Page 1 of 3 123 LastLast
Results 1 to 10 of 26
  1. #1
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Exclamation Malware/spyware detected and possible virus infection, expert help needed!?!

    Hi all,

    Back again, although its to aid a friend of mine whose come into some strife over the past week. Hes experiencing a dramatic down turn in performance, sluggish/prolonged start ups/shut downs, browser crashes and abrupt system restarts (blue screen) I've failed to make any difference with what knowledge I have gained from these forums in the past and so it is we are here to seek advice yet again. I have his tower and will reply when I can, many thanks as always in advance.

    P.S: I know for a fact he does a lot of online gaming, p2p sharing, torrent downloading (etc)

    Malwarebytes

    Malwarebytes Anti-Malware (PRO) 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.14.07

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Xtrakt :: LWRAKL-2112 [administrator]

    Protection: Enabled

    8/15/2013 14:41:49
    mbam-log-2013-08-15 (14-41-49).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 321485
    Time elapsed: 2 hour(s), 53 minute(s), 23 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    Super-Anti

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 08/15/2013 at 12:36 PM

    Application Version : 5.6.1030

    Core Rules Database Version : 10690
    Trace Rules Database Version: 8502

    Scan type : Complete Scan
    Total Scan Time : 00:42:23

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 506
    Memory threats detected : 0
    Registry items scanned : 37804
    Registry threats detected : 0
    File items scanned : 48097
    File threats detected : 0

    HJT

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 17:38:47, on 8/15/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)


    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ASRock\XFast LAN\spd.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\WINDOWS\system32\KaraokeSer.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\Program Files\XFastUSB\XFastUsb.exe
    C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\DOCUME~1\Xtrakt\LOCALS~1\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
    C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\PROGRA~1\MICROS~2\rapimgr.exe
    C:\Program Files\Samsung\Kies\Kies.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Documents and Settings\Xtrakt\Desktop\HJT.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files\XFastUSB\XFastUsb.exe"
    O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe" /R
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Power2GoExpress8] NA
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
    O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    --
    End of file - 10095 bytes

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,522
    Points
    563

    Default

    Hi xtrakt,

    The logs above display little to be concerned about except maybe too many startups that can slow the system down during start and shut down. Let's have a more in depth look here:

    Please do the following to provide fresh OTL logs:
    • Right-click on and select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click Run Scan at the top left hand corner.
    • When done, two Notepad files will open.
      • OTL.txt <-- Will be opened, maximized
      • Extras.txt <-- Will be minimized on task bar.
    • Please post the contents of both OTL.txt and Extras.txt files in your next reply.


    Thank you,

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    OTL logfile created on: 8/16/2013 5:16:04 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Xtrakt\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.22 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 59.04% Memory free
    5.06 Gb Paging File | 3.69 Gb Available in Paging File | 72.92% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200.00 Gb Total Space | 4.90 Gb Free Space | 2.45% Space Free | Partition Type: NTFS
    Drive E: | 265.76 Gb Total Space | 265.67 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

    Computer Name: LWRAKL-2112 | User Name: Xtrakt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/16 08:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    PRC - [2013/08/16 07:47:21 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
    PRC - [2013/08/15 11:22:21 | 005,703,408 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2013/07/25 12:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/07/13 09:36:14 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2013/03/28 18:32:34 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    PRC - [2013/03/28 18:32:32 | 001,511,792 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
    PRC - [2013/03/05 15:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    PRC - [2012/11/22 14:52:57 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
    PRC - [2012/11/22 14:50:25 | 005,019,360 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\XFastUSB\XFastUsb.exe
    PRC - [2012/07/12 06:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2012/04/20 13:11:32 | 000,462,048 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
    PRC - [2011/10/19 15:19:22 | 000,359,808 | R--- | M] (cFos Software GmbH) -- C:\Program Files\ASRock\XFast LAN\spd.exe
    PRC - [2011/10/19 15:19:20 | 001,202,560 | R--- | M] (cFos Software GmbH) -- C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
    PRC - [2011/09/16 13:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2009/07/08 14:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
    PRC - [2009/02/23 15:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2000/01/01 12:00:00 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2000/01/01 12:00:00 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2000/01/01 12:00:00 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2000/01/01 12:00:00 | 000,088,696 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/08/16 07:47:23 | 000,592,896 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~de6248.tmp
    MOD - [2013/08/16 07:47:21 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~df394b.tmp
    MOD - [2013/08/14 16:19:25 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
    MOD - [2013/08/14 16:19:22 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f4ea3ea9bbe98bbc32c6def83bd2962d\System.Runtime.Remoting.ni.dll
    MOD - [2013/08/14 16:19:07 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
    MOD - [2013/08/14 11:30:09 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
    MOD - [2013/08/14 11:29:11 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\2bd89ed2dc0f585328fd1ac4c5a206dd\System.Core.ni.dll
    MOD - [2013/08/14 11:28:58 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a283b4d76562af1ff279d465f5488d8c\PresentationFramework.ni.dll
    MOD - [2013/08/14 11:28:35 | 012,218,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\6c1a100fe556c7d391f4d1681ab3c615\PresentationCore.ni.dll
    MOD - [2013/08/14 11:28:21 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\64441cc39259974a2c3cdf0702a8beb3\WindowsBase.ni.dll
    MOD - [2013/08/14 11:28:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
    MOD - [2013/07/25 12:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
    MOD - [2013/07/25 12:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    MOD - [2013/07/25 12:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
    MOD - [2013/07/25 12:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
    MOD - [2013/07/25 12:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libegl.dll
    MOD - [2013/07/25 12:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
    MOD - [2013/07/11 17:08:46 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
    MOD - [2013/06/19 08:08:18 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
    MOD - [2013/03/28 18:27:48 | 017,433,088 | ---- | M] () -- C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
    MOD - [2013/03/28 18:26:22 | 000,570,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
    MOD - [2013/03/28 18:26:14 | 000,035,840 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
    MOD - [2013/03/20 17:29:20 | 000,023,040 | ---- | M] () -- C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
    MOD - [2013/03/20 17:06:28 | 000,057,856 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
    MOD - [2013/03/05 15:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go8\CLMediaLibrary.dll
    MOD - [2013/03/05 11:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go8\CLMLSvcPS.dll
    MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
    MOD - [2000/01/01 12:00:00 | 001,198,912 | ---- | M] () -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll


    ========== Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2013/08/14 18:47:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/11/22 14:53:10 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
    SRV - [2012/11/22 14:52:57 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
    SRV - [2012/07/12 06:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2011/10/19 15:19:22 | 000,359,808 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\ASRock\XFast LAN\spd.exe -- (cFosSpeedS)
    SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
    SRV - [2009/02/23 15:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
    SRV - [2000/01/01 12:00:00 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2000/01/01 12:00:00 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2000/01/01 12:00:00 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2000/01/01 12:00:00 | 000,088,696 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - [2013/08/16 13:07:16 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5303E6BD-E96A-4B0C-8CC9-CD2F9A68A8E1}\MpKsl9934d8d3.sys -- (MpKsl9934d8d3)
    DRV - [2013/08/14 14:27:19 | 000,029,760 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
    DRV - [2013/06/21 12:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
    DRV - [2013/06/21 12:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
    DRV - [2013/06/21 12:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/11/22 14:50:25 | 000,014,656 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FNETURPX.SYS -- (FNETURPX)
    DRV - [2012/03/14 08:04:18 | 001,076,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
    DRV - [2012/03/02 09:02:00 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandadb.sys -- (androidusb)
    DRV - [2012/03/02 09:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)
    DRV - [2012/03/02 09:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)
    DRV - [2012/03/02 09:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)
    DRV - [2012/03/02 09:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)
    DRV - [2011/12/26 21:37:48 | 000,073,328 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
    DRV - [2011/07/23 04:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/13 09:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/07/04 14:18:58 | 001,156,992 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
    DRV - [2011/05/10 15:28:20 | 000,015,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
    DRV - [2010/10/20 15:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
    DRV - [2010/10/18 13:12:56 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsmdm.sys -- (zghsmdm)
    DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
    DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
    DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
    DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2000/01/01 12:00:00 | 002,558,200 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV - [2000/01/01 12:00:00 | 001,656,960 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt)
    DRV - [2000/01/01 12:00:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt)
    DRV - [2000/01/01 12:00:00 | 000,386,528 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2000/01/01 12:00:00 | 000,260,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud)
    DRV - [2000/01/01 12:00:00 | 000,055,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes,DefaultScope = {5EC4BD7B-272F-44D4-BFFF-58057313333F}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{27EA813F-CE09-471A-80EF-DE7EDB1C4A2E}: "URL" = http://www.mysearchresults.com/search?c=0000&t=01&q={searchTerms}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{2A6B0296-DCC6-4281-BF19-7CF87D2CE5BB}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN14802986883161318&UM=2&SSPV=TB_C5
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{5EC4BD7B-272F-44D4-BFFF-58057313333F}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\sony.com/MediaGoDetector: C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 23.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/07/22 14:50:36 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 23.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

    [2012/12/05 15:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Extensions
    [2013/06/05 23:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Firefox\Profiles\extensions
    [2012/12/14 08:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR - homepage: Google
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
    CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: WOT = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Facebook Colour Changer = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
    CHR - Extension: Adblock Plus = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Crimson Red Theme = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpfgbckkcgepopaojnhcnkcdiafkcdjo\1_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/03/01 00:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
    O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
    O4 - HKLM..\Run: [XFastUSB] C:\Program Files\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [ASRockXTU] File not found
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [Power2GoExpress8] NA File not found
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
    O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1353839826781 (WUWebControl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A8E5973-F52F-4907-A514-4E75D20BE945}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E23DEE-5F9B-4927-96C7-F806D00524F6}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2012/11/22 12:49:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2013/06/09 15:37:39 | 000,000,090 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell - "" = AutoRun
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/16 08:59:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    [2013/08/15 17:28:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2013/08/15 11:40:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Xtrakt\Recent
    [2013/08/14 13:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Graphics Related Programs
    [2013/08/14 12:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\UnLock Root
    [2013/08/14 12:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Unlockroot
    [2013/08/14 11:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs
    [2013/08/14 11:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
    [2013/08/14 11:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\NCH Software Suite
    [2013/08/14 11:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
    [2013/08/14 11:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2013/08/14 11:06:56 | 000,025,728 | ---- | C] (Google Inc) -- C:\WINDOWS\System32\drivers\lgandadb.sys
    [2013/08/14 11:06:56 | 000,025,088 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandmodem.sys
    [2013/08/14 11:06:56 | 000,020,736 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lganddiag.sys
    [2013/08/14 11:06:56 | 000,020,096 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandgps.sys
    [2013/08/14 11:06:56 | 000,014,336 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandbus.sys
    [2013/08/14 11:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\LG PC Suite IV
    [2013/08/14 11:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\LG Electronics
    [2013/08/14 11:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LG PC Suite IV
    [2013/08/14 11:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2013/08/14 11:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2013/08/14 11:03:09 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr90.dll
    [2013/08/14 11:03:09 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp90.dll
    [2013/08/14 11:03:09 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm90.dll
    [2013/08/14 11:03:01 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
    [2013/08/14 11:03:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
    [2013/08/14 11:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LGMobile Support Tool
    [2013/08/14 11:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
    [2013/08/13 20:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\My Podcasts
    [2013/08/13 20:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\Media Go
    [2013/08/13 20:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony
    [2013/08/13 19:58:12 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudobex.sys
    [2013/08/13 19:58:10 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
    [2013/08/13 19:58:10 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
    [2013/08/13 19:58:08 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
    [2013/08/13 19:58:08 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll
    [2013/08/13 19:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MyFree Codec
    [2013/08/13 19:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
    [2013/08/13 19:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
    [2013/08/13 19:48:53 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
    [2013/08/13 19:48:41 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
    [2013/08/13 19:48:36 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
    [2013/08/13 19:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
    [2013/08/13 19:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
    [2013/08/12 12:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Desktop\Torrents
    [2013/08/11 20:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\FixItCenter
    [2013/08/11 19:56:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
    [2013/08/11 19:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
    [2013/08/11 10:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screen Shot
    [2013/08/11 10:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Sony Online Entertainment
    [2013/08/11 10:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\SCE
    [2013/08/11 10:24:58 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
    [2013/08/11 10:24:58 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
    [2013/08/11 10:24:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
    [2013/08/11 10:24:57 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
    [2013/08/11 10:24:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
    [2013/08/11 10:24:57 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
    [2013/08/11 10:24:57 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
    [2013/08/11 10:24:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
    [2013/08/11 10:24:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
    [2013/08/11 10:24:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
    [2013/08/11 10:24:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
    [2013/08/11 10:24:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
    [2013/08/11 10:24:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
    [2013/08/11 10:24:55 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
    [2013/08/11 10:24:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
    [2013/08/11 10:24:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
    [2013/08/11 10:24:54 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
    [2013/08/11 10:24:54 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
    [2013/08/11 10:24:53 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
    [2013/08/11 10:24:53 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
    [2013/08/11 10:24:53 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
    [2013/08/11 10:24:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
    [2013/08/11 10:24:53 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
    [2013/08/11 10:24:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
    [2013/08/11 10:24:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
    [2013/08/11 10:24:52 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
    [2013/08/11 10:24:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
    [2013/08/11 10:24:51 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
    [2013/08/11 10:24:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
    [2013/08/11 10:24:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
    [2013/08/11 10:24:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
    [2013/08/11 10:24:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
    [2013/08/11 10:24:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
    [2013/08/11 10:24:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
    [2013/08/11 10:24:50 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
    [2013/08/11 10:24:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
    [2013/08/11 10:24:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
    [2013/08/11 10:24:49 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
    [2013/08/11 10:24:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
    [2013/08/11 10:24:49 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
    [2013/08/11 10:24:48 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
    [2013/08/11 10:24:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
    [2013/08/11 10:24:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
    [2013/08/11 10:24:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
    [2013/08/11 10:24:47 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
    [2013/08/11 10:24:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
    [2013/08/11 10:24:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
    [2013/08/11 10:24:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
    [2013/08/11 10:24:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
    [2013/08/11 10:24:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
    [2013/08/11 10:24:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
    [2013/08/11 10:24:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
    [2013/08/11 10:24:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
    [2013/08/11 10:24:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
    [2013/08/11 10:24:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
    [2013/08/11 10:24:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
    [2013/08/11 10:24:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
    [2013/08/11 10:24:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
    [2013/08/11 10:24:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
    [2013/08/11 10:24:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
    [2013/08/11 10:24:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
    [2013/08/11 10:24:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
    [2013/08/11 10:24:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
    [2013/08/11 10:24:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
    [2013/08/11 10:24:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
    [2013/08/11 10:24:39 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
    [2013/08/11 10:24:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
    [2013/08/11 10:24:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
    [2013/08/11 10:24:34 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
    [2013/08/11 10:24:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
    [2013/08/11 10:24:34 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
    [2013/08/11 10:24:34 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
    [2013/08/11 10:24:33 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
    [2013/08/11 10:24:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
    [2013/08/11 10:24:33 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
    [2013/08/11 10:24:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
    [2013/08/11 10:24:32 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
    [2013/08/11 10:24:32 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
    [2013/08/11 10:24:32 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
    [2013/08/11 10:24:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
    [2013/08/11 10:24:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
    [2013/08/11 10:24:26 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
    [2013/08/11 10:24:26 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
    [2013/08/11 10:24:26 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
    [2013/08/11 10:24:25 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
    [2013/08/11 10:24:25 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
    [2013/08/11 10:24:24 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
    [2013/08/11 10:24:24 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
    [2013/08/11 10:24:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
    [2013/08/11 10:24:23 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
    [2013/08/11 10:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Online Entertainment
    [2013/08/09 13:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\A'izel
    [2013/08/06 21:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\ElevatedDiagnostics
    [2013/08/06 21:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
    [2013/08/06 21:51:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
    [2013/08/06 21:41:58 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
    [2013/07/30 16:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Red Kawa
    [2013/07/30 16:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Geckofx
    [2013/07/30 16:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Red Kawa
    [2013/07/30 16:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Red Kawa
    [2013/07/30 15:57:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Sony
    [2013/07/30 15:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
    [2013/07/30 15:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    [2013/07/30 15:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
    [2013/07/30 15:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Downloaded Installations
    [2013/07/30 15:56:45 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
    [2013/07/30 15:56:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
    [2013/07/30 15:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
    [2013/07/30 15:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Sony
    [2013/07/30 11:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
    [2013/07/22 14:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Desktop\X Marks The Spot
    [2013/07/22 14:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Xtrakt\My Documents\*.tmp files -> C:\Documents and Settings\Xtrakt\My Documents\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/16 16:47:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2013/08/16 16:41:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/16 16:24:27 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{424B9883-2761-4F0A-8374-ACE6791BA891}.job
    [2013/08/16 15:57:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
    [2013/08/16 14:08:32 | 061,937,065 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\ResinOne - Mellow Warrior.zip
    [2013/08/16 13:47:00 | 066,190,040 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Documentary - Eazy E.mp4
    [2013/08/16 09:41:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/16 08:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    [2013/08/16 07:47:14 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2013/08/16 07:47:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/08/15 17:30:48 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\PhotoPadReminder.job
    [2013/08/14 20:21:09 | 001,877,726 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\T-Pain feat. B.o.B - Up Down (Do This All Day)(Audio).mp3
    [2013/08/14 19:36:06 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\PrismDowngrade.job
    [2013/08/14 18:47:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013/08/14 18:47:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013/08/14 14:27:19 | 000,029,760 | ---- | M] (FNet Co., Ltd.) -- C:\WINDOWS\System32\drivers\FNETTBOH_305.SYS
    [2013/08/14 12:18:59 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unlock Root.lnk
    [2013/08/14 12:09:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
    [2013/08/14 11:31:38 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
    [2013/08/14 11:31:23 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
    [2013/08/14 11:31:10 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Update Checker.lnk
    [2013/08/14 11:30:48 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\VideoPadSevenDays.job
    [2013/08/14 11:30:44 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
    [2013/08/14 11:29:58 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\PrismSevenDays.job
    [2013/08/14 11:29:46 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
    [2013/08/14 11:27:42 | 000,433,482 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/08/14 11:27:42 | 000,068,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/08/14 11:13:58 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
    [2013/08/14 11:10:52 | 000,001,078 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\LGMobile Support Tool.lnk
    [2013/08/14 11:05:49 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LG PC Suite IV.lnk
    [2013/08/13 20:32:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
    [2013/08/13 20:03:15 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Go.lnk
    [2013/08/13 20:00:51 | 000,001,644 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2013/08/13 15:46:50 | 002,501,111 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Tyson Tyler - Head Shots.mp3
    [2013/08/12 22:38:35 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/12 13:10:21 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
    [2013/08/11 19:56:03 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix*it Center.lnk
    [2013/08/11 10:54:23 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Screen Shot.lnk
    [2013/08/11 10:21:35 | 000,002,126 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\DCUO.lnk
    [2013/08/09 18:52:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/08/08 11:11:42 | 000,013,742 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/08/07 14:22:59 | 000,002,249 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Slim Drivers.lnk
    [2013/08/07 08:57:37 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PS3 Video 9.lnk
    [2013/08/07 08:28:11 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2013/08/07 08:28:11 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2013/08/06 21:42:16 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2013/08/06 21:38:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
    [2013/07/30 16:22:29 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PSP Video 9.lnk
    [2013/07/26 14:47:17 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
    [2013/07/26 14:47:17 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
    [2013/07/26 14:47:17 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
    [2013/07/26 14:47:17 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
    [2013/07/26 14:47:17 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
    [2013/07/26 14:47:17 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
    [2013/07/26 14:47:16 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
    [2013/07/26 14:47:16 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
    [2013/07/26 14:47:16 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
    [2013/07/26 14:47:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
    [2013/07/26 14:47:14 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
    [2013/07/26 14:47:14 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
    [2013/07/26 14:47:14 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
    [2013/07/26 14:47:14 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
    [2013/07/26 14:47:13 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
    [2013/07/26 14:47:13 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
    [2013/07/26 14:47:13 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
    [2013/07/26 14:47:13 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
    [2013/07/26 14:47:13 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
    [2013/07/26 14:47:12 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
    [2013/07/26 14:47:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
    [2013/07/26 14:47:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
    [2013/07/26 14:47:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
    [2013/07/26 14:47:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
    [2013/07/26 14:47:10 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
    [2013/07/26 14:47:06 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
    [2013/07/26 14:47:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
    [2013/07/26 14:47:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
    [2013/07/26 03:52:59 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
    [2013/07/25 21:23:02 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
    [2013/07/25 21:23:02 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
    [2013/07/22 11:15:22 | 000,157,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Xtrakt\My Documents\*.tmp files -> C:\Documents and Settings\Xtrakt\My Documents\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/16 14:05:18 | 061,937,065 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\ResinOne - Mellow Warrior.zip
    [2013/08/16 13:46:01 | 066,190,040 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Documentary - Eazy E.mp4
    [2013/08/15 17:30:45 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\PhotoPadReminder.job
    [2013/08/14 16:26:48 | 001,877,726 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\T-Pain feat. B.o.B - Up Down (Do This All Day)(Audio).mp3
    [2013/08/14 12:18:59 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Unlock Root.lnk
    [2013/08/14 12:09:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
    [2013/08/14 11:31:35 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
    [2013/08/14 11:31:23 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
    [2013/08/14 11:31:10 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Update Checker.lnk
    [2013/08/14 11:30:45 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\VideoPadSevenDays.job
    [2013/08/14 11:30:44 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
    [2013/08/14 11:29:54 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\PrismSevenDays.job
    [2013/08/14 11:29:46 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
    [2013/08/14 11:05:49 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LG PC Suite IV.lnk
    [2013/08/14 11:03:09 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\LGMobile Support Tool.lnk
    [2013/08/14 11:03:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
    [2013/08/14 11:03:01 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
    [2013/08/13 20:32:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
    [2013/08/13 20:03:15 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Media Go.lnk
    [2013/08/13 20:00:51 | 000,001,644 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2013/08/13 14:37:55 | 002,501,111 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Tyson Tyler - Head Shots.mp3
    [2013/08/12 22:48:39 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/11 19:57:07 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2013/08/11 19:57:07 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job
    [2013/08/11 19:56:03 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
    [2013/08/11 19:56:03 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix*it Center.lnk
    [2013/08/11 10:53:02 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Screen Shot.lnk
    [2013/08/11 10:21:35 | 000,002,132 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\DC Universe Online.lnk
    [2013/08/11 10:21:35 | 000,002,126 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\DCUO.lnk
    [2013/08/07 08:57:37 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PS3 Video 9.lnk
    [2013/08/06 21:42:16 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2013/08/06 21:29:48 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
    [2013/08/06 21:29:48 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
    [2013/08/06 13:58:54 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/01 00:54:55 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2013/07/30 16:22:28 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PSP Video 9.lnk
    [2013/07/17 19:36:07 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\PrismDowngrade.job
    [2013/04/17 20:02:22 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.tv6
    [2013/03/20 17:02:22 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
    [2013/03/20 17:02:20 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
    [2013/03/20 17:02:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
    [2013/03/20 17:02:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
    [2013/03/20 17:02:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
    [2013/01/30 13:37:42 | 000,111,664 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\VideoPad.dmp
    [2012/12/02 21:45:08 | 000,135,168 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/11/30 11:28:49 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
    [2012/11/26 09:09:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012/11/23 01:39:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2012/11/23 01:38:59 | 000,157,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/11/22 20:07:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\$_hpcst$.hpc
    [2012/11/22 19:59:48 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
    [2012/11/22 15:05:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
    [2012/11/22 14:53:35 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI
    [2012/11/22 14:52:57 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
    [2012/11/22 14:52:57 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini
    [2012/11/22 14:52:36 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL
    [2012/11/22 14:50:34 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\user_data.ini
    [2012/11/22 14:40:52 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
    [2012/11/22 14:40:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
    [2012/11/22 14:40:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
    [2012/11/22 14:39:09 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
    [2012/11/22 14:39:09 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
    [2012/11/22 14:39:08 | 000,783,644 | ---- | C] () -- C:\WINDOWS\System32\igkrng600.bin
    [2012/11/22 14:39:08 | 000,197,016 | ---- | C] () -- C:\WINDOWS\System32\igfcg600m.bin
    [2012/11/22 14:39:08 | 000,145,804 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng600.bin
    [2012/11/22 12:50:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2012/11/22 12:46:51 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2012/04/20 12:57:00 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\IusEventLog.dll

    ========== ZeroAccess Check ==========

    [2012/11/25 20:52:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/10 00:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >

  4. #4
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    OTL logfile created on: 8/16/2013 5:16:04 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Xtrakt\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.22 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 59.04% Memory free
    5.06 Gb Paging File | 3.69 Gb Available in Paging File | 72.92% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200.00 Gb Total Space | 4.90 Gb Free Space | 2.45% Space Free | Partition Type: NTFS
    Drive E: | 265.76 Gb Total Space | 265.67 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

    Computer Name: LWRAKL-2112 | User Name: Xtrakt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/16 08:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    PRC - [2013/08/16 07:47:21 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
    PRC - [2013/08/15 11:22:21 | 005,703,408 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    PRC - [2013/07/25 12:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/07/13 09:36:14 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2013/03/28 18:32:34 | 000,310,640 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    PRC - [2013/03/28 18:32:32 | 001,511,792 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
    PRC - [2013/03/05 15:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    PRC - [2012/11/22 14:52:57 | 000,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
    PRC - [2012/11/22 14:50:25 | 005,019,360 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\XFastUSB\XFastUsb.exe
    PRC - [2012/07/12 06:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2012/04/20 13:11:32 | 000,462,048 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
    PRC - [2011/10/19 15:19:22 | 000,359,808 | R--- | M] (cFos Software GmbH) -- C:\Program Files\ASRock\XFast LAN\spd.exe
    PRC - [2011/10/19 15:19:20 | 001,202,560 | R--- | M] (cFos Software GmbH) -- C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
    PRC - [2011/09/16 13:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2009/07/08 14:32:50 | 001,233,195 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
    PRC - [2009/02/23 15:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2000/01/01 12:00:00 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2000/01/01 12:00:00 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2000/01/01 12:00:00 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2000/01/01 12:00:00 | 000,088,696 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/08/16 07:47:23 | 000,592,896 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~de6248.tmp
    MOD - [2013/08/16 07:47:21 | 000,697,884 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0000\~df394b.tmp
    MOD - [2013/08/14 16:19:25 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
    MOD - [2013/08/14 16:19:22 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f4ea3ea9bbe98bbc32c6def83bd2962d\System.Runtime.Remoting.ni.dll
    MOD - [2013/08/14 16:19:07 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
    MOD - [2013/08/14 11:30:09 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
    MOD - [2013/08/14 11:29:11 | 002,295,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\2bd89ed2dc0f585328fd1ac4c5a206dd\System.Core.ni.dll
    MOD - [2013/08/14 11:28:58 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a283b4d76562af1ff279d465f5488d8c\PresentationFramework.ni.dll
    MOD - [2013/08/14 11:28:35 | 012,218,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\6c1a100fe556c7d391f4d1681ab3c615\PresentationCore.ni.dll
    MOD - [2013/08/14 11:28:21 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\64441cc39259974a2c3cdf0702a8beb3\WindowsBase.ni.dll
    MOD - [2013/08/14 11:28:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
    MOD - [2013/07/25 12:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
    MOD - [2013/07/25 12:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    MOD - [2013/07/25 12:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
    MOD - [2013/07/25 12:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
    MOD - [2013/07/25 12:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\libegl.dll
    MOD - [2013/07/25 12:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
    MOD - [2013/07/11 17:08:46 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
    MOD - [2013/06/19 08:08:18 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
    MOD - [2013/03/28 18:27:48 | 017,433,088 | ---- | M] () -- C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
    MOD - [2013/03/28 18:26:22 | 000,570,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
    MOD - [2013/03/28 18:26:14 | 000,035,840 | ---- | M] () -- C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
    MOD - [2013/03/20 17:29:20 | 000,023,040 | ---- | M] () -- C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
    MOD - [2013/03/20 17:06:28 | 000,057,856 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
    MOD - [2013/03/05 15:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go8\CLMediaLibrary.dll
    MOD - [2013/03/05 11:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go8\CLMLSvcPS.dll
    MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
    MOD - [2000/01/01 12:00:00 | 001,198,912 | ---- | M] () -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll


    ========== Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2013/08/14 18:47:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2013/06/12 21:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/11/22 14:53:10 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
    SRV - [2012/11/22 14:52:57 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
    SRV - [2012/07/12 06:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2011/10/19 15:19:22 | 000,359,808 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\ASRock\XFast LAN\spd.exe -- (cFosSpeedS)
    SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
    SRV - [2009/02/23 15:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
    SRV - [2000/01/01 12:00:00 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2000/01/01 12:00:00 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2000/01/01 12:00:00 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2000/01/01 12:00:00 | 000,088,696 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - [2013/08/16 13:07:16 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5303E6BD-E96A-4B0C-8CC9-CD2F9A68A8E1}\MpKsl9934d8d3.sys -- (MpKsl9934d8d3)
    DRV - [2013/08/14 14:27:19 | 000,029,760 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
    DRV - [2013/06/21 12:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
    DRV - [2013/06/21 12:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
    DRV - [2013/06/21 12:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/11/22 14:50:25 | 000,014,656 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FNETURPX.SYS -- (FNETURPX)
    DRV - [2012/03/14 08:04:18 | 001,076,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
    DRV - [2012/03/02 09:02:00 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandadb.sys -- (androidusb)
    DRV - [2012/03/02 09:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)
    DRV - [2012/03/02 09:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)
    DRV - [2012/03/02 09:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)
    DRV - [2012/03/02 09:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)
    DRV - [2011/12/26 21:37:48 | 000,073,328 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
    DRV - [2011/07/23 04:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/13 09:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/07/04 14:18:58 | 001,156,992 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
    DRV - [2011/05/10 15:28:20 | 000,015,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
    DRV - [2010/10/20 15:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
    DRV - [2010/10/18 13:12:56 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsmdm.sys -- (zghsmdm)
    DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
    DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
    DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
    DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2000/01/01 12:00:00 | 002,558,200 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV - [2000/01/01 12:00:00 | 001,656,960 | ---- | M] (Creative) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt)
    DRV - [2000/01/01 12:00:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt)
    DRV - [2000/01/01 12:00:00 | 000,386,528 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
    DRV - [2000/01/01 12:00:00 | 000,260,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud)
    DRV - [2000/01/01 12:00:00 | 000,055,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes,DefaultScope = {5EC4BD7B-272F-44D4-BFFF-58057313333F}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{27EA813F-CE09-471A-80EF-DE7EDB1C4A2E}: "URL" = http://www.mysearchresults.com/search?c=0000&t=01&q={searchTerms}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{2A6B0296-DCC6-4281-BF19-7CF87D2CE5BB}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN14802986883161318&UM=2&SSPV=TB_C5
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{5EC4BD7B-272F-44D4-BFFF-58057313333F}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\sony.com/MediaGoDetector: C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 23.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/07/22 14:50:36 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 23.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

    [2012/12/05 15:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Extensions
    [2013/06/05 23:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Firefox\Profiles\extensions
    [2012/12/14 08:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Documents and Settings\Xtrakt\Application Data\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR - homepage: Google
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
    CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: WOT = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Facebook Colour Changer = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
    CHR - Extension: Adblock Plus = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Crimson Red Theme = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mpfgbckkcgepopaojnhcnkcdiafkcdjo\1_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/03/01 00:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
    O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
    O4 - HKLM..\Run: [XFastUSB] C:\Program Files\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [ASRockXTU] File not found
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [Power2GoExpress8] NA File not found
    O4 - HKU\S-1-5-21-854245398-1275210071-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-854245398-1275210071-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
    O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
    O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1353839826781 (WUWebControl Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A8E5973-F52F-4907-A514-4E75D20BE945}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1E23DEE-5F9B-4927-96C7-F806D00524F6}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2012/11/22 12:49:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2013/06/09 15:37:39 | 000,000,090 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell - "" = AutoRun
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c2461707-3450-11e2-9c62-bc5ff4448839}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/16 08:59:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    [2013/08/15 17:28:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2013/08/15 11:40:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Xtrakt\Recent
    [2013/08/14 13:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Graphics Related Programs
    [2013/08/14 12:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\UnLock Root
    [2013/08/14 12:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Unlockroot
    [2013/08/14 11:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs
    [2013/08/14 11:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
    [2013/08/14 11:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\NCH Software Suite
    [2013/08/14 11:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
    [2013/08/14 11:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2013/08/14 11:06:56 | 000,025,728 | ---- | C] (Google Inc) -- C:\WINDOWS\System32\drivers\lgandadb.sys
    [2013/08/14 11:06:56 | 000,025,088 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandmodem.sys
    [2013/08/14 11:06:56 | 000,020,736 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lganddiag.sys
    [2013/08/14 11:06:56 | 000,020,096 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandgps.sys
    [2013/08/14 11:06:56 | 000,014,336 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandbus.sys
    [2013/08/14 11:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\LG PC Suite IV
    [2013/08/14 11:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\LG Electronics
    [2013/08/14 11:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LG PC Suite IV
    [2013/08/14 11:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2013/08/14 11:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
    [2013/08/14 11:03:09 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr90.dll
    [2013/08/14 11:03:09 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp90.dll
    [2013/08/14 11:03:09 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm90.dll
    [2013/08/14 11:03:01 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
    [2013/08/14 11:03:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
    [2013/08/14 11:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LGMobile Support Tool
    [2013/08/14 11:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
    [2013/08/13 20:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\My Podcasts
    [2013/08/13 20:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\Media Go
    [2013/08/13 20:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony
    [2013/08/13 19:58:12 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudobex.sys
    [2013/08/13 19:58:10 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
    [2013/08/13 19:58:10 | 000,084,248 | ---- | C] (DEVGURU Co., LTD.(DEVGURU :: DEVGURU)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
    [2013/08/13 19:58:08 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01007.dll
    [2013/08/13 19:58:08 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinUSBCoInstaller.dll
    [2013/08/13 19:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MyFree Codec
    [2013/08/13 19:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
    [2013/08/13 19:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
    [2013/08/13 19:48:53 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
    [2013/08/13 19:48:41 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
    [2013/08/13 19:48:36 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
    [2013/08/13 19:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
    [2013/08/13 19:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
    [2013/08/12 12:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Desktop\Torrents
    [2013/08/11 20:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\FixItCenter
    [2013/08/11 19:56:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
    [2013/08/11 19:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
    [2013/08/11 10:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screen Shot
    [2013/08/11 10:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Sony Online Entertainment
    [2013/08/11 10:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\SCE
    [2013/08/11 10:24:58 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
    [2013/08/11 10:24:58 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
    [2013/08/11 10:24:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
    [2013/08/11 10:24:57 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
    [2013/08/11 10:24:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
    [2013/08/11 10:24:57 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
    [2013/08/11 10:24:57 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
    [2013/08/11 10:24:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
    [2013/08/11 10:24:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
    [2013/08/11 10:24:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
    [2013/08/11 10:24:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
    [2013/08/11 10:24:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
    [2013/08/11 10:24:55 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
    [2013/08/11 10:24:55 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
    [2013/08/11 10:24:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
    [2013/08/11 10:24:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
    [2013/08/11 10:24:54 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
    [2013/08/11 10:24:54 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
    [2013/08/11 10:24:53 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
    [2013/08/11 10:24:53 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
    [2013/08/11 10:24:53 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
    [2013/08/11 10:24:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
    [2013/08/11 10:24:53 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
    [2013/08/11 10:24:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
    [2013/08/11 10:24:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
    [2013/08/11 10:24:52 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
    [2013/08/11 10:24:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
    [2013/08/11 10:24:51 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
    [2013/08/11 10:24:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
    [2013/08/11 10:24:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
    [2013/08/11 10:24:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
    [2013/08/11 10:24:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
    [2013/08/11 10:24:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
    [2013/08/11 10:24:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
    [2013/08/11 10:24:50 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
    [2013/08/11 10:24:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
    [2013/08/11 10:24:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
    [2013/08/11 10:24:49 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
    [2013/08/11 10:24:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
    [2013/08/11 10:24:49 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
    [2013/08/11 10:24:48 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
    [2013/08/11 10:24:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
    [2013/08/11 10:24:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
    [2013/08/11 10:24:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
    [2013/08/11 10:24:47 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
    [2013/08/11 10:24:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
    [2013/08/11 10:24:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
    [2013/08/11 10:24:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
    [2013/08/11 10:24:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
    [2013/08/11 10:24:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
    [2013/08/11 10:24:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
    [2013/08/11 10:24:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
    [2013/08/11 10:24:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
    [2013/08/11 10:24:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
    [2013/08/11 10:24:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
    [2013/08/11 10:24:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
    [2013/08/11 10:24:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
    [2013/08/11 10:24:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
    [2013/08/11 10:24:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
    [2013/08/11 10:24:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
    [2013/08/11 10:24:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
    [2013/08/11 10:24:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
    [2013/08/11 10:24:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
    [2013/08/11 10:24:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
    [2013/08/11 10:24:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
    [2013/08/11 10:24:39 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
    [2013/08/11 10:24:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
    [2013/08/11 10:24:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
    [2013/08/11 10:24:34 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
    [2013/08/11 10:24:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
    [2013/08/11 10:24:34 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
    [2013/08/11 10:24:34 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
    [2013/08/11 10:24:33 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
    [2013/08/11 10:24:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
    [2013/08/11 10:24:33 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
    [2013/08/11 10:24:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
    [2013/08/11 10:24:32 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
    [2013/08/11 10:24:32 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
    [2013/08/11 10:24:32 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
    [2013/08/11 10:24:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
    [2013/08/11 10:24:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
    [2013/08/11 10:24:26 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
    [2013/08/11 10:24:26 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
    [2013/08/11 10:24:26 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
    [2013/08/11 10:24:25 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
    [2013/08/11 10:24:25 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
    [2013/08/11 10:24:24 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
    [2013/08/11 10:24:24 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
    [2013/08/11 10:24:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
    [2013/08/11 10:24:23 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
    [2013/08/11 10:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Online Entertainment
    [2013/08/09 13:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\My Documents\A'izel
    [2013/08/06 21:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\ElevatedDiagnostics
    [2013/08/06 21:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
    [2013/08/06 21:51:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
    [2013/08/06 21:41:58 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
    [2013/07/30 16:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Red Kawa
    [2013/07/30 16:24:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Geckofx
    [2013/07/30 16:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Red Kawa
    [2013/07/30 16:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Red Kawa
    [2013/07/30 15:57:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Sony
    [2013/07/30 15:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
    [2013/07/30 15:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    [2013/07/30 15:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
    [2013/07/30 15:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\Downloaded Installations
    [2013/07/30 15:56:45 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
    [2013/07/30 15:56:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
    [2013/07/30 15:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
    [2013/07/30 15:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Application Data\Sony
    [2013/07/30 11:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
    [2013/07/22 14:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Xtrakt\Desktop\X Marks The Spot
    [2013/07/22 14:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Xtrakt\My Documents\*.tmp files -> C:\Documents and Settings\Xtrakt\My Documents\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/16 16:47:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2013/08/16 16:41:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/16 16:24:27 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{424B9883-2761-4F0A-8374-ACE6791BA891}.job
    [2013/08/16 15:57:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
    [2013/08/16 14:08:32 | 061,937,065 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\ResinOne - Mellow Warrior.zip
    [2013/08/16 13:47:00 | 066,190,040 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Documentary - Eazy E.mp4
    [2013/08/16 09:41:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/16 08:59:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Xtrakt\Desktop\OTL.exe
    [2013/08/16 07:47:14 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2013/08/16 07:47:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/08/15 17:30:48 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\PhotoPadReminder.job
    [2013/08/14 20:21:09 | 001,877,726 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\T-Pain feat. B.o.B - Up Down (Do This All Day)(Audio).mp3
    [2013/08/14 19:36:06 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\PrismDowngrade.job
    [2013/08/14 18:47:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2013/08/14 18:47:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2013/08/14 14:27:19 | 000,029,760 | ---- | M] (FNet Co., Ltd.) -- C:\WINDOWS\System32\drivers\FNETTBOH_305.SYS
    [2013/08/14 12:18:59 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unlock Root.lnk
    [2013/08/14 12:09:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
    [2013/08/14 11:31:38 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
    [2013/08/14 11:31:23 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
    [2013/08/14 11:31:10 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Update Checker.lnk
    [2013/08/14 11:30:48 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\VideoPadSevenDays.job
    [2013/08/14 11:30:44 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
    [2013/08/14 11:29:58 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\PrismSevenDays.job
    [2013/08/14 11:29:46 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
    [2013/08/14 11:27:42 | 000,433,482 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/08/14 11:27:42 | 000,068,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/08/14 11:13:58 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
    [2013/08/14 11:10:52 | 000,001,078 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\LGMobile Support Tool.lnk
    [2013/08/14 11:05:49 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LG PC Suite IV.lnk
    [2013/08/13 20:32:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
    [2013/08/13 20:03:15 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Media Go.lnk
    [2013/08/13 20:00:51 | 000,001,644 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2013/08/13 15:46:50 | 002,501,111 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\Tyson Tyler - Head Shots.mp3
    [2013/08/12 22:38:35 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/12 13:10:21 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
    [2013/08/11 19:56:03 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix*it Center.lnk
    [2013/08/11 10:54:23 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Screen Shot.lnk
    [2013/08/11 10:21:35 | 000,002,126 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Desktop\DCUO.lnk
    [2013/08/09 18:52:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/08/08 11:11:42 | 000,013,742 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/08/07 14:22:59 | 000,002,249 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Slim Drivers.lnk
    [2013/08/07 08:57:37 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PS3 Video 9.lnk
    [2013/08/07 08:28:11 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2013/08/07 08:28:11 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2013/08/06 21:42:16 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2013/08/06 21:38:38 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
    [2013/07/30 16:22:29 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PSP Video 9.lnk
    [2013/07/26 14:47:17 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
    [2013/07/26 14:47:17 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
    [2013/07/26 14:47:17 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
    [2013/07/26 14:47:17 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
    [2013/07/26 14:47:17 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
    [2013/07/26 14:47:17 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
    [2013/07/26 14:47:16 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
    [2013/07/26 14:47:16 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
    [2013/07/26 14:47:16 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
    [2013/07/26 14:47:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
    [2013/07/26 14:47:14 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
    [2013/07/26 14:47:14 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
    [2013/07/26 14:47:14 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
    [2013/07/26 14:47:14 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
    [2013/07/26 14:47:13 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
    [2013/07/26 14:47:13 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
    [2013/07/26 14:47:13 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
    [2013/07/26 14:47:13 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
    [2013/07/26 14:47:13 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
    [2013/07/26 14:47:12 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
    [2013/07/26 14:47:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
    [2013/07/26 14:47:12 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
    [2013/07/26 14:47:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
    [2013/07/26 14:47:11 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
    [2013/07/26 14:47:10 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
    [2013/07/26 14:47:06 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
    [2013/07/26 14:47:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
    [2013/07/26 14:47:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
    [2013/07/26 03:52:59 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
    [2013/07/25 21:23:02 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
    [2013/07/25 21:23:02 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
    [2013/07/22 11:15:22 | 000,157,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Xtrakt\My Documents\*.tmp files -> C:\Documents and Settings\Xtrakt\My Documents\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/16 14:05:18 | 061,937,065 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\ResinOne - Mellow Warrior.zip
    [2013/08/16 13:46:01 | 066,190,040 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Documentary - Eazy E.mp4
    [2013/08/15 17:30:45 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\PhotoPadReminder.job
    [2013/08/14 16:26:48 | 001,877,726 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\T-Pain feat. B.o.B - Up Down (Do This All Day)(Audio).mp3
    [2013/08/14 12:18:59 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Unlock Root.lnk
    [2013/08/14 12:09:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandadb_01005.Wdf
    [2013/08/14 11:31:35 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
    [2013/08/14 11:31:23 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WavePad Sound Editor.lnk
    [2013/08/14 11:31:10 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Update Checker.lnk
    [2013/08/14 11:30:45 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\VideoPadSevenDays.job
    [2013/08/14 11:30:44 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VideoPad Video Editor.lnk
    [2013/08/14 11:29:54 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\PrismSevenDays.job
    [2013/08/14 11:29:46 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
    [2013/08/14 11:05:49 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LG PC Suite IV.lnk
    [2013/08/14 11:03:09 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\LGMobile Support Tool.lnk
    [2013/08/14 11:03:01 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
    [2013/08/14 11:03:01 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
    [2013/08/13 20:32:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
    [2013/08/13 20:03:15 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Media Go.lnk
    [2013/08/13 20:00:51 | 000,001,644 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies.lnk
    [2013/08/13 14:37:55 | 002,501,111 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\Tyson Tyler - Head Shots.mp3
    [2013/08/12 22:48:39 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/11 19:57:07 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job
    [2013/08/11 19:57:07 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job
    [2013/08/11 19:56:03 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk
    [2013/08/11 19:56:03 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix*it Center.lnk
    [2013/08/11 10:53:02 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Screen Shot.lnk
    [2013/08/11 10:21:35 | 000,002,132 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Start Menu\Programs\DC Universe Online.lnk
    [2013/08/11 10:21:35 | 000,002,126 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Desktop\DCUO.lnk
    [2013/08/07 08:57:37 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PS3 Video 9.lnk
    [2013/08/06 21:42:16 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2013/08/06 21:29:48 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
    [2013/08/06 21:29:48 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
    [2013/08/06 13:58:54 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/08/01 00:54:55 | 000,088,064 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2013/07/30 16:22:28 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PSP Video 9.lnk
    [2013/07/17 19:36:07 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\PrismDowngrade.job
    [2013/04/17 20:02:22 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\.tv6
    [2013/03/20 17:02:22 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
    [2013/03/20 17:02:20 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
    [2013/03/20 17:02:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
    [2013/03/20 17:02:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
    [2013/03/20 17:02:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
    [2013/01/30 13:37:42 | 000,111,664 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\VideoPad.dmp
    [2012/12/02 21:45:08 | 000,135,168 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/11/30 11:28:49 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
    [2012/11/26 09:09:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012/11/23 01:39:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2012/11/23 01:38:59 | 000,157,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/11/22 20:07:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Application Data\$_hpcst$.hpc
    [2012/11/22 19:59:48 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
    [2012/11/22 15:05:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
    [2012/11/22 14:53:35 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI
    [2012/11/22 14:52:57 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
    [2012/11/22 14:52:57 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini
    [2012/11/22 14:52:36 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL
    [2012/11/22 14:50:34 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\Xtrakt\Local Settings\Application Data\user_data.ini
    [2012/11/22 14:40:52 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
    [2012/11/22 14:40:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
    [2012/11/22 14:40:15 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll
    [2012/11/22 14:39:09 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
    [2012/11/22 14:39:09 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
    [2012/11/22 14:39:08 | 000,783,644 | ---- | C] () -- C:\WINDOWS\System32\igkrng600.bin
    [2012/11/22 14:39:08 | 000,197,016 | ---- | C] () -- C:\WINDOWS\System32\igfcg600m.bin
    [2012/11/22 14:39:08 | 000,145,804 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng600.bin
    [2012/11/22 12:50:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2012/11/22 12:46:51 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2012/04/20 12:57:00 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\IusEventLog.dll

    ========== ZeroAccess Check ==========

    [2012/11/25 20:52:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/10 00:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >

  5. #5
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    OTL Extras logfile created on: 8/16/2013 5:16:04 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Xtrakt\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.22 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 59.04% Memory free
    5.06 Gb Paging File | 3.69 Gb Available in Paging File | 72.92% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200.00 Gb Total Space | 4.90 Gb Free Space | 2.45% Space Free | Partition Type: NTFS
    Drive E: | 265.76 Gb Total Space | 265.67 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

    Computer Name: LWRAKL-2112 | User Name: Xtrakt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-854245398-1275210071-725345543-1004\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
    hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    Unknown [openas] -- C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation)
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "94:TCP" = 94:TCP:*:Enabled:VRS Recording System TCP/IP Port
    "4100:UDP" = 4100:UDP:*:Enabled:uPNP Router Control Port
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNetisabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNetisabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNetisabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNetisabled:@xpsp2res.dll,-22002
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
    "C:\WINDOWS\system32\dmwu.exe" = C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu
    "C:\WINDOWS\system32\ARFC\wrtc.exe" = C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc -- ()
    "C:\Program Files\IAHGames\Counter-Strike Online\Bin\NMService.exe" = C:\Program Files\IAHGames\Counter-Strike Online\Bin\NMService.exe:*:Enabled:Nexon Messenger Core
    "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
    "C:\Program Files\tixati\tixati.exe" = C:\Program Files\tixati\tixati.exe:*:Enabled:Tixati -- (Tixati Software Inc.)
    "C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe" = C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe:*:Enabled:TwonkyMedia
    "C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe" = C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe:*:Enabled:TwonkyMediaServer
    "C:\Program Files\TwonkyMedia\MediaManager\TwonkyMediaManager.exe" = C:\Program Files\TwonkyMedia\MediaManager\TwonkyMediaManager.exe:*:Enabled:TwonkyMediaManager
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
    "{152A537F-45E9-4B15-8847-2E3E5BE61859}" = Intel® Trusted Connect Service Client
    "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
    "{1BBEB0C2-B5F6-4B8E-A4EA-1B13C45FCE7D}" = ScreenShot V1.1.0.0
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
    "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
    "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
    "{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.7
    "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
    "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
    "{7E052F74-10A7-42E7-84EB-01C172F5AB5D}" = SlimDrivers
    "{8227BCD8-AA43-B935-7134-2732A298364A}" = Media Go Video Playback Engine 1.120.105.05010
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
    "{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
    "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
    "{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
    "{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}" = Media Go
    "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CA236E47-2B28-40F3-8DDB-45BE148AD986}" = TP-LINK TL-WN725N Driver
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}" = WinZip 17.5
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
    "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
    "{EBED0919-4BD0-4718-BA7A-5D2B503F9BC6}_is1" = ZTE Handset USB Driver 5.2066.1.7
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "ASRock App Charger_is1" = ASRock App Charger v1.0.5
    "ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.169
    "ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
    "CCleaner" = CCleaner
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "FileHippo.com" = FileHippo.com Update Checker
    "FileZilla Client" = FileZilla Client 3.7.1
    "Google Chrome" = Google Chrome
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
    "InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "LG PC Suite IV" = LG PC Suite IV
    "M4a to MP3 Converter Free_is1" = M4a to MP3 Converter Free 3.6.1
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
    "Microsoft Security Client" = Microsoft Security Essentials
    "Mozilla Thunderbird 23.0 (x86 en-US)" = Mozilla Thunderbird 23.0 (x86 en-US)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "Optical Disc Doctor_is1" = Optical Disc Doctor
    "PhotoPad" = PhotoPad Image Editor
    "PokerStars" = PokerStars
    "Prism" = Prism Video File Converter
    "PS3 Video 9" = PS3 Video 9 6
    "PSP Video 9" = PSP Video 9 6
    "sl-dlc" = SelectionLinks
    "tixati" = Tixati
    "UnLock Root" = UnLock Root 2.30
    "VideoPad" = VideoPad Video Editor
    "VLC media player" = VLC media player 2.0.4
    "WavePad" = WavePad Sound Editor
    "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 5.00 beta 5 (32-bit)
    "winusb0100" = Microsoft WinUsb 1.0
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XFast LAN" = XFast LAN v6.61
    "XFastUSB" = XFastUSB

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-854245398-1275210071-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "MyFreeCodec" = MyFreeCodec
    "soe-DC Universe Online" = DC Universe Online
    "SOE-DC Universe Online Live" = DC Universe Online Live

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/5/2013 5:47:13 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot, P8
    NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:13 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot, P8
    NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:15 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 passthrough, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot,
    P8 NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:15 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
    P4 4.2.223.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

    Error - 7/22/2013 5:58:19 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1000
    Description = Faulting application vipboxsportsappsinstall94.exe, version 0.0.0.0,
    faulting module nsdialogs.dll, version 0.0.0.0, fault address 0x00001a41.

    Error - 7/22/2013 5:58:23 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1001
    Description = Fault bucket -572205193.

    Error - 8/12/2013 6:40:40 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1000
    Description = Faulting application uninstalldt.exe, version 1.0.2.0, faulting module
    kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.

    Error - 8/12/2013 6:40:54 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1001
    Description = Fault bucket -882161195.

    Error - 8/12/2013 10:15:08 PM | Computer Name = LWRAKL-2112 | Source = Application Hang | ID = 1002
    Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 8/12/2013 10:15:14 PM | Computer Name = LWRAKL-2112 | Source = Application Hang | ID = 1001
    Description = Fault bucket -816940832.

    [ System Events ]
    Error - 8/12/2013 4:24:30 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 4:44:15 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 10:12:38 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 10:12:53 PM | Computer Name = LWRAKL-2112 | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 8/12/2013 10:12:53 PM | Computer Name = LWRAKL-2112 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 8/13/2013 4:46:02 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/14/2013 5:24:13 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/14/2013 7:21:35 PM | Computer Name = LWRAKL-2112 | Source = System Error | ID = 1003
    Description = Error code 1000008e, parameter1 c0000005, parameter2 bf862276, parameter3
    a6d22ae4, parameter4 00000000.

    Error - 8/14/2013 7:39:02 PM | Computer Name = LWRAKL-2112 | Source = System Error | ID = 1003
    Description = Error code 10000050, parameter1 a65b8000, parameter2 00000000, parameter3
    80509a63, parameter4 00000000.

    Error - 8/15/2013 3:47:11 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).


    < End of report >

  6. #6
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    OTL Extras logfile created on: 8/16/2013 5:16:04 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Xtrakt\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.22 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 59.04% Memory free
    5.06 Gb Paging File | 3.69 Gb Available in Paging File | 72.92% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 200.00 Gb Total Space | 4.90 Gb Free Space | 2.45% Space Free | Partition Type: NTFS
    Drive E: | 265.76 Gb Total Space | 265.67 Gb Free Space | 99.97% Space Free | Partition Type: NTFS

    Computer Name: LWRAKL-2112 | User Name: Xtrakt | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-854245398-1275210071-725345543-1004\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
    hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    Unknown [openas] -- C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation)
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    "94:TCP" = 94:TCP:*:Enabled:VRS Recording System TCP/IP Port
    "4100:UDP" = 4100:UDP:*:Enabled:uPNP Router Control Port
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNetisabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNetisabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNetisabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNetisabled:@xpsp2res.dll,-22002
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*isabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
    "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
    "C:\WINDOWS\system32\dmwu.exe" = C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu
    "C:\WINDOWS\system32\ARFC\wrtc.exe" = C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc -- ()
    "C:\Program Files\IAHGames\Counter-Strike Online\Bin\NMService.exe" = C:\Program Files\IAHGames\Counter-Strike Online\Bin\NMService.exe:*:Enabled:Nexon Messenger Core
    "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
    "C:\Program Files\tixati\tixati.exe" = C:\Program Files\tixati\tixati.exe:*:Enabled:Tixati -- (Tixati Software Inc.)
    "C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe" = C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe:*:Enabled:TwonkyMedia
    "C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe" = C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe:*:Enabled:TwonkyMediaServer
    "C:\Program Files\TwonkyMedia\MediaManager\TwonkyMediaManager.exe" = C:\Program Files\TwonkyMedia\MediaManager\TwonkyMediaManager.exe:*:Enabled:TwonkyMediaManager
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
    "{152A537F-45E9-4B15-8847-2E3E5BE61859}" = Intel® Trusted Connect Service Client
    "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
    "{1BBEB0C2-B5F6-4B8E-A4EA-1B13C45FCE7D}" = ScreenShot V1.1.0.0
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
    "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
    "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
    "{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.7
    "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
    "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
    "{7E052F74-10A7-42E7-84EB-01C172F5AB5D}" = SlimDrivers
    "{8227BCD8-AA43-B935-7134-2732A298364A}" = Media Go Video Playback Engine 1.120.105.05010
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
    "{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
    "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
    "{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
    "{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}" = Media Go
    "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
    "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
    "{CA236E47-2B28-40F3-8DDB-45BE148AD986}" = TP-LINK TL-WN725N Driver
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}" = WinZip 17.5
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
    "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
    "{EBED0919-4BD0-4718-BA7A-5D2B503F9BC6}_is1" = ZTE Handset USB Driver 5.2066.1.7
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "ASRock App Charger_is1" = ASRock App Charger v1.0.5
    "ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.169
    "ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
    "CCleaner" = CCleaner
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "FileHippo.com" = FileHippo.com Update Checker
    "FileZilla Client" = FileZilla Client 3.7.1
    "Google Chrome" = Google Chrome
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
    "InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "LG PC Suite IV" = LG PC Suite IV
    "M4a to MP3 Converter Free_is1" = M4a to MP3 Converter Free 3.6.1
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
    "Microsoft Security Client" = Microsoft Security Essentials
    "Mozilla Thunderbird 23.0 (x86 en-US)" = Mozilla Thunderbird 23.0 (x86 en-US)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "Optical Disc Doctor_is1" = Optical Disc Doctor
    "PhotoPad" = PhotoPad Image Editor
    "PokerStars" = PokerStars
    "Prism" = Prism Video File Converter
    "PS3 Video 9" = PS3 Video 9 6
    "PSP Video 9" = PSP Video 9 6
    "sl-dlc" = SelectionLinks
    "tixati" = Tixati
    "UnLock Root" = UnLock Root 2.30
    "VideoPad" = VideoPad Video Editor
    "VLC media player" = VLC media player 2.0.4
    "WavePad" = WavePad Sound Editor
    "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 5.00 beta 5 (32-bit)
    "winusb0100" = Microsoft WinUsb 1.0
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XFast LAN" = XFast LAN v6.61
    "XFastUSB" = XFastUSB

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-854245398-1275210071-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "MyFreeCodec" = MyFreeCodec
    "soe-DC Universe Online" = DC Universe Online
    "SOE-DC Universe Online Live" = DC Universe Online Live

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/5/2013 5:47:13 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot, P8
    NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:13 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot, P8
    NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:15 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P2 4.2.223.0, P3 passthrough, P4 1.1.9607.0, P5 fixed, P6 2 _ 2049+, P7 5 _ boot,
    P8 NIL, P9 NIL, P10 NIL.

    Error - 7/5/2013 5:47:15 AM | Computer Name = LWRAKL-2112 | Source = MPSampleSubmission | ID = 5000
    Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
    P4 4.2.223.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
    P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

    Error - 7/22/2013 5:58:19 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1000
    Description = Faulting application vipboxsportsappsinstall94.exe, version 0.0.0.0,
    faulting module nsdialogs.dll, version 0.0.0.0, fault address 0x00001a41.

    Error - 7/22/2013 5:58:23 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1001
    Description = Fault bucket -572205193.

    Error - 8/12/2013 6:40:40 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1000
    Description = Faulting application uninstalldt.exe, version 1.0.2.0, faulting module
    kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.

    Error - 8/12/2013 6:40:54 AM | Computer Name = LWRAKL-2112 | Source = Application Error | ID = 1001
    Description = Fault bucket -882161195.

    Error - 8/12/2013 10:15:08 PM | Computer Name = LWRAKL-2112 | Source = Application Hang | ID = 1002
    Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 8/12/2013 10:15:14 PM | Computer Name = LWRAKL-2112 | Source = Application Hang | ID = 1001
    Description = Fault bucket -816940832.

    [ System Events ]
    Error - 8/12/2013 4:24:30 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 4:44:15 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 10:12:38 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/12/2013 10:12:53 PM | Computer Name = LWRAKL-2112 | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 8/12/2013 10:12:53 PM | Computer Name = LWRAKL-2112 | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 8/13/2013 4:46:02 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/14/2013 5:24:13 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).

    Error - 8/14/2013 7:21:35 PM | Computer Name = LWRAKL-2112 | Source = System Error | ID = 1003
    Description = Error code 1000008e, parameter1 c0000005, parameter2 bf862276, parameter3
    a6d22ae4, parameter4 00000000.

    Error - 8/14/2013 7:39:02 PM | Computer Name = LWRAKL-2112 | Source = System Error | ID = 1003
    Description = Error code 10000050, parameter1 a65b8000, parameter2 00000000, parameter3
    80509a63, parameter4 00000000.

    Error - 8/15/2013 3:47:11 PM | Computer Name = LWRAKL-2112 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.1.2 for the Network Card with network
    address BC5FF4448839 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
    sent a DHCPNACK message).


    < End of report >

  7. #7
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,522
    Points
    563

    Default

    Hi xtrakt,

    Here's part of the problem:

    Drive C: | 200.00 Gb Total Space | 4.90 Gb Free Space | 2.45% Space Free | Partition Type: NTFS

    Windows needs at least 15% of free space to function properly. 20% would be even better. I'm assuming the space is being taken up by torrents and personal files. I'd move those files to an external harddrive or save them to disc to free up some space. At this point, if we need to run any other programs, they may not function properly.

    To see what is taking up all the free space and where those files are located, you might be able to install the following program, but I'm not sure till you at least try:

    Please download and install WinDirStat.
    • Click on the desktop icon to run the program.
    • Click on Individual Drives and then click on C:
    • Click on OK
    • When the pacmen have finished there will be a graphic display of your drive.
    • Place your cursor on the divider line between the text above and the color graph below and drag downwards to expand the upper portion of the resultant image produced.
    • Please create a screen shot and attach or upload the image to your next post so I can have a look
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  8. #8
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

  9. #9
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,522
    Points
    563

    Default

    The majority of the space is being consumed by the .avi, .mkv and .mp4 files. 79% of these files are in Documents and Settings. The E:\ drive. If that is an external drive it would be best if you moved those files there. It has 99.97% of free space.

    You can just open the Documents and Settings folder and right click/copy then go to My Computer > E:\ drive, right click/paste. That alone may prevent a lot of issues that you are experiencing. Not much we can do till those files are moved or removed.

    I don't see any malware in your logs and if I ask you to download any programs to even clean out the temp files it will just create less free space, if they run properly after we get them installed.

    Let me know when you get some of the files moved to free up some space and we can proceed with basic maintenance procedures.

    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  10. #10
    Member
    Join Date
    Feb 2010
    Posts
    126
    Points
    1

    Default

    All done, ready to go ahead with those maintenance tasks

Page 1 of 3 123 LastLast