windows\system32\drivers\sisraid4.sys -> [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems)
    (TPM) TPM [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\tpm.sys -> [2008/01/21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation)
    (HpCISSs) HpCISSs [Kernel | Boot | Running] -> C:\windows\system32\drivers\hpcisss.sys -> [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company)
    (adpahci) adpahci [Kernel | Boot | Running] -> C:\windows\system32\drivers\adpahci.sys -> [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.)
    (LSI_SAS) LSI_SAS [Kernel | Boot | Running] -> C:\windows\system32\drivers\lsi_sas.sys -> [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic)
    (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Boot | Running] -> C:\windows\system32\drivers\ql2300.sys -> [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation)
    (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation)
    (arcsas) arcsas [Kernel | Boot | Running] -> C:\windows\system32\drivers\arcsas.sys -> [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.)
    (iaStorV) Intel RAID Controller Vista [Kernel | Boot | Running] -> C:\windows\system32\drivers\iastorv.sys -> [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation)
    (vsmraid) vsmraid [Kernel | Boot | Running] -> C:\windows\system32\drivers\vsmraid.sys -> [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd)
    (ulsata2) ulsata2 [Kernel | Boot | Running] -> C:\windows\system32\drivers\ulsata2.sys -> [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
    (LSI_SCSI) LSI_SCSI [Kernel | Boot | Running] -> C:\windows\system32\drivers\lsi_scsi.sys -> [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic)
    (LSI_FC) LSI_FC [Kernel | Boot | Running] -> C:\windows\system32\drivers\lsi_fc.sys -> [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic)
    (arc) arc [Kernel | Boot | Running] -> C:\windows\system32\drivers\arc.sys -> [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.)
    (elxstor) elxstor [Kernel | Boot | Running] -> C:\windows\system32\drivers\elxstor.sys -> [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex)
    (adp94xx) adp94xx [Kernel | Boot | Running] -> C:\windows\system32\drivers\adp94xx.sys -> [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.)
    (nvraid) NVIDIA nForce RAID Driver    [Kernel | Boot | Running] -> C:\windows\system32\drivers\nvraid.sys -> [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation)
    (nvstor) nvstor [Kernel | Boot | Running] -> C:\windows\system32\drivers\nvstor.sys -> [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation)
    (uliahci) uliahci [Kernel | Boot | Running] -> C:\windows\system32\drivers\uliahci.sys -> [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.)
    (b57nd60x) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\b57nd60x.sys -> [2008/01/21 03:23:20 | 000,179,712 | ---- | M] (Broadcom Corporation)
    (viaide) viaide [Kernel | Boot | Running] -> C:\windows\system32\drivers\viaide.sys -> [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.)
    (cmdide) cmdide [Kernel | Boot | Running] -> C:\windows\system32\drivers\cmdide.sys -> [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.)
    (aliide) aliide [Kernel | Boot | Running] -> C:\windows\system32\drivers\aliide.sys -> [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.)
    (HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.)
    (DAMDrv) DAMDrv [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\DAMDrv.sys -> [2007/06/08 17:49:46 | 000,030,008 | ---- | M] (Hewlett-Packard Development Company L.P.)
    (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Boot | Running] -> C:\windows\system32\drivers\ql40xx.sys -> [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
    (UlSata) UlSata [Kernel | Boot | Running] -> C:\windows\system32\drivers\ulsata.sys -> [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
    (nfrd960) nfrd960 [Kernel | Boot | Running] -> C:\windows\system32\drivers\nfrd960.sys -> [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
    (iirsp) iirsp [Kernel | Boot | Running] -> C:\windows\system32\drivers\iirsp.sys -> [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
    (aic78xx) aic78xx [Kernel | Boot | Running] -> C:\windows\system32\drivers\djsvs.sys -> [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
    (iteraid) ITERAID_Service_Install [Kernel | Boot | Running] -> C:\windows\system32\drivers\iteraid.sys -> [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
    (iteatapi) ITEATAPI_Service_Install [Kernel | Boot | Running] -> C:\windows\system32\drivers\iteatapi.sys -> [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
    (Symc8xx) Symc8xx [Kernel | Boot | Running] -> C:\windows\system32\drivers\symc8xx.sys -> [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic)
    (Sym_u3) Sym_u3 [Kernel | Boot | Running] -> C:\windows\system32\drivers\sym_u3.sys -> [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic)
    (Mraid35x) Mraid35x [Kernel | Boot | Running] -> C:\windows\system32\drivers\mraid35x.sys -> [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
    (Sym_hi) Sym_hi [Kernel | Boot | Running] -> C:\windows\system32\drivers\sym_hi.sys -> [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic)
    (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brserid.sys -> [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
    (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brusbser.sys -> [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
    (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brfiltup.sys -> [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
    (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brfiltlo.sys -> [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
    (BrSerWdm) Brother WDM Serial driver [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brserwdm.sys -> [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
    (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\brusbmdm.sys -> [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
    (ntrigdigi) N-trig HID Tablet Driver [Kernel | On_Demand | Stopped] -> C:\windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
     
    [Registry - Safe List]
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
    < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
    HKEY_USERS\.DEFAULT\: Main\\"Start Page Redirect Cache" -> http://uk.msn.com/iat/us_gb.aspx -> 
    HKEY_USERS\.DEFAULT\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 92 E1 6D 99 C8 A5 CA 01  [binary data] -> 
    HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
    < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
    HKEY_USERS\S-1-5-18\: Main\\"Start Page Redirect Cache" -> http://uk.msn.com/iat/us_gb.aspx -> 
    HKEY_USERS\S-1-5-18\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 92 E1 6D 99 C8 A5 CA 01  [binary data] -> 
    HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
    < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
    < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
    < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\: Main\\"Start Page" -> http://msn.com/ -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\: Main\\"Start Page Redirect Cache" -> http://uk.msn.com/?ocid=iehp -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-gb -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\: "ProxyEnable" -> 0 -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\: "ProxyOverride" -> <local> -> 
    < FireFox Settings [Prefs.js] > -> C:\Users\Ben\AppData\Roaming\Mozilla\FireFox\Profiles\ioxbue7n.default\prefs.js -> 
    browser.startup.homepage -> "google.co.uk" ->
    < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
    HKLM\software\mozilla\Firefox\Extensions ->  -> 
    HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} -> C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\ [C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION\] -> [2010/02/26 16:40:55 | 000,000,000 | ---D | M]
    HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions ->  -> 
    HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/04/04 00:49:19 | 000,000,000 | ---D | M]
    HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/04/04 00:49:19 | 000,000,000 | ---D | M]
    HKLM\software\mozilla\Thunderbird\Extensions ->  -> 
    HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74} -> C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\ [C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\THUNDERBIRD CONNECTOR\THUNDERBIRDEXTENSION\] -> [2010/02/26 16:40:55 | 000,000,000 | ---D | M]
    HKLM\software\mozilla\Thunderbird\Extensions\\[email protected] -> C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD] -> [2010/03/03 14:49:35 | 000,000,000 | ---D | M]
    < FireFox Extensions [User Folders] > -> 
      -> C:\Users\Ben\AppData\Roaming\Mozilla\Extensions -> [2009/09/29 19:16:12 | 000,000,000 | ---D | M]
      -> C:\Users\Ben\AppData\Roaming\Mozilla\Extensions\[email protected] -> [2009/09/29 19:16:12 | 000,000,000 | ---D | M]
      -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\extensions -> [2010/04/05 20:27:17 | 000,000,000 | ---D | M]
    Microsoft .NET Framework Assistant   -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/09/01 00:09:44 | 000,000,000 | ---D | M]
    iMacros for Firefox   -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} -> [2010/01/02 21:57:56 | 000,000,000 | ---D | M]
    User Agent Switcher   -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} -> [2009/10/06 15:45:29 | 000,000,000 | ---D | M]
    < FireFox SearchPlugins [User Folders] > -> 
     btjunkie.xml -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\searchplugins\btjunkie.xml -> [2010/04/05 15:37:14 | 000,001,824 | ---- | M] ()
     virgin-media.xml -> C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\ioxbue7n.default\searchplugins\virgin-media.xml -> [2009/09/08 10:31:48 | 000,000,429 | ---- | M] ()
    < FireFox Extensions [Program Folders] > -> 
      -> C:\Program Files\Mozilla Firefox\extensions -> [2010/03/01 15:07:23 | 000,000,000 | ---D | M]
    < HOSTS File > ([2010/03/29 22:57:14 | 000,380,176 | R--- | M] - 13143 lines) -> C:\Windows\System32\drivers\etc\hosts -> 
    First 25 entries...
    Reset Hosts
    127.0.0.1       localhost
    ::1             localhost
    127.0.0.1    www.007guard.com
    127.0.0.1    007guard.com
    127.0.0.1    008i.com
    127.0.0.1    www.008k.com
    127.0.0.1    008k.com
    127.0.0.1    www.00hq.com
    127.0.0.1    00hq.com
    127.0.0.1    010402.com
    127.0.0.1    www.032439.com
    127.0.0.1    032439.com
    127.0.0.1    www.0scan.com
    127.0.0.1    0scan.com
    127.0.0.1    www.1000gratisproben.com
    127.0.0.1    1000gratisproben.com
    127.0.0.1    www.1001namen.com
    127.0.0.1    1001namen.com
    127.0.0.1    100888290cs.com
    127.0.0.1    www.100888290cs.com
    127.0.0.1    100sexlinks.com
    127.0.0.1    www.100sexlinks.com
    127.0.0.1    10sek.com
    127.0.0.1    www.10sek.com
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
    {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} [HKLM] -> C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard BHO] -> [2010/01/22 09:56:26 | 000,567,248 | ---- | M] (Threat Expert Ltd.)
    {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
    "{0BF43445-2F28-4351-9252-17FE6E806AA0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    "{472734EA-242A-422B-ADF8-83D1E48CC825}" [HKLM] -> C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [PC Tools Browser Guard] -> [2010/01/22 09:56:26 | 000,567,248 | ---- | M] (Threat Expert Ltd.)
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
    "" ->  [] -> File not found
    "avast!" -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2009/11/24 23:51:40 | 000,081,000 | ---- | M] (ALWIL Software)
    "ISTray" -> C:\Program Files\Spyware Doctor\pctsTray.exe ["C:\Program Files\Spyware Doctor\pctsTray.exe"] -> [2010/03/09 09:40:26 | 001,286,608 | ---- | M] (PC Tools)
    "NPSStartup" ->  [] -> File not found
    < Run [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
    "" ->  [] -> File not found
    < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
    < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    \\"NoDriveTypeAutoRun" ->  [145] -> File not found
    < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    \\"LogonHoursAction" ->  [2] -> File not found
    \\"DontDisplayLogonHoursWarnings" ->  [1] -> File not found
    < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
    E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/08/17 23:48:08 | 018,341,216 | ---- | M] (Microsoft Corporation)
    < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
    E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/08/17 23:48:08 | 018,341,216 | ---- | M] (Microsoft Corporation)
    < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\Software\Microsoft\Internet Explorer\MenuExt\ -> 
    Send image to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 12:57:50 | 000,001,199 | ---- | M] ()
    Send page to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
    < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
    {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
    {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}:Exec [HKLM] -> Reg Error: Value error. [Button: PartyCasino] -> File not found
    {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}:Reg Error: Value error. [HKLM] -> Reg Error: Value error. [Menu: PartyCasino] -> File not found
    {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
    {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
    < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\Software\Microsoft\Internet Explorer\Extensions\ -> 
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"ButtonText" [HKLM] ->  [Reg Error: Key error.] -> File not found
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"CLSID" [HKLM] ->  [{0000031A-0000-0000-C000-000000000046}] -> File not found
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"Default Visible" [HKLM] ->  [Reg Error: Key error.] -> File not found
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"Exec" [HKLM] ->  [Reg Error: Key error.] -> File not found
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"HotIcon" [HKLM] ->  [Reg Error: Key error.] -> File not found
    {773A5C59-DF7E-421E-AC57-732C4737321C}\\"Icon" [HKLM] ->  [Reg Error: Key error.] -> File not found
    CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@btrez.dll,-4015] -> File not found
    < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    "" -> http://
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6764 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
    < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6764 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
    < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6764 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
    < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
    < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
    < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6764 domain(s) found. -> 
    < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
    HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
    {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> 
    {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab [Java Plug-in 1.6.0_18] -> 
    {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab [Java Plug-in 1.6.0_18] -> 
    {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> 
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
    DhcpNameServer -> 192.168.1.1 -> 
    NameServer -> 93.188.164.230,93.188.166.78 -> 
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
    {940B4252-0F84-4122-86BE-832BC593C49C}\\DhcpNameServer -> 192.168.1.1   (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
    {940B4252-0F84-4122-86BE-832BC593C49C}\\NameServer -> 93.188.164.230,93.188.166.78   (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
    {A0A978ED-6825-4045-A5DF-117E5F3CA80B}\\DhcpNameServer -> 192.168.1.1   (Intel(R) 82562GT 10/100 Network Connection) -> 
    {A0A978ED-6825-4045-A5DF-117E5F3CA80B}\\NameServer -> 93.188.164.230,93.188.166.78   (Intel(R) 82562GT 10/100 Network Connection) -> 
    IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
    "MaxScriptStatements" -> Reg Error: Invalid data type.
    "Use My Stylesheet" -> Reg Error: Invalid data type.
    < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
    *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
    Explorer.exe -> C:\windows\explorer.exe -> [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
    *MultiFile Done* -> -> 
    < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
    DeviceNP -> C:\windows\System32\DeviceNP.dll -> [2007/06/08 18:04:30 | 000,049,152 | ---- | M] (Hewlett-Packard Limited)
    igfxcui -> C:\windows\System32\igfxdev.dll -> [2008/02/11 12:46:44 | 000,204,800 | ---- | M] (Intel Corporation)
    < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> Reg Error: Key error. [] -> File not found
    < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
    "C:\Program Files\Lexmark 3500-4500 Series\app4r.exe" -> C:\Program Files\Lexmark 3500-4500 Series\app4r.exe [C:\Program Files\Lexmark 3500-4500 Series\app4r.exe:*:Enabled:Lexmark Imaging Studio] -> [2007/04/02 17:53:18 | 000,024,576 | ---- | M] ()
    "C:\Program Files\TESTOUT\Cmi\Navigator.exe" -> C:\Program Files\TESTOUT\Cmi\Navigator.exe [C:\Program Files\TESTOUT\Cmi\Navigator.exe:*:Disabled:TestOut Navigator] -> File not found
    < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
    "C:\Program Files\TESTOUT\Cmi\Navigator.exe" -> C:\Program Files\TESTOUT\Cmi\Navigator.exe [C:\Program Files\TESTOUT\Cmi\Navigator.exe:*:Disabled:TestOut Navigator] -> File not found
    < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
    < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
    "AutoRun" -> 1 -> 
    "DisplayName" -> CD-ROM Driver -> 
    "ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
    < Drives with AutoRun files > ->  -> 
    C:\AUTOEXEC.BAT [del C:\Progra~1\Trusteer\Rapport\bin\RapportService.exe | ] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2010/02/23 18:42:31 | 000,000,057 | ---- | M] ()
    D:\Autorun.inf [[autorun] | shellexecute= | ] -> D:\Autorun.inf [ NTFS ] -> [2010/03/31 10:04:35 | 000,000,026 | ---- | M] ()
    < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
    \E
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\shell
    \E\shell\\"" ->  [AutoRun] -> File not found
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\shell\AutoRun\command
    \E\shell\AutoRun\command\\"" -> E:\setup.exe [E:\setup.exe /unattend:unattend.xml] -> File not found
    \{8ca4bc21-7877-11de-9f1c-806e6f6e6963}
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ca4bc21-7877-11de-9f1c-806e6f6e6963}\shell
    \{8ca4bc21-7877-11de-9f1c-806e6f6e6963}\shell\\"" ->  [AutoRun] -> File not found
    < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
    comfile [open] -> "%1" %* -> 
    exefile [open] -> "%1" %* -> 
    < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
    .com [@ = comfile] -> "%1" %* -> 
    .exe [@ = exefile] -> "%1" %* -> 
     
    [Registry - Additional Scans - Safe List]
    < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
    .bat [@ = batfile] -> "%1" %* -> 
    .cmd [@ = cmdfile] -> "%1" %* -> 
    .com [@ = comfile] -> "%1" %* -> 
    .exe [@ = exefile] -> "%1" %* -> 
    .hlp [@ = hlpfile] -> C:\windows\winhlp32.exe -> [2006/11/02 10:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation)
    .pif [@ = piffile] -> "%1" %* -> 
    .scr [@ = scrfile] -> "%1" /S -> 
    < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Classes\<extension>\ -> 
    .html [@ = ChromeHTML] -> C:\Users\Ben\AppData\Local\Google\Chrome\Application\chrome.exe -> [2010/03/28 04:13:16 | 000,530,416 | ---- | M] (Google Inc.)
    < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> 
    text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 09:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation)
    < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
    ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 22:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation)
    wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation)
    < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
    \\"cval" ->  [1] -> File not found
    \\"UACDisableNotify" ->  [0] -> File not found
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
    \Svc\\"AntiVirusOverride" ->  [0] -> File not found
    \Svc\\"AntiSpywareOverride" ->  [0] -> File not found
    \Svc\\"FirewallOverride" ->  [0] -> File not found
    \Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
    \Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
    \\"EnableFirewall" ->  [1] -> File not found
    \\"DisableNotifications" ->  [0] -> File not found
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> 
    < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
    Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000003 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000004 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000005 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000006 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000007 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000008 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    Protocol_Catalog9\Catalog_Entries\000000000020 -> C:\windows\System32\wpclsp.dll -> [2008/01/21 03:25:26 | 000,072,192 | ---- | M] (Microsoft Corporation)
    < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
    ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
    news -> 4 = Restricted sites (Not a Default Protocol) -> 
    nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
    oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
    snews -> 4 = Restricted sites (Not a Default Protocol) -> 
    < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
    @ivt -> @ivt protocol not assigned -> 
    file -> file protocol not assigned -> 
    ftp -> ftp protocol not assigned -> 
    http -> http protocol not assigned -> 
    https -> https protocol not assigned -> 
    shell -> shell protocol not assigned -> 
    < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
    @ivt -> @ivt protocol not assigned -> 
    file -> file protocol not assigned -> 
    ftp -> ftp protocol not assigned -> 
    http -> http protocol not assigned -> 
    https -> https protocol not assigned -> 
    shell -> shell protocol not assigned -> 
    < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
    {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    {004C5DA2-2051-4D25-94BA-51CF810C91EB} -> LightScribe System Software  1.12.37.1
    {00ADFB20-AE75-46F4-AD2C-F48B15AC3100} -> Adobe Color NA Recommended Settings CS4
    {03528A01-7E5E-4C5F-94DF-1D8012E969EF} -> Nokia Map Loader
    {03D1988F-469F-4843-8E6E-E5FE9D17889D} -> HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
    {05308C4E-7285-4066-BAE3-6B50DA6ED755} -> Adobe Update Manager CS4
    {054EFA56-2AC1-48F4-A883-0AB89874B972} -> Adobe Extension Manager CS4
    {0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A} -> HiJackThis
    {082702D5-5DD8-4600-BCE5-48B15174687F} -> HP Doc Viewer
    {08E81ABD-79F7-49C2-881F-FD6CB0975693} -> Roxio Creator Data
    {098727E1-775A-4450-B573-3F441F1CA243} -> kuler
    {0D6013AB-A0C7-41DC-973C-E93129C9A29F} -> Adobe Color JA Extra Settings CS4
    {0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23} -> Adobe Setup
    {0EABFEF6-6D10-4C12-8667-3029C481D355} -> Nokia Photos
    {0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0} -> Nokia Home Media Server
    {0F723FC1-7606-4867-866C-CE80AD292DAF} -> Adobe CSI CS4
    {10A44844-4465-456E-8C97-80BDD4F68845} -> Windows Live ID Sign-in Assistant
    {1618734A-3957-4ADD-8199-F973763109A8} -> Adobe Anchor Service CS4
    {16E16F01-2E2D-4248-A42F-76261C147B6C} -> Adobe Drive CS4
    {16E6D2C1-7C90-4309-8EC4-D2212690AAA4} -> AdobeColorCommonSetRGB
    {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} -> YouTube Downloader 2.5.3
    {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215} -> Rapport
    {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} -> Roxio Creator Tools
    {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool
    {228C6B46-64E2-404E-898A-EF0830603EF4} -> HPNetworkAssistant
    {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
    {254C37AA-6B72-4300-84F6-98A82419187E} -> ActiveCheck component for HP Active Support Library
    {2614F54E-A828-49FA-93BA-45A3F756BFAA} -> 32 Bit HP CIO Components Installer
    {26A24AE4-039D-4CA4-87B4-2F83216015FF} -> Java(TM) 6 Update 18
    {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime
    {2DB165DC-DDB4-403F-B985-19F3EC7D0357} -> HP ProtectTools Security Manager
    {31216452-5540-4C96-B754-94890A63D5AB} -> HP Help and Support
    {3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
    {34D2AB40-150D-475D-AE32-BD23FB5EE355} -> HP Quick Launch Buttons 6.40 E1
    {35D94F92-1D3A-43C5-8605-EA268B1A7BD9} -> PDF Settings CS4
    {35ED8B97-897C-4BD1-AEAE-6FD3404BA082} -> Ovi Desktop Sync Engine
    {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} -> Adobe Media Player
    {3A4E8896-C2E7-4084-A4A4-B8FD1894E739} -> Adobe XMP Panels CS4
    {3D2C9DE6-9ADE-4252-A241-E43723B0CE02} -> Adobe Color - Photoshop Specific CS4
    {3D5044A5-97B8-45C0-B956-BB2376569188} -> Windows Live Movie Maker
    {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} -> Adobe WinSoft Linguistics Plugin
    {420BBA1D-B275-4891-838C-EA88FE87A632} -> HP Customer Experience Enhancements
    {4217C49A-545A-499E-9428-6D61B004A671} -> HP User Guides 0113
    {45A136EC-88BF-4B95-99F5-C45D3930E1CC} -> HP MULTIPLE MODEM INSTALLER for VISTA
    {481C9A00-91AC-4065-870C-BD4E28186E5A} -> PC Connectivity Solution
    {4943EFF5-229F-435D-BEA9-BE3CAEA783A7} -> Adobe Service Manager Extension
    {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
    {4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} -> SmartSound Quicktracks Plugin
    {4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78} -> Nokia Software Updater
    {4CBE1223-9518-4663-A220-73A85071DCCF} -> Pop Art Studio 4.3
    {4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D} -> OviMPlatform
    {50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF} -> Nokia Ovi Player
    {537BF16E-7412-448C-95D8-846E85A1D817} -> Roxio Creator Business
    {553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
    {5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} -> Adobe Color EU Extra Settings CS4
    {55B52830-024A-443E-AF61-61E1E71AFA1B} -> Device Access Manager for HP ProtectTools
    {56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
    {5D97A4A7-C274-4B63-86D9-07A33435F505} -> InterVideo DVD Check
    {5EE7D259-D137-4438-9A5F-42F432EC0421} -> VC80CRTRedist - 8.0.50727.4053
    {63C24A08-70F3-4C8E-B9FB-9F21A903801D} -> Adobe Color Video Profiles CS CS4
    {63E5CDBF-8214-4F03-84F8-CD3CE48639AD} -> Adobe Photoshop CS4 Support
    {6412CECE-8172-4BE5-935B-6CECACD2CA87} -> Windows Live Mail
    {6421F085-1FAA-DE13-D02A-CFB412C522A4} -> Acrobat.com
    {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3
    {669D4A35-146B-4314-89F1-1AC3D7B88367} -> HPAsset component for HP Active Support Library
    {67F0E67A-8E93-4C2C-B29D-47C48262738A} -> Adobe Device Central CS4
    {68243FF8-83CA-466B-B2B8-9F99DA5479C4} -> AdobeColorCommonSetCMYK
    {69333A04-5134-40A5-A055-9166A7AA1EC8} -> 
    {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
    {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} -> MSVC80_x86_v2
    {70B31335-50EE-4834-8431-27412CDE62BD} -> Nokia_Multimedia_Common_Components_2_5
    {70CEFEBA-F757-4DBE-8A21-027C326137CE} -> HP Software Setup 5.00.A.7
    {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} -> Roxio Creator Audio
    {74DC0593-6BC6-4001-AD5F-D810AFB68D86} -> HP Update
    {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    {7E84FAC8-C518-40F9-9807-7455301D6D25} -> SamsungConnectivityCableDriver
    {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials
    {820D3F45-F6EE-4AAF-81EF-CE21FF21D230} -> Adobe Type Support CS4
    {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
    {83877DB1-8B77-45BC-AB43-2BAC22E093E0} -> Adobe Bridge CS4
    {842B4B72-9E8F-4962-B3C1-1C422A5C4434} -> Suite Shared Configuration CS4
    {84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} -> Windows Live Sync
    {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
    {8BB128BE-2670-485D-A221-B00715BCEBCF} -> HP Easy Setup - Frontend
    {90120000-0015-0407-0000-0000000FF1CE} -> Microsoft Office Access MUI (German) 2007
    {90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007
    {90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
    {90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0015-0410-0000-0000000FF1CE} -> Microsoft Office Access MUI (Italian) 2007
    {90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0015-0413-0000-0000000FF1CE} -> Microsoft Office Access MUI (Dutch) 2007
    {90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0016-0407-0000-0000000FF1CE} -> Microsoft Office Excel MUI (German) 2007
    {90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
    {90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
    {90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0016-0410-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Italian) 2007
    {90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0016-0413-0000-0000000FF1CE} -> Microsoft Office Excel MUI (Dutch) 2007
    {90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0018-0407-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (German) 2007
    {90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
    {90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
    {90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0018-0410-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Italian) 2007
    {90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0018-0413-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (Dutch) 2007
    {90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0019-0407-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (German) 2007
    {90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007
    {90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
    {90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0019-0410-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Italian) 2007
    {90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0019-0413-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (Dutch) 2007
    {90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001A-0407-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (German) 2007
    {90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
    {90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
    {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001A-0410-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Italian) 2007
    {90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001A-0413-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (Dutch) 2007
    {90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001B-0407-0000-0000000FF1CE} -> Microsoft Office Word MUI (German) 2007
    {90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
    {90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
    {90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001B-0410-0000-0000000FF1CE} -> Microsoft Office Word MUI (Italian) 2007
    {90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001B-0413-0000-0000000FF1CE} -> Microsoft Office Word MUI (Dutch) 2007
    {90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
    {90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
    {90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
    {90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
    {90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-0410-0000-0000000FF1CE} -> Microsoft Office Proof (Italian) 2007
    {90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
    {90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
    {90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    {90120000-002C-0407-0000-0000000FF1CE} -> Microsoft Office Proofing (German) 2007
    {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
    {90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
    {90120000-002C-0410-0000-0000000FF1CE} -> Microsoft Office Proofing (Italian) 2007
    {90120000-002C-0413-0000-0000000FF1CE} -> Microsoft Office Proofing (Dutch) 2007
    {90120000-006E-0407-0000-0000000FF1CE} -> Microsoft Office Shared MUI (German) 2007
    {90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
    {90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
    {90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-006E-0410-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Italian) 2007
    {90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-006E-0413-0000-0000000FF1CE} -> Microsoft Office Shared MUI (Dutch) 2007
    {90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
    {90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007
    {90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> IntelĀ® Matrix Storage Manager
    {91120000-0031-0000-0000-0000000FF1CE} -> Microsoft Office Professional Hybrid 2007
    {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
    {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
    {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD
    {927AA2A2-7631-4EA2-A1F9-252D27B9D0A2} -> Nokia Ovi Suite
    {931AB7EA-3656-4BB7-864D-022B09E3DD67} -> Adobe Linguistics CS4
    {93D44E47-EBE0-43FC-A427-8AC3CD026536} -> Vista Default Settings
    {94D398EB-D2FD-4FD1-B8C4-592635E8A191} -> Adobe CMaps CS4
    {95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
    {95120000-0122-0409-0000-0000000FF1CE} -> Microsoft Office Outlook Connector
    {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    {9ADABDDE-9644-461B-9E73-83FA3EFCAB50} -> HP Wireless Assistant
    {9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B} -> HP Active Support Library
    {A5D4E41C-2583-46FE-9B99-62496F85C5F3} -> RPS CRT
    {A67BB21E-D419-45BB-AB86-7D87D14BBCE2} -> Safari
    {A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger
    {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} -> ABBYY FineReader 6.0 Sprint
    {AE3CF174-872C-46C6-B9F6-C0593F3BC7B8} -> Microsoft Office Live Add-in 1.4
    {AF111648-99A1-453E-81DD-80DBBF6DAD0D} -> MSVC90_x86
    {b1adf008-e898-4fe2-8a1f-690d9a06acaf} -> DolbyFiles
    {B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0
    {B29AD377-CC12-490A-A480-1452337C618D} -> Connect
    {b2ec4a38-b545-4a00-8214-13fe0e915e6d} -> Advertising Center
    {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} -> Adobe Photoshop CS4
    {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} -> Roxio Creator Copy
    {B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player
    {B83FC356-B7C0-441F-8A4D-D71E088E7974} -> NVIDIA PhysX
    {B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0} -> Nokia Connectivity Cable Driver
    {BA63348B-143D-4CAC-A355-3879402ED781} -> Nokia Ovi Suite Software Updater
    {BB4E33EC-8181-4685-96F7-8554293DEC6A} -> Adobe Output Module
    {BC1DC565-8B34-4B29-9DB2-BF281C2FB56E} -> ESU for Microsoft Vista SP1
    {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} -> Nero ControlCenter
    {C52E3EC1-048C-45E1-8D53-10B0C6509683} -> Adobe Default Language CS4
    {CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> CyberLink PowerDirector
    {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
    {CC75AB5C-2110-4A7F-AF52-708680D22FE8} -> Photoshop Camera Raw
    {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
    {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF} -> HP Active Support Library
    {CF097717-F174-4144-954A-FBC4BF301033} -> Nero 7 Ultra Edition
    {D0B2AA8F-CC52-4298-A48E-A9BA169546B6} -> Cabela's Outdoor Adventures
    {D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} -> Windows Live Photo Gallery
    {E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
    {E4848436-0345-47E2-B648-8B522FCDA623} -> Adobe Photoshop CS4
    {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant
    {e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer
    {ED00D08A-3C5F-488D-93A0-A04F21F23956} -> Windows Live Communications Platform
    {ED439A64-F018-4DD4-8BA5-328D85AB09AB} -> Roxio Creator Business v10
    {EFA800BF-C5C8-46D1-B49D-13920D05417C} -> ESET NOD32 Antivirus
    {F0A37341-D692-11D4-A984-009027EC0A9C} -> SoundMAX
    {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
    {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
    {F0E64E2E-3A60-40D8-A55D-92F6831875DA} -> Adobe Search for Help
    {F173C2B3-296F-458C-98FF-1676A42EBA02} -> HP Wallpaper
    {F18DB86D-BC16-4E01-BCCE-63F62B931D82} -> InterVideo Register Manager
    {F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
    {F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call
    {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} -> Adobe ExtendScript Toolkit CS4
    {F93C84A6-0DC6-42AF-89FA-776F7C377353} -> Adobe PDF Library Files CS4
    {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} -> Adobe Fonts All
    504244733D18C8F63FF584AEB290E3904E791693 -> Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
    781745E87AFF80C0C1388CFF79D19ECAB2E9BB47 -> Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)
    7-Zip -> 7-Zip 9.10 beta
    Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
    Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
    Adobe_faf656ef605427ee2f42989c3ad31b8 -> Adobe Photoshop CS4
    Akamai -> Akamai NetSession Interface
    avast! -> avast! Antivirus
    bjballroom -> Blackjack Ballroom Casino
    Broadcom 802.11b Network Adapter -> Broadcom 802.11 Wireless LAN Adapter
    Browser Defender_is1 -> Browser Defender 2.0.6.15
    CAESARS Casino Online -> CAESARS Casino Online
    Cheat Engine 5.5_is1 -> Cheat Engine 5.5
    com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player
    com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com
    Fruit_Machine_Emulators -> Fruit Machine Emulators
    HDMI -> Intel(R) Graphics Media Accelerator Driver
    HxD Hex Editor_is1 -> HxD Hex Editor version 1.7.7.0
    InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} -> SmartSound Quicktracks Plugin
    InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> CyberLink PowerDirector
    InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
    Lexmark 3500-4500 Series -> Lexmark 3500-4500 Series
    Lexmark Fax Solutions -> Lexmark Fax Solutions
    LimeWire -> LimeWire PRO 5.2.13
    Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1  (1033) -> Microsoft .NET Framework 1.1
    Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
    Mozilla Firefox (3.6.3) -> Mozilla Firefox (3.6.3)
    MpcStar -> MpcStar 3.9
    My Screen Recorder Pro_is1 -> My Screen Recorder Pro 2.60
    Nokia Ovi Suite -> Nokia Ovi Suite
    PDF Complete -> PDF Complete
    PROHYBRIDR -> 2007 Microsoft Office system
    PROSet -> Intel(R) PRO Network Connections Drivers
    RegCure -> RegCure 1.5.0.0
    Registry Mechanic_is1 -> Registry Mechanic 9.0
    SAMSUNG Mobile Composite Device -> SAMSUNG Mobile Composite Device Software
    SAMSUNG Mobile Modem -> SAMSUNG Mobile Modem Driver Set
    Samsung Mobile Modem Device -> Samsung Mobile Modem Device Software
    Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software
    SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software
    SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG USB Mobile Device -> SAMSUNG USB Mobile Device Software
    SopCast -> SopCast 3.2.4
    Spyware Doctor -> Spyware Doctor 7.0
    ST6UNST #1 -> SimulationExams
    ST6UNST #2 -> SimulationExams (C:\Program Files\SimulationExams\aplus\)
    SynTPDeinstKey -> Synaptics Pointing Device Driver
    SystemRequirementsLab -> System Requirements Lab
    uTorrent -> ĀµTorrent
    VLC media player -> VLC media player 1.0.3
    William Hill Poker -> William Hill Poker
    Winamp -> Winamp
    WinLiveSuite_Wave3 -> Windows Live Essentials
    WinRAR archiver -> WinRAR archiver
    WMV9_VCM -> Microsoft Windows Media Video 9 VCM
    Xvid_is1 -> Xvid 1.2.2 final uninstall
    < Uninstall List [HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\] > -> HKEY_USERS\S-1-5-21-1966008521-2821058990-3117971074-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
    Google Chrome -> Google Chrome
    Winamp Detect -> Winamp Detector Plug-in
    < EventViewer Logs - Last 10 Errors > -> Event Information -> Description
    Antivirus [ Error ] 31/03/2010 21:48:30 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.  
    Antivirus [ Error ] 31/03/2010 21:48:46 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = aswChestInterface - Program error description: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().  
    Antivirus [ Error ] 31/03/2010 21:52:52 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Error in aswChestC: chestOpenList Error 1753.  
    Antivirus [ Error ] 31/03/2010 21:52:52 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.  
    Antivirus [ Error ] 31/03/2010 21:52:55 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = aswChestInterface - Program error description: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().  
    Antivirus [ Error ] 31/03/2010 21:53:06 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function A0000111.  
    Antivirus [ Error ] 31/03/2010 21:53:50 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function A0000111.  
    Antivirus [ Error ] 04/04/2010 11:30:50 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function A0000111.  
    Antivirus [ Error ] 04/04/2010 11:41:12 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function A0000111.  
    Antivirus [ Error ] 05/04/2010 11:37:43 Computer Name = Pimp | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function A0000111.  
    Application [ Error ] 22/12/2009 13:45:38 Computer Name = Pimp | Source = Nokia Ovi Suite | ID = 100 -> Description = Timestamp: 22/12/2009 17:45:38  Message: HandlingInstanceID: fd1dae08-a9dd-4c44-89a6-cd2889dd4b99  An exception of type 'System.Net.WebException' occurred and was caught.  -----------------------------------------------------------------------  12/22/2009 17:45:38  Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089  Message : The remote server returned an error: (404) Not Found.  Source : System  Help link :   Status : ProtocolError  Response : System.Net.HttpWebResponse  Data : System.Collections.ListDictionaryInternal  TargetSite : System.Net.WebResponse EndGetResponse(System.IAsyncResult)  Stack Trace :    at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)     at System.Net.WebClient.GetWebResponse(WebRequest request, IAsyncResult result)     at System.Net.WebClient.DownloadBitsResponseCallback(IAsyncResult result)    Additional Info:    MachineName : PIMP TimeStamp : 22/12/2009 17:45:38 FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a AppDomainName : NokiaPhotos2.exe ThreadIdentity : Pimp\Ben WindowsIdentity : Pimp\Ben   Category: Error  Priority: 0  EventId: 100  Severity: Error  Title:Nokia Ovi Suite  Machine: PIMP  App Domain: NokiaPhotos2.exe  ProcessId: 938820  Process Name: C:\Program Files\Nokia\Nokia Photos\NokiaPhotos2.exe  Thread Name:   Win32 ThreadId:841848  Extended Properties: URL - http://www.nokia.com/files/support/nseries/phones/software/nokia_photos_update.xml  
    Application [ Error ] 23/12/2009 15:28:07 Computer Name = Pimp | Source = Application Error | ID = 1000 -> Description = Faulting application WINWORD.EXE, version 12.0.6514.5000, time stamp 0x4a89d533, faulting module ole32.dll, version 6.0.6002.18005, time stamp 0x49e037d7, exception code 0xc0000005, fault offset 0x000472d7,  process id 0xe4a90, application start time 0x01ca840605cb9a20.
    Application [ Error ] 25/12/2009 03:59:48 Computer Name = Pimp | Source = Application Error | ID = 1000 -> Description = Faulting application WINWORD.EXE, version 12.0.6514.5000, time stamp 0x4a89d533, faulting module ole32.dll, version 6.0.6002.18005, time stamp 0x49e037d7, exception code 0xc0000005, fault offset 0x000472d7,  process id 0xe50c8, application start time 0x01ca8538317626d0.
    Application [ Error ] 25/12/2009 07:13:09 Computer Name = Pimp | Source = Application Error | ID = 1000 -> Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x02bbacd3,  process id 0x150, application start time 0x01ca8551dd87688e.
    Media Center [ Error ] 26/08/2009 07:07:29 Computer Name = Pimp | Source = Mcx2Svc | ID = 301 -> Description = 
    Media Center [ Error ] 26/08/2009 07:07:44 Computer Name = Pimp | Source = Mcx2Prov | ID = 505 -> Description = 
    Media Center [ Error ] 26/08/2009 07:07:45 Computer Name = Pimp | Source = Mcx2Dvcs | ID = 405 -> Description = 
    Media Center [ Error ] 26/08/2009 07:11:51 Computer Name = Pimp | Source = Mcx2Prov | ID = 505 -> Description = 
    Media Center [ Error ] 26/08/2009 07:11:51 Computer Name = Pimp | Source = Mcx2Dvcs | ID = 405 -> Description = 
    Media Center [ Error ] 27/09/2009 17:48:24 Computer Name = Pimp | Source = Media Center Guide | ID = 0 -> Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105  Process: DefaultDomain Object Name: Media Center Guide 
    Media Center [ Error ] 19/10/2009 06:56:50 Computer Name = Pimp | Source = Media Center Guide | ID = 0 -> Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105  Process: DefaultDomain Object Name: Media Center Guide 
    Media Center [ Error ] 19/10/2009 07:00:06 Computer Name = Pimp | Source = McrMgr | ID = 100 -> Description = 
    Media Center [ Error ] 01/01/2010 15:13:49 Computer Name = Pimp | Source = Media Center Guide | ID = 0 -> Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105  Process: DefaultDomain Object Name: Media Center Guide 
    Media Center [ Error ] 25/01/2010 16:02:48 Computer Name = Pimp | Source = Media Center Guide | ID = 0 -> Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105  Process: DefaultDomain Object Name: Media Center Guide 
    System [ Error ] 06/04/2010 08:08:53 Computer Name = Pimp | Source = Service Control Manager | ID = 7024 -> Description = 
    System [ Error ] 06/04/2010 08:08:53 Computer Name = Pimp | Source = Service Control Manager | ID = 7034 -> Description = 
    System [ Error ] 06/04/2010 08:32:33 Computer Name = Pimp | Source = Service Control Manager | ID = 7024 -> Description = 
    System [ Error ] 06/04/2010 08:32:33 Computer Name = Pimp | Source = Service Control Manager | ID = 7034 -> Description = 
    System [ Error ] 06/04/2010 08:34:42 Computer Name = Pimp | Source = Service Control Manager | ID = 7024 -> Description = 
    System [ Error ] 06/04/2010 08:34:42 Computer Name = Pimp | Source = Service Control Manager | ID = 7034 -> Description = 
    System [ Error ] 06/04/2010 08:39:54 Computer Name = Pimp | Source = Service Control Manager | ID = 7024 -> Description = 
    System [ Error ] 06/04/2010 08:39:54 Computer Name = Pimp | Source = Service Control Manager | ID = 7034 -> Description = 
    System [ Error ] 06/04/2010 08:43:06 Computer Name = Pimp | Source = Service Control Manager | ID = 7024 -> Description = 
    System [ Error ] 06/04/2010 08:43:06 Computer Name = Pimp | Source = Service Control Manager | ID = 7034 -> Description = 
     
    [Files/Folders - Created Within 30 Days]
     TrendMicro -> C:\Program Files\TrendMicro -> [2010/04/06 13:32:14 | 000,000,000 | ---D | C]
     PCTBDCore.dll -> C:\windows\PCTBDCore.dll -> [2010/04/06 13:12:31 | 001,652,688 | ---- | C] (Threat Expert Ltd.)
     PCTBDRes.dll -> C:\windows\PCTBDRes.dll -> [2010/04/06 13:12:31 | 000,165,840 | ---- | C] (Threat Expert Ltd.)
     SGDetectionTool.dll -> C:\windows\SGDetectionTool.dll -> [2010/04/06 13:12:31 | 000,149,456 | ---- | C] (PC Tools)
     pctgntdi.sys -> C:\windows\System32\drivers\pctgntdi.sys -> [2010/04/06 13:12:15 | 000,233,136 | ---- | C] (PC Tools)
     pctwfpfilter.sys -> C:\windows\System32\drivers\pctwfpfilter.sys -> [2010/04/06 13:12:15 | 000,100,136 | ---- | C] (PC Tools)
     PCTCore.sys -> C:\windows\System32\drivers\PCTCore.sys -> [2010/04/06 13:12:13 | 000,217,032 | ---- | C] (PC Tools)
     PCTAppEvent.sys -> C:\windows\System32\drivers\PCTAppEvent.sys -> [2010/04/06 13:12:13 | 000,088,040 | ---- | C] (PC Tools)
     pctplsg.sys -> C:\windows\System32\drivers\pctplsg.sys -> [2010/04/06 13:12:09 | 000,070,408 | ---- | C] (PC Tools)
     Spyware Doctor -> C:\Program Files\Spyware Doctor -> [2010/04/06 13:12:03 | 000,000,000 | ---D | C]
     PC Tools -> C:\Users\Ben\AppData\Roaming\PC Tools -> [2010/04/06 13:12:03 | 000,000,000 | ---D | C]
     PC Tools -> C:\ProgramData\PC Tools -> [2010/04/06 13:12:03 | 000,000,000 | ---D | C]
     Apple Computer -> C:\Users\Ben\AppData\Roaming\Apple Computer -> [2010/04/06 12:57:41 | 000,000,000 | ---D | C]
     ComboFix -> C:\ComboFix -> [2010/04/06 12:06:05 | 000,000,000 | --SD | C]
     SWXCACLS.exe -> C:\windows\SWXCACLS.exe -> [2010/04/06 12:05:26 | 000,212,480 | ---- | C] (SteelWerX)
     SWREG.exe -> C:\windows\SWREG.exe -> [2010/04/05 20:30:39 | 000,161,792 | ---- | C] (SteelWerX)
     NIRCMD.exe -> C:\windows\NIRCMD.exe -> [2010/04/05 20:30:39 | 000,031,232 | ---- | C] (NirSoft)
     SWSC.exe -> C:\windows\SWSC.exe -> [2010/04/05 20:30:38 | 000,136,704 | ---- | C] (SteelWerX)
     ERDNT -> C:\windows\ERDNT -> [2010/04/05 20:30:16 | 000,000,000 | ---D | C]
     Qoobox -> C:\Qoobox -> [2010/04/05 20:28:24 | 000,000,000 | ---D | C]
     PrevxCSI -> C:\ProgramData\PrevxCSI -> [2010/04/05 20:27:22 | 000,000,000 | ---D | C]
     OTS.exe -> C:\Users\Ben\Desktop\OTS.exe -> [2010/04/05 20:21:57 | 000,638,976 | ---- | C] (OldTimer Tools)
     Safari -> C:\Program Files\Safari -> [2010/04/02 12:30:29 | 000,000,000 | ---D | C]
     aswTdi.sys -> C:\windows\System32\drivers\aswTdi.sys -> [2010/03/31 01:18:46 | 000,048,560 | ---- | C] (ALWIL Software)
     aswRdr.sys -> C:\windows\System32\drivers\aswRdr.sys -> [2010/03/31 01:18:46 | 000,023,120 | ---- | C] (ALWIL Software)
     aswSP.sys -> C:\windows\System32\drivers\aswSP.sys -> [2010/03/31 01:18:45 | 000,114,768 | ---- | C] (ALWIL Software)
     AvastSS.scr -> C:\windows\System32\AvastSS.scr -> [2010/03/31 01:18:45 | 000,097,480 | ---- | C] (ALWIL Software)
     aswFsBlk.sys -> C:\windows\System32\drivers\aswFsBlk.sys -> [2010/03/31 01:18:45 | 000,020,560 | ---- | C] (ALWIL Software)
     aswBoot.exe -> C:\windows\System32\aswBoot.exe -> [2010/03/31 01:18:31 | 001,280,480 | ---- | C] (ALWIL Software)
     aswMonFlt.sys -> C:\windows\System32\drivers\aswMonFlt.sys -> [2010/03/31 01:18:31 | 000,053,328 | ---- | C] (ALWIL Software)
     Alwil Software -> C:\Program Files\Alwil Software -> [2010/03/31 01:18:29 | 000,000,000 | ---D | C]
     Downloads -> C:\Users\Ben\Documents\Downloads -> [2010/03/30 17:49:40 | 000,000,000 | ---D | C]
     Google -> C:\Users\Ben\AppData\Local\Google -> [2010/03/30 17:45:20 | 000,000,000 | ---D | C]
     RootkitNO -> C:\RootkitNO -> [2010/03/30 01:57:46 | 000,000,000 | ---D | C]
     RegRun2 -> C:\Users\Ben\Documents\RegRun2 -> [2010/03/30 01:44:53 | 000,000,000 | ---D | C]
     UnHackMe -> C:\Program Files\UnHackMe -> [2010/03/30 01:44:48 | 000,000,000 | ---D | C]
     csrss -> C:\Users\Ben\AppData\Roaming\csrss -> [2010/03/25 14:04:13 | 000,000,000 | ---D | C]
     QuickTimeVR.qtx -> C:\windows\System32\QuickTimeVR.qtx -> [2010/03/17 21:53:42 | 000,094,208 | ---- | C] (Apple Inc.)
     QuickTime.qts -> C:\windows\System32\QuickTime.qts -> [2010/03/17 21:53:42 | 000,069,632 | ---- | C] (Apple Inc.)
     CAESARS Casino Online -> C:\Users\Ben\AppData\Roaming\CAESARS Casino Online -> [2010/03/17 18:33:42 | 000,000,000 | ---D | C]
     CAESARS Casino Online -> C:\Program Files\CAESARS Casino Online -> [2010/03/17 18:33:35 | 000,000,000 | ---D | C]
     lx_cats -> C:\ProgramData\lx_cats -> [2010/03/15 12:07:59 | 000,000,000 | ---D | C]
     logs -> C:\logs -> [2010/03/15 12:06:15 | 000,000,000 | ---D | C]
     gdiplus.dll -> C:\windows\System32\gdiplus.dll -> [2010/03/15 12:03:52 | 001,645,320 | ---- | C] (Microsoft Corporation)
     lxdiserv.dll -> C:\windows\System32\lxdiserv.dll -> [2010/03/15 12:03:32 | 001,187,840 | ---- | C] ( )
     lxdiusb1.dll -> C:\windows\System32\lxdiusb1.dll -> [2010/03/15 12:03:32 | 000,942,080 | ---- | C] ( )
     lxdipmui.dll -> C:\windows\System32\lxdipmui.dll -> [2010/03/15 12:03:32 | 000,614,400 | ---- | C] ( )
     lxdilmpm.dll -> C:\windows\System32\lxdilmpm.dll -> [2010/03/15 12:03:32 | 000,532,480 | ---- | C] ( )
     lxdiutil.dll -> C:\windows\System32\lxdiutil.dll -> [2010/03/15 12:03:32 | 000,503,808 | ---- | C] (Lexmark International, Inc.)
     lxdiinpa.dll -> C:\windows\System32\lxdiinpa.dll -> [2010/03/15 12:03:32 | 000,356,352 | ---- | C] ( )
     lxdiiesc.dll -> C:\windows\System32\lxdiiesc.dll -> [2010/03/15 12:03:32 | 000,339,968 | ---- | C] ( )
     lxdihcp.dll -> C:\windows\System32\lxdihcp.dll -> [2010/03/15 12:03:32 | 000,311,296 | ---- | C] ( )
     lxdiinsb.dll -> C:\windows\System32\lxdiinsb.dll -> [2010/03/15 12:03:32 | 000,208,896 | ---- | C] (Lexmark International, Inc.)
     lxdiins.dll -> C:\windows\System32\lxdiins.dll -> [2010/03/15 12:03:32 | 000,176,128 | ---- | C] (Lexmark International, Inc.)
     lxdijswr.dll -> C:\windows\System32\lxdijswr.dll -> [2010/03/15 12:03:32 | 000,143,360 | ---- | C] (Lexmark International, Inc.)
     lxdiinsr.dll -> C:\windows\System32\lxdiinsr.dll -> [2010/03/15 12:03:32 | 000,106,496 | ---- | C] (Lexmark International, Inc.)
     lxdiprox.dll -> C:\windows\System32\lxdiprox.dll -> [2010/03/15 12:03:32 | 000,053,248 | ---- | C] ( )
     lxdipplc.dll -> C:\windows\System32\lxdipplc.dll -> [2010/03/15 12:03:32 | 000,053,248 | ---- | C] ( )
     lxdigf.dll -> C:\windows\System32\lxdigf.dll -> [2010/03/15 12:03:31 | 000,983,121 | ---- | C] (Microsoft Corporation)
     lxdicomc.dll -> C:\windows\System32\lxdicomc.dll -> [2010/03/15 12:03:31 | 000,765,952 | ---- | C] ( )
     lxdihbn3.dll -> C:\windows\System32\lxdihbn3.dll -> [2010/03/15 12:03:31 | 000,671,744 | ---- | C] ( )
     lxdicoms.exe -> C:\windows\System32\lxdicoms.exe -> [2010/03/15 12:03:31 | 000,517,040 | ---- | C] ( )
     lxdicomm.dll -> C:\windows\System32\lxdicomm.dll -> [2010/03/15 12:03:31 | 000,360,448 | ---- | C] ( )
     lxdicfg.exe -> C:\windows\System32\lxdicfg.exe -> [2010/03/15 12:03:31 | 000,340,912 | ---- | C] ( )
     lxdiih.exe -> C:\windows\System32\lxdiih.exe -> [2010/03/15 12:03:31 | 000,320,432 | ---- | C] ( )
     lxdicub.dll -> C:\windows\System32\lxdicub.dll -> [2010/03/15 12:03:31 | 000,090,112 | ---- | C] (Lexmark International, Inc.)
     lxdicfg.dll -> C:\windows\System32\lxdicfg.dll -> [2010/03/15 12:03:31 | 000,077,906 | ---- | C] (Lexmark International)
     lxdicu.dll -> C:\windows\System32\lxdicu.dll -> [2010/03/15 12:03:31 | 000,077,824 | ---- | C] (Lexmark International, Inc.)
     lxdicur.dll -> C:\windows\System32\lxdicur.dll -> [2010/03/15 12:03:31 | 000,036,864 | ---- | C] (Lexmark International, Inc.)
     Lexmark 3500-4500 Series -> C:\Program Files\Lexmark 3500-4500 Series -> [2010/03/15 12:03:26 | 000,000,000 | ---D | C]
     lexmark -> C:\lexmark -> [2010/03/15 12:02:33 | 000,000,000 | ---D | C]
     RegCure -> C:\ProgramData\RegCure -> [2010/03/12 12:30:49 | 000,000,000 | ---D | C]
     RegCure -> C:\Program Files\RegCure -> [2010/03/12 12:30:48 | 000,000,000 | ---D | C]
     My Recordings -> C:\Users\Ben\Documents\My Recordings -> [2010/03/08 19:54:24 | 000,000,000 | ---D | C]
     MSRP Log -> C:\Users\Ben\Documents\MSRP Log -> [2010/03/08 19:54:21 | 000,000,000 | ---D | C]
     DeskShare Shared -> C:\Program Files\Common Files\DeskShare Shared -> [2010/03/08 19:51:01 | 000,000,000 | ---D | C]
     Deskshare -> C:\Program Files\Deskshare -> [2010/03/08 19:50:54 | 000,000,000 | ---D | C]
     2 C:\windows\*.tmp files -> C:\windows\*.tmp -> 
     
    [Files/Folders - Modified Within 30 Days]
     User_Feed_Synchronization-{51F308DA-0676-408F-AFFF-3509AE0EC5E7}.job -> C:\windows\tasks\User_Feed_Synchronization-{51F308DA-0676-408F-AFFF-3509AE0EC5E7}.job -> [2010/04/06 14:30:59 | 000,000,414 | -H-- | M] ()
     ntuser.dat -> C:\Users\Ben\ntuser.dat -> [2010/04/06 14:24:48 | 007,340,032 | ---- | M] ()
     GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004UA.job -> C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004UA.job -> [2010/04/06 13:50:00 | 000,000,898 | ---- | M] ()
     HiJackThis.lnk -> C:\Users\Ben\Desktop\HiJackThis.lnk -> [2010/04/06 13:42:56 | 000,002,513 | ---- | M] ()
     HijackThis.msi -> C:\Users\Ben\Desktop\HijackThis.msi -> [2010/04/06 13:31:53 | 001,401,344 | ---- | M] ()
     Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/04/06 13:12:12 | 000,001,759 | ---- | M] ()
     RegCure Startup.job -> C:\windows\tasks\RegCure Startup.job -> [2010/04/06 13:11:54 | 000,000,360 | ---- | M] ()
     PerfStringBackup.INI -> C:\windows\System32\PerfStringBackup.INI -> [2010/04/06 12:54:10 | 000,775,386 | ---- | M] ()
     perfh009.dat -> C:\windows\System32\perfh009.dat -> [2010/04/06 12:54:10 | 000,658,338 | ---- | M] ()
     perfc009.dat -> C:\windows\System32\perfc009.dat -> [2010/04/06 12:54:10 | 000,129,372 | ---- | M] ()
     tdlcmd.dll -> C:\windows\System32\tdlcmd.dll -> [2010/04/06 12:52:49 | 000,020,992 | ---- | M] ()
     7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/04/06 12:47:42 | 000,002,608 | -H-- | M] ()
     7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/04/06 12:47:41 | 000,002,608 | -H-- | M] ()
     SA.DAT -> C:\windows\tasks\SA.DAT -> [2010/04/06 12:47:40 | 000,000,006 | -H-- | M] ()
     bootstat.dat -> C:\windows\bootstat.dat -> [2010/04/06 12:47:34 | 000,067,584 | --S- | M] ()
     ComboFix.exe -> C:\Users\Ben\Desktop\ComboFix.exe -> [2010/04/06 12:05:15 | 003,908,251 | R--- | M] ()
     bthservsdp.dat -> C:\windows\bthservsdp.dat -> [2010/04/06 12:00:39 | 000,008,524 | ---- | M] ()
     ntuser.dat{9fa636b2-1c82-11df-a129-00247e3f7e77}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Ben\ntuser.dat{9fa636b2-1c82-11df-a129-00247e3f7e77}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/06 12:00:38 | 000,524,288 | -HS- | M] ()
     ntuser.dat{9fa636b2-1c82-11df-a129-00247e3f7e77}.TM.blf -> C:\Users\Ben\ntuser.dat{9fa636b2-1c82-11df-a129-00247e3f7e77}.TM.blf -> [2010/04/06 12:00:38 | 000,065,536 | -HS- | M] ()
     IconCache.db -> C:\Users\Ben\AppData\Local\IconCache.db -> [2010/04/06 12:00:33 | 002,099,148 | -H-- | M] ()
     s-1-5-21-1966008521-2821058990-3117971074-1004.rrr -> C:\Users\Ben\s-1-5-21-1966008521-2821058990-3117971074-1004.rrr -> [2010/04/06 11:44:05 | 006,983,680 | ---- | M] ()
     DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/04/06 01:40:07 | 000,012,800 | ---- | M] ()
     d3d9caps.dat -> C:\Users\Ben\AppData\Local\d3d9caps.dat -> [2010/04/05 21:13:07 | 000,001,356 | ---- | M] ()
     NeroDigital.ini -> C:\windows\NeroDigital.ini -> [2010/04/05 21:08:36 | 000,000,069 | ---- | M] ()
     OTS.exe -> C:\Users\Ben\Desktop\OTS.exe -> [2010/04/05 20:22:00 | 000,638,976 | ---- | M] (OldTimer Tools)
     GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004Core.job -> C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004Core.job -> [2010/04/05 17:50:13 | 000,000,846 | ---- | M] ()
     RegCure Program Check.job -> C:\windows\tasks\RegCure Program Check.job -> [2010/04/05 17:00:07 | 000,000,386 | ---- | M] ()
     HPCeeScheduleForAnyone Else.job -> C:\windows\tasks\HPCeeScheduleForAnyone Else.job -> [2010/04/04 16:51:42 | 000,000,346 | ---- | M] ()
     RegCure.job -> C:\windows\tasks\RegCure.job -> [2010/04/04 13:12:30 | 000,000,368 | ---- | M] ()
     HPCeeScheduleForBen.job -> C:\windows\tasks\HPCeeScheduleForBen.job -> [2010/04/03 12:40:43 | 000,000,314 | ---- | M] ()
     Produce_0.wmv -> C:\Users\Ben\Documents\Produce_0.wmv -> [2010/04/02 16:32:13 | 029,439,288 | ---- | M] ()
     Produce.avi -> C:\Users\Ben\Documents\Produce.avi -> [2010/04/02 16:03:36 | 1088,195,884 | ---- | M] ()
     Plan B - Pass Out (BBC Live Lounge 2010).mp3 -> C:\Users\Ben\Desktop\Plan B - Pass Out (BBC Live Lounge 2010).mp3 -> [2010/04/02 15:48:29 | 006,929,554 | ---- | M] ()
     QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/04/02 12:34:52 | 000,001,925 | ---- | M] ()
     Safari.lnk -> C:\Users\Public\Desktop\Safari.lnk -> [2010/04/02 12:30:37 | 000,001,854 | ---- | M] ()
     South_Park_Avatar.jpg -> C:\Users\Ben\Desktop\South_Park_Avatar.jpg -> [2010/04/01 00:34:21 | 000,001,883 | ---- | M] ()
     Google Chrome.lnk -> C:\Users\Ben\Desktop\Google Chrome.lnk -> [2010/03/31 19:53:33 | 000,002,066 | ---- | M] ()
     config.nt -> C:\windows\System32\config.nt -> [2010/03/31 15:02:08 | 000,002,577 | ---- | M] ()
     avast! Antivirus.lnk -> C:\Users\Public\Desktop\avast! Antivirus.lnk -> [2010/03/31 01:18:46 | 000,001,849 | ---- | M] ()
     BRPP2KA.INI -> C:\windows\BRPP2KA.INI -> [2010/03/30 18:23:02 | 000,000,027 | ---- | M] ()
     BRWMARK.INI -> C:\windows\BRWMARK.INI -> [2010/03/30 18:23:01 | 000,000,425 | ---- | M] ()
     autoexec.nt -> C:\windows\System32\autoexec.nt -> [2010/03/30 01:45:16 | 000,001,688 | ---- | M] ()
     winstart.bat -> C:\windows\winstart.bat -> [2010/03/30 01:45:16 | 000,000,002 | RHS- | M] ()
     hosts -> C:\windows\System32\drivers\etc\hosts -> [2010/03/29 22:57:14 | 000,380,176 | R--- | M] ()
     hosts.20100329-225714.backup -> C:\windows\System32\drivers\etc\hosts.20100329-225714.backup -> [2010/03/29 22:55:24 | 000,380,176 | R--- | M] ()
     Roaming - Shortcut.lnk -> C:\Users\Ben\Desktop\Roaming - Shortcut.lnk -> [2010/03/24 12:55:27 | 000,000,750 | ---- | M] ()
     Nokia Ovi Player.lnk -> C:\Users\Public\Desktop\Nokia Ovi Player.lnk -> [2010/03/19 11:44:34 | 000,001,880 | ---- | M] ()
     QuickTimeVR.qtx -> C:\windows\System32\QuickTimeVR.qtx -> [2010/03/17 21:53:42 | 000,094,208 | ---- | M] (Apple Inc.)
     QuickTime.qts -> C:\windows\System32\QuickTime.qts -> [2010/03/17 21:53:42 | 000,069,632 | ---- | M] (Apple Inc.)
     Ben - Shortcut.lnk -> C:\Users\Ben\Desktop\Ben - Shortcut.lnk -> [2010/03/17 00:14:16 | 000,000,546 | ---- | M] ()
     LexFiles.ulf -> C:\windows\System32\LexFiles.ulf -> [2010/03/15 12:06:18 | 000,077,092 | ---- | M] ()
     Lexmark Imaging Studio - 3500-4500 Series.LNK -> C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK -> [2010/03/15 12:04:10 | 000,000,897 | ---- | M] ()
     PEV.exe -> C:\windows\PEV.exe -> [2010/03/12 18:02:38 | 000,261,632 | ---- | M] ()
     RegCure.lnk -> C:\Users\Public\Desktop\RegCure.lnk -> [2010/03/12 12:57:00 | 000,000,738 | ---- | M] ()
     hosts.20100329-225524.backup -> C:\windows\System32\drivers\etc\hosts.20100329-225524.backup -> [2010/03/11 19:56:43 | 000,380,176 | R--- | M] ()
     hosts.20100311-185643.backup -> C:\windows\System32\drivers\etc\hosts.20100311-185643.backup -> [2010/03/11 19:51:10 | 000,380,176 | R--- | M] ()
     hosts.20100311-185110.backup -> C:\windows\System32\drivers\etc\hosts.20100311-185110.backup -> [2010/03/11 19:50:33 | 000,380,176 | R--- | M] ()
     PCTCore.sys -> C:\windows\System32\drivers\PCTCore.sys -> [2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools)
     My Screen Recorder Pro 2.6.lnk -> C:\Users\Ben\Desktop\My Screen Recorder Pro 2.6.lnk -> [2010/03/08 19:51:01 | 000,001,006 | ---- | M] ()
     21 C:\Users\Ben\AppData\Local\Temp\*.tmp files -> C:\Users\Ben\AppData\Local\Temp\*.tmp -> 
     2 C:\windows\*.tmp files -> C:\windows\*.tmp -> 
     
    [Files - No Company Name]
     HiJackThis.lnk -> C:\Users\Ben\Desktop\HiJackThis.lnk -> [2010/04/06 13:32:14 | 000,002,513 | ---- | C] ()
     HijackThis.msi -> C:\Users\Ben\Desktop\HijackThis.msi -> [2010/04/06 13:31:51 | 001,401,344 | ---- | C] ()
     BDTSupport.dll -> C:\windows\BDTSupport.dll -> [2010/04/06 13:12:32 | 000,767,952 | ---- | C] ()
     UDB.zip -> C:\windows\UDB.zip -> [2010/04/06 13:12:31 | 001,152,444 | ---- | C] ()
     RegSDImport.xml -> C:\windows\RegSDImport.xml -> [2010/04/06 13:12:31 | 000,000,882 | ---- | C] ()
     RegISSImport.xml -> C:\windows\RegISSImport.xml -> [2010/04/06 13:12:31 | 000,000,879 | ---- | C] ()
     IDB.zip -> C:\windows\IDB.zip -> [2010/04/06 13:12:31 | 000,000,131 | ---- | C] ()
     pctgntdi.cat -> C:\windows\System32\drivers\pctgntdi.cat -> [2010/04/06 13:12:15 | 000,007,387 | ---- | C] ()
     PCTAppEvent.cat -> C:\windows\System32\drivers\PCTAppEvent.cat -> [2010/04/06 13:12:13 | 000,007,412 | ---- | C] ()
     pctcore.cat -> C:\windows\System32\drivers\pctcore.cat -> [2010/04/06 13:12:13 | 000,007,383 | ---- | C] ()
     Spyware Doctor.lnk -> C:\Users\Public\Desktop\Spyware Doctor.lnk -> [2010/04/06 13:12:12 | 000,001,759 | ---- | C] ()
     pctplsg.cat -> C:\windows\System32\drivers\pctplsg.cat -> [2010/04/06 13:12:09 | 000,007,383 | ---- | C] ()
     tdlcmd.dll -> C:\windows\System32\tdlcmd.dll -> [2010/04/06 12:52:49 | 000,020,992 | ---- | C] ()
     IconCache.db -> C:\Users\Ben\AppData\Local\IconCache.db -> [2010/04/06 11:44:50 | 002,099,148 | -H-- | C] ()
     s-1-5-21-1966008521-2821058990-3117971074-1004.rrr -> C:\Users\Ben\s-1-5-21-1966008521-2821058990-3117971074-1004.rrr -> [2010/04/06 11:44:01 | 006,983,680 | ---- | C] ()
     ComboFix.exe -> C:\Users\Ben\Desktop\ComboFix.exe -> [2010/04/06 11:07:57 | 003,908,251 | R--- | C] ()
     PEV.exe -> C:\windows\PEV.exe -> [2010/04/05 20:30:39 | 000,261,632 | ---- | C] ()
     MBR.exe -> C:\windows\MBR.exe -> [2010/04/05 20:30:39 | 000,077,312 | ---- | C] ()
     sed.exe -> C:\windows\sed.exe -> [2010/04/05 20:30:38 | 000,098,816 | ---- | C] ()
     grep.exe -> C:\windows\grep.exe -> [2010/04/05 20:30:38 | 000,080,412 | ---- | C] ()
     zip.exe -> C:\windows\zip.exe -> [2010/04/05 20:30:38 | 000,068,096 | ---- | C] ()
     Produce_0.wmv -> C:\Users\Ben\Documents\Produce_0.wmv -> [2010/04/02 16:11:57 | 029,439,288 | ---- | C] ()
     Produce.avi -> C:\Users\Ben\Documents\Produce.avi -> [2010/04/02 15:57:40 | 1088,195,884 | ---- | C] ()
     Plan B - Pass Out (BBC Live Lounge 2010).mp3 -> C:\Users\Ben\Desktop\Plan B - Pass Out (BBC Live Lounge 2010).mp3 -> [2010/04/02 15:39:35 | 006,929,554 | ---- | C] ()
     QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/04/02 12:34:52 | 000,001,925 | ---- | C] ()
     Safari.lnk -> C:\Users\Public\Desktop\Safari.lnk -> [2010/04/02 12:30:37 | 000,001,854 | ---- | C] ()
     South_Park_Avatar.jpg -> C:\Users\Ben\Desktop\South_Park_Avatar.jpg -> [2010/04/01 00:34:21 | 000,001,883 | ---- | C] ()
     avast! Antivirus.lnk -> C:\Users\Public\Desktop\avast! Antivirus.lnk -> [2010/03/31 01:18:46 | 000,001,849 | ---- | C] ()
     actskin4.ocx -> C:\windows\System32\actskin4.ocx -> [2010/03/31 01:18:31 | 000,380,928 | ---- | C] ()
     BRPP2KA.INI -> C:\windows\BRPP2KA.INI -> [2010/03/30 18:23:02 | 000,000,027 | ---- | C] ()
     BRWMARK.INI -> C:\windows\BRWMARK.INI -> [2010/03/30 18:23:01 | 000,000,425 | ---- | C] ()
     Google Chrome.lnk -> C:\Users\Ben\Desktop\Google Chrome.lnk -> [2010/03/30 17:48:43 | 000,002,066 | ---- | C] ()
     GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004UA.job -> C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004UA.job -> [2010/03/30 17:45:21 | 000,000,898 | ---- | C] ()
     GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004Core.job -> C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1966008521-2821058990-3117971074-1004Core.job -> [2010/03/30 17:45:21 | 000,000,846 | ---- | C] ()
     winstart.bat -> C:\windows\winstart.bat -> [2010/03/30 01:45:16 | 000,000,002 | RHS- | C] ()
     Roaming - Shortcut.lnk -> C:\Users\Ben\Desktop\Roaming - Shortcut.lnk -> [2010/03/24 12:55:27 | 000,000,750 | ---- | C] ()
     Nokia Ovi Player.lnk -> C:\Users\Public\Desktop\Nokia Ovi Player.lnk -> [2010/03/19 11:44:34 | 000,001,880 | ---- | C] ()
     Ben - Shortcut.lnk -> C:\Users\Ben\Desktop\Ben - Shortcut.lnk -> [2010/03/17 00:14:16 | 000,000,546 | ---- | C] ()
     Lexmark Imaging Studio - 3500-4500 Series.LNK -> C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK -> [2010/03/15 12:04:10 | 000,000,897 | ---- | C] ()
     lxdiinst.dll -> C:\windows\System32\lxdiinst.dll -> [2010/03/15 12:03:32 | 000,294,912 | ---- | C] ()
     lxdihelp.chm -> C:\windows\System32\lxdihelp.chm -> [2010/03/15 12:03:31 | 000,965,785 | ---- | C] ()
     lxdigrd.dll -> C:\windows\System32\lxdigrd.dll -> [2010/03/15 12:03:31 | 000,208,896 | ---- | C] ()
     lxdi.loc -> C:\windows\System32\lxdi.loc -> [2010/03/15 12:03:31 | 000,001,900 | ---- | C] ()
     RegCure Program Check.job -> C:\windows\tasks\RegCure Program Check.job -> [2010/03/12 12:30:59 | 000,000,386 | ---- | C] ()
     RegCure Startup.job -> C:\windows\tasks\RegCure Startup.job -> [2010/03/12 12:30:59 | 000,000,360 | ---- | C] ()
     RegCure.job -> C:\windows\tasks\RegCure.job -> [2010/03/12 12:30:58 | 000,000,368 | ---- | C] ()
     RegCure.lnk -> C:\Users\Public\Desktop\RegCure.lnk -> [2010/03/12 12:30:50 | 000,000,738 | ---- | C] ()
     My Screen Recorder Pro 2.6.lnk -> C:\Users\Ben\Desktop\My Screen Recorder Pro 2.6.lnk -> [2010/03/08 19:51:01 | 000,001,006 | ---- | C] ()
     MasterExam.ini -> C:\windows\MasterExam.ini -> [2010/01/04 12:37:02 | 000,001,793 | ---- | C] ()
     LK_ME_Cfg.ini -> C:\windows\LK_ME_Cfg.ini -> [2010/01/04 12:37:02 | 000,000,216 | ---- | C] ()
     jestertb.dll -> C:\windows\jestertb.dll -> [2010/01/04 10:55:38 | 000,021,504 | ---- | C] ()
     xvidcore.dll -> C:\windows\System32\xvidcore.dll -> [2009/12/30 23:26:51 | 000,819,200 | ---- | C] ()
     xvidvfw.dll -> C:\windows\System32\xvidvfw.dll -> [2009/12/30 23:26:51 | 000,180,224 | ---- | C] ()
     LXF3PMON.DLL -> C:\windows\System32\LXF3PMON.DLL -> [2009/11/30 11:30:09 | 000,045,056 | ---- | C] ()
     LXF3FXPU.DLL -> C:\windows\System32\LXF3FXPU.DLL -> [2009/11/30 11:30:09 | 000,032,768 | ---- | C] ()
     lxf3oem.dll -> C:\windows\System32\lxf3oem.dll -> [2009/11/30 11:29:48 | 000,036,864 | ---- | C] ()
     LXF3PMRC.DLL -> C:\windows\System32\LXF3PMRC.DLL -> [2009/11/30 11:29:48 | 000,012,288 | ---- | C] ()
     wininit.ini -> C:\windows\wininit.ini -> [2009/11/27 13:48:55 | 000,002,145 | ---- | C] ()
     unrar.dll -> C:\windows\System32\unrar.dll -> [2009/11/11 19:40:10 | 000,178,176 | ---- | C] ()
     FsUsbExDevice.Dll -> C:\windows\System32\FsUsbExDevice.Dll -> [2009/10/30 13:00:11 | 000,110,592 | ---- | C] ()
     FsUsbExDisk.Sys -> C:\windows\System32\FsUsbExDisk.Sys -> [2009/10/30 13:00:11 | 000,036,608 | ---- | C] ()
     NeroDigital.ini -> C:\windows\NeroDigital.ini -> [2009/09/27 21:22:11 | 000,000,069 | ---- | C] ()
     d3dx9.dll -> C:\windows\System32\d3dx9.dll -> [2009/09/27 14:17:31 | 001,970,176 | ---- | C] ()
     WinVd32.sys -> C:\windows\System32\WinVd32.sys -> [2009/09/21 10:31:04 | 000,180,224 | ---- | C] ()
     EhStorAuthn.dll -> C:\windows\System32\EhStorAuthn.dll -> [2009/09/08 11:50:47 | 000,117,248 | ---- | C] ()
     holdgemss.ini -> C:\windows\holdgemss.ini -> [2009/08/06 15:24:14 | 000,000,183 | ---- | C] ()
     OGACheckControl.dll -> C:\windows\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] ()
     IVIresizeW7.dll -> C:\windows\System32\IVIresizeW7.dll -> [2009/07/24 19:50:36 | 000,204,800 | ---- | C] ()
     IVIresizeA6.dll -> C:\windows\System32\IVIresizeA6.dll -> [2009/07/24 19:50:36 | 000,200,704 | ---- | C] ()
     IVIresizeP6.dll -> C:\windows\System32\IVIresizeP6.dll -> [2009/07/24 19:50:36 | 000,192,512 | ---- | C] ()
     IVIresizeM6.dll -> C:\windows\System32\IVIresizeM6.dll -> [2009/07/24 19:50:36 | 000,192,512 | ---- | C] ()
     IVIresizePX.dll -> C:\windows\System32\IVIresizePX.dll -> [2009/07/24 19:50:36 | 000,188,416 | ---- | C] ()
     IVIresize.dll -> C:\windows\System32\IVIresize.dll -> [2009/07/24 19:50:36 | 000,020,480 | ---- | C] ()
     HPMProp.INI -> C:\windows\HPMProp.INI -> [2008/11/22 08:59:17 | 000,000,000 | ---- | C] ()
     iaStor.sys -> C:\windows\System32\drivers\iaStor.sys -> [2008/11/22 08:26:26 | 000,312,344 | ---- | C] ()
     wceprv.dll -> C:\windows\System32\wceprv.dll -> [2008/10/10 15:57:26 | 000,003,584 | ---- | C] ()
     physxcudart_20.dll -> C:\windows\System32\physxcudart_20.dll -> [2008/10/07 09:13:30 | 000,197,912 | ---- | C] ()
     AgCPanelTraditionalChinese.dll -> C:\windows\System32\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 000,058,648 | ---- | C] ()
     AgCPanelSwedish.dll -> C:\windows\System32\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelSpanish.dll -> C:\windows\System32\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelSimplifiedChinese.dll -> C:\windows\System32\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelPortugese.dll -> C:\windows\System32\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelKorean.dll -> C:\windows\System32\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelJapanese.dll -> C:\windows\System32\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelGerman.dll -> C:\windows\System32\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     AgCPanelFrench.dll -> C:\windows\System32\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 000,058,648 | ---- | C] ()
     rpcnetp.dll -> C:\windows\System32\rpcnetp.dll -> [2008/04/17 11:29:49 | 000,017,408 | ---- | C] ()
     igfxCoIn_v1437.dll -> C:\windows\System32\igfxCoIn_v1437.dll -> [2008/02/11 13:55:18 | 000,147,456 | ---- | C] ()
     StarOpen.sys -> C:\windows\System32\drivers\StarOpen.sys -> [2007/10/25 18:26:10 | 000,005,632 | ---- | C] ()
     flcdlmsg.dll -> C:\windows\System32\flcdlmsg.dll -> [2007/06/08 18:05:38 | 000,274,432 | ---- | C] ()
     lxdicoin.dll -> C:\windows\System32\lxdicoin.dll -> [2007/03/30 11:13:24 | 000,344,064 | ---- | C] ()
     lxdidrs.dll -> C:\windows\System32\lxdidrs.dll -> [2007/03/23 16:44:46 | 000,692,224 | ---- | C] ()
     lxdicnv4.dll -> C:\windows\System32\lxdicnv4.dll -> [2007/02/09 15:07:06 | 000,069,632 | ---- | C] ()
     lxdicaps.dll -> C:\windows\System32\lxdicaps.dll -> [2007/01/23 20:40:16 | 000,065,536 | ---- | C] ()
     GlobalUserInterface.CompositeFont -> C:\windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 13:37:35 | 000,037,665 | ---- | C] ()
     GlobalSerif.CompositeFont -> C:\windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 13:37:35 | 000,029,779 | ---- | C] ()
     GlobalSansSerif.CompositeFont -> C:\windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 13:37:35 | 000,026,489 | ---- | C] ()
     GlobalMonospace.CompositeFont -> C:\windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 13:37:35 | 000,026,040 | ---- | C] ()
     sysprepMCE.dll -> C:\windows\System32\sysprepMCE.dll -> [2006/11/02 13:35:32 | 000,005,632 | ---- | C] ()
     pacerprf.ini -> C:\windows\System32\pacerprf.ini -> [2006/11/02 08:40:29 | 000,013,750 | ---- | C] ()
     lxdivs.dll -> C:\windows\System32\lxdivs.dll -> [2006/08/01 02:53:18 | 000,040,960 | ---- | C] ()
     pthreadVC.dll -> C:\windows\System32\pthreadVC.dll -> [2006/04/23 00:00:10 | 000,053,299 | ---- | C] ()
     WdfCoInstaller01000.dll -> C:\windows\System32\WdfCoInstaller01000.dll -> [2006/03/09 10:58:00 | 001,060,424 | ---- | C] ()
     msls50.dll -> C:\windows\System32\msls50.dll -> [2004/08/18 14:00:00 | 000,035,328 | -H-- | C] ()
     lcppn21.dll -> C:\windows\System32\lcppn21.dll -> [2001/11/14 13:56:00 | 001,802,240 | ---- | C] ()
     
    [Alternate Data Streams]
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:52DBE86F
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:91EA783C
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:981349EA
    @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:D1B5B4F1
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:901E30B2
    @Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    @Alternate Data Stream - 64 bytes -> C:\Users\Ben\Desktop\Plan B - Pass Out (BBC Live Lounge 2010).mp3:TOC.WMV
    < End of report >
    
     
  3. watugot

    watugot Thread Starter

    Joined:
    Apr 6, 2010
    Messages:
    3
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/915084

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice