Random CPU usage spikes, horrible FPS lag in-game

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
2010-01-24 08:21 2166296 ----a-w- c:\program files\Peer2Peer-EN\tbPee1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{DA21BD13-CA22-42E3-A071-98F08F1CA1E7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-11-30 1232896]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Steam"="c:\program files\steam\steam.exe" [2010-08-24 1242448]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BISA.exe"="c:\program files\Bell\Internet Service Advisor\BISA.exe" [2010-01-13 4281584]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-12-04 737280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
backup=c:\windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Felix^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk]
path=c:\users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk
backup=c:\windows\pss\FrostWire On Startup.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 07:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 23:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BellCanada_McciTrayApp]
2010-01-19 15:17 1565696 ----a-w- c:\program files\BellCanada\McciTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-11-29 22:45 135664 ----atw- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-12 01:13 166424 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2008-10-24 13:14 206112 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-03-26 05:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2010-04-21 08:26 1824040 ----a-w- c:\program files\ManyCam 2.4\ManyCam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
2001-08-23 21:52 331830 ----a-w- c:\program files\Microsoft Works\wkssb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 21:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 19:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-02-09 21:14 2937528 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 01:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-07-08 16:31 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-11-30 08:21 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]
2006-11-02 09:45 49664 ----a-w- c:\windows\Speech\Common\sapisvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-08-24 15:45 1242448 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-29 22:56 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2009-03-12 17:53 483422 ----a-w- c:\program files\IDT\WDM\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2009-11-29 20:10 1006264 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
2001-10-06 00:34 24576 ----a-w- c:\program files\Microsoft Works\wkfud.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1746604758-1044917362-344122428-1000]
"EnableNotificationsRef"=dword:00000001

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-03-08 3290184]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-08 691696]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2010-06-23 322608]
S2 ServicepointService;ServicepointService;c:\program files\Bell\Internet Service Advisor\ServicepointService.exe [2010-01-13 689392]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]

.
Contents of the 'Scheduled Tasks' folder

2010-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000Core.job
- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-29 22:45]

2010-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000UA.job
- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-29 22:45]

2010-08-27 c:\windows\Tasks\Norton Security Scan for Felix.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-04-12 05:27]

2010-08-28 c:\windows\Tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=14196&l=dis
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: c:\program files\Bell\Internet Service Advisor\nprpspa.dll
FF - plugin: c:\program files\Common Files\Motive\npMotive.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\users\Felix\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-28 19:38
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-08-28 19:45:20
ComboFix-quarantined-files.txt 2010-08-28 23:45
ComboFix2.txt 2010-08-28 20:33
ComboFix3.txt 2010-08-22 22:32

Pre-Run: 187,632,181,248 bytes free
Post-Run: 187,598,221,312 bytes free

- - End Of File - - 4C7235D46EEBCC3277DE586CC3A7D438

ComboFix 10-08-27.03 - Felix 28/08/2010 20:22:19.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.2.1033.18.2044.979 [GMT -4:00]
Running from: c:\users\Felix\Desktop\ComboFix.exe
Command switches used :: c:\users\Felix\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\users\Felix\AppData\Local\Wkivogo.bin"
"c:\windows\system32\cd.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Felix\AppData\Local\Wkivogo.bin
c:\windows\system32\cd.dat

.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
\\.\PhysicalDrive1 - Bootkit Whistler was found and disinfected
.
((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-29 )))))))))))))))))))))))))))))))
.

2010-08-29 00:30 . 2010-08-29 00:30 -------- d-----w- c:\users\Felix\AppData\Local\temp
2010-08-29 00:30 . 2010-08-29 00:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-29 00:30 . 2010-08-29 00:30 -------- d-----w- c:\users\pizzowned\AppData\Local\temp
2010-08-29 00:30 . 2010-08-29 00:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-29 00:20 . 2010-08-29 00:21 -------- d-----w- C:\32788R22FWJFW
2010-08-25 21:14 . 2010-08-25 21:14 -------- d-----w- c:\users\Felix\AppData\Roaming\LolClient
2010-08-25 20:56 . 2010-08-25 20:56 -------- d-----w- C:\Riot Games
2010-08-24 15:46 . 2010-08-24 15:48 -------- d-----w- c:\program files\Hotspot Shield
2010-08-22 16:15 . 2010-08-22 16:15 -------- d-----w- c:\users\Felix\AppData\Roaming\Avira
2010-08-21 19:19 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-21 19:19 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-21 18:56 . 2010-03-01 14:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-21 18:56 . 2010-02-16 18:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-21 18:56 . 2009-05-11 16:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-21 18:56 . 2009-05-11 16:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-21 18:56 . 2010-08-21 18:56 -------- d-----w- c:\programdata\Avira
2010-08-21 18:56 . 2010-08-21 18:56 -------- d-----w- c:\program files\Avira
2010-08-13 23:06 . 2010-08-13 23:06 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-08-13 22:26 . 2010-08-13 23:06 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-08-13 22:26 . 2010-08-17 17:14 -------- d-----w- c:\program files\StarCraft II
2010-08-07 05:57 . 2010-08-07 05:57 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-08-07 05:54 . 2007-08-28 09:05 55808 ----a-w- c:\windows\system32\drivers\xusb21.sys
2010-08-04 20:57 . 2006-06-19 17:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-08-04 20:57 . 2006-05-25 19:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-08-04 20:57 . 2005-08-26 05:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-08-04 20:57 . 2003-02-03 00:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-08-04 20:57 . 2002-03-06 05:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-08-04 20:57 . 2010-08-04 20:57 -------- d-----w- c:\program files\Trojan Remover
2010-08-04 20:57 . 2010-08-04 20:57 -------- d-----w- c:\users\Felix\AppData\Roaming\Simply Super Software
2010-08-04 20:57 . 2010-08-04 20:57 -------- d-----w- c:\programdata\Simply Super Software
2010-08-02 23:04 . 2010-08-02 23:04 -------- d-----w- c:\users\Felix\AppData\Roaming\Malwarebytes
2010-08-02 22:57 . 2010-08-21 19:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-02 22:57 . 2010-08-02 22:57 -------- d-----w- c:\programdata\Malwarebytes
2010-08-01 19:01 . 2010-01-12 01:00 4332136 ----a-w- c:\windows\system32\NVStWiz.exe
2010-08-01 18:57 . 2010-08-01 18:58 680 ----a-w- c:\users\Felix\AppData\Local\d3d9caps.dat
2010-07-30 22:14 . 2010-07-30 22:14 -------- d-----w- c:\users\Felix\AppData\Roaming\2K Sports
2010-07-30 21:55 . 2010-07-30 21:55 -------- d-----w- c:\program files\2K Sports
2010-07-30 18:20 . 2010-07-30 18:20 -------- d-----w- c:\programdata\KONAMI
2010-07-30 18:20 . 2010-07-30 18:20 -------- d-----w- c:\program files\KONAMI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-28 23:48 . 2010-04-15 17:49 -------- d-----w- c:\users\Felix\AppData\Roaming\foobar2000
2010-08-28 20:11 . 2010-08-01 19:04 34895 ----a-w- c:\programdata\nvModes.dat
2010-08-28 01:14 . 2010-02-04 04:43 -------- d-----w- c:\program files\Steam
2010-08-26 15:37 . 2010-08-28 15:44 1364346 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aescript.dll
2010-08-26 15:37 . 2010-08-28 15:44 2867574 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aeheur.dll
2010-08-26 15:36 . 2010-08-28 15:44 242038 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aehelp.dll
2010-08-26 15:36 . 2010-08-28 15:44 397684 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aegen.dll
2010-08-25 20:56 . 2009-11-29 17:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-25 20:17 . 2010-02-09 21:15 -------- d-----w- c:\programdata\PMB Files
2010-08-22 19:37 . 2010-01-30 05:53 -------- d-----w- c:\users\Felix\AppData\Roaming\FrostWire
2010-08-21 18:59 . 2010-08-28 15:44 254324 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aesbx.dll
2010-08-21 18:59 . 2010-08-28 15:44 106868 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aevdf.dll
2010-08-21 18:59 . 2010-08-28 15:44 614772 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aerdl.dll
2010-08-21 18:59 . 2010-08-28 15:44 127347 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aescn.dll
2010-08-21 18:59 . 2010-08-28 15:44 471412 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aepack.dll
2010-08-21 18:59 . 2010-08-28 15:44 201081 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aeoffice.dll
2010-08-21 18:59 . 2010-08-28 15:44 393588 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aeemu.dll
2010-08-21 18:59 . 2010-08-28 15:44 53618 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aebb.dll
2010-08-21 18:59 . 2010-08-28 15:44 192887 ----a-w- c:\programdata\Avira\AntiVir Desktop\TEMP\UPDATE\VALIDATION\aecore.dll
2010-08-20 14:36 . 2010-07-17 18:47 -------- d-----w- c:\program files\JDownloader
2010-08-13 22:54 . 2010-06-09 15:37 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-08-11 18:17 . 2009-11-30 19:52 -------- d-----w- c:\users\Felix\AppData\Roaming\Azureus
2010-08-07 05:55 . 2010-08-07 05:55 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf
2010-08-01 19:04 . 2010-02-05 16:24 -------- d-----w- c:\programdata\NVIDIA
2010-08-01 19:01 . 2009-11-29 22:28 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-01 19:00 . 2010-02-05 16:22 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-29 21:37 . 2010-07-29 21:37 -------- d-----w- c:\users\Felix\AppData\Roaming\Softplicity
2010-07-29 21:37 . 2010-07-29 21:37 -------- d-----w- c:\program files\TotalAudioConverter
2010-07-27 22:32 . 2010-07-27 22:32 117552 ----a-w- c:\users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-27 22:32 . 2010-07-27 22:32 -------- d-----w- c:\users\Felix\AppData\Roaming\ManyCam
2010-07-27 22:29 . 2010-04-09 23:30 -------- d-----w- c:\programdata\Bell
2010-07-27 22:27 . 2010-04-18 19:34 -------- d-----w- c:\users\pizzowned\AppData\Roaming\Bell
2010-07-27 22:27 . 2010-04-09 23:30 -------- d-----w- c:\users\Felix\AppData\Roaming\Bell
2010-07-27 22:27 . 2010-04-09 23:30 -------- d-----w- c:\program files\Bell
2010-07-26 19:17 . 2010-07-19 19:40 -------- d-----w- c:\program files\AC3Filter
2010-07-26 19:15 . 2010-07-26 19:15 -------- d-----w- c:\program files\MediaInfo
2010-07-26 19:06 . 2010-05-03 18:27 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-26 19:06 . 2010-05-03 18:21 -------- d-----w- c:\programdata\DivX
2010-07-26 19:06 . 2010-07-26 19:06 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-26 19:06 . 2009-11-29 22:54 -------- d-----w- c:\program files\DivX
2010-07-26 19:06 . 2010-07-26 19:06 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-07-26 19:06 . 2010-07-26 19:06 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-26 19:06 . 2010-07-26 19:06 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-07-26 19:06 . 2010-07-26 19:06 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-07-26 19:05 . 2010-07-26 19:05 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-26 19:04 . 2010-07-26 19:04 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-26 19:04 . 2010-05-03 18:23 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-07-26 19:04 . 2010-05-03 18:23 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-20 21:57 . 2010-06-04 15:19 -------- d-----w- c:\users\Felix\AppData\Roaming\HLSW
2010-07-19 20:17 . 2010-07-19 20:17 -------- d-----w- c:\users\Felix\AppData\Roaming\Ubisoft
2010-07-19 20:17 . 2010-07-19 20:17 -------- d-----w- c:\programdata\Ubisoft
2010-07-19 20:11 . 2010-07-19 19:58 -------- d-----w- c:\program files\Ubisoft
2010-07-16 21:51 . 2010-04-11 00:57 -------- d-----w- c:\program files\Full Tilt Poker
2010-07-12 18:24 . 2010-07-12 18:24 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-07-12 18:24 . 2010-07-12 18:24 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-07-09 20:48 . 2009-11-29 19:56 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-08 03:03 . 2010-07-08 03:03 -------- d-----w- c:\users\pizzowned\AppData\Roaming\DivX
2010-06-30 16:02 . 2009-12-09 18:19 -------- d-----w- c:\program files\PokerStars
2010-06-28 03:15 . 2010-04-17 15:01 256 ----a-w- c:\windows\system32\pool.bin
2010-06-23 02:48 . 2010-06-23 02:48 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2010-06-16 20:33 . 2010-06-16 20:33 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-06-01 17:37 . 2009-11-29 16:28 221568 ------w- c:\windows\system32\MpSigStub.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Felix\AppData\Roaming\HLSW ----

2010-06-04 16:48 . 2010-06-04 16:48 123 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\ipspace.dat
2010-06-04 16:48 . 2010-06-04 16:48 2 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\filter.dat
2010-06-04 16:48 . 2010-06-04 16:48 46 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\plugin_Simple FTP Client.cfg
2010-06-04 16:48 . 2010-06-04 16:48 46 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\plugin_Call of Duty Configuration Plugin.cfg
2010-06-04 16:48 . 2010-06-04 16:48 48 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\plugin_Multi Messenger Plugin.cfg
2010-06-04 15:22 . 2010-06-04 15:22 89 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\connect.log
2010-06-04 15:20 . 2010-06-04 16:48 8 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\wonid.db7
2010-06-04 15:20 . 2010-06-04 15:20 0 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\wonid.db7.backup
2010-06-04 15:20 . 2010-06-04 16:48 2100 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\serverlist.sl32
2010-06-04 15:20 . 2010-06-04 15:22 2101 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\serverlist.sl32.backup
2010-06-04 15:20 . 2010-06-04 15:20 0 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\filesmoved.dat
2010-06-04 15:20 . 2010-06-04 16:48 26565 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\debug.log
2010-06-04 15:19 . 2010-06-04 15:22 904 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\lan.sl32.backup
2010-06-04 15:19 . 2010-06-04 15:22 18650 ----a-w- c:\users\Felix\AppData\Roaming\HLSW\hlsw.sl32.backup


((((((((((((((((((((((((((((( SnapShot@2010-08-22_22.29.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:05 . 2010-08-24 15:48 63290 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2010-08-28 15:44 65536 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2010-08-22 22:15 65536 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2010-08-22 22:15 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:02 . 2010-08-28 15:44 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-01 08:47 . 2010-08-24 22:24 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-01 08:47 . 2010-08-19 22:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-01 08:47 . 2010-08-19 22:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-01 08:47 . 2010-08-24 22:24 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-01 08:47 . 2010-08-19 22:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-01 08:47 . 2010-08-24 22:24 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-29 22:20 . 2010-08-24 15:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-29 22:20 . 2010-08-22 22:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-29 22:20 . 2010-08-22 22:06 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-29 22:20 . 2010-08-24 15:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-29 22:20 . 2010-08-22 22:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-29 22:20 . 2010-08-24 15:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 10:25 . 2010-08-07 05:54 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2010-08-24 15:48 86016 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2010-08-07 05:54 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2010-08-24 15:48 51200 c:\windows\inf\infpub.dat
+ 2009-11-28 23:34 . 2010-08-24 15:48 9606 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1746604758-1044917362-344122428-1000_UserData.bin
+ 2010-08-22 22:14 . 2010-08-24 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-08-22 22:14 . 2010-08-22 22:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-08-22 22:14 . 2010-08-22 22:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-08-22 22:14 . 2010-08-24 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2010-08-22 22:22 625810 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-08-24 15:50 625810 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-08-24 15:50 108966 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2010-08-22 22:22 108966 c:\windows\System32\perfc009.dat
- 2010-08-21 19:17 . 2010-08-22 22:15 458752 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-21 19:17 . 2010-08-28 15:44 458752 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-25 21:00 . 2010-08-25 21:00 216576 c:\windows\Installer\65162bd.msi
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
2010-01-24 08:21 2166296 ----a-w- c:\program files\Peer2Peer-EN\tbPee1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{DA21BD13-CA22-42E3-A071-98F08F1CA1E7}"= "c:\program files\Peer2Peer-EN\tbPee1.dll" [2010-01-24 2166296]

[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-11-30 1232896]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Steam"="c:\program files\steam\steam.exe" [2010-08-24 1242448]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BISA.exe"="c:\program files\Bell\Internet Service Advisor\BISA.exe" [2010-01-13 4281584]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2010-03-11 648536]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-12-04 737280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
backup=c:\windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Felix^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk]
path=c:\users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk
backup=c:\windows\pss\FrostWire On Startup.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 07:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-02-17 23:37 177472 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BellCanada_McciTrayApp]
2010-01-19 15:17 1565696 ----a-w- c:\program files\BellCanada\McciTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-11-29 22:45 135664 ----atw- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-12 01:13 166424 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2008-10-24 13:14 206112 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-03-26 05:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2010-04-21 08:26 1824040 ----a-w- c:\program files\ManyCam 2.4\ManyCam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
2001-08-23 21:52 331830 ----a-w- c:\program files\Microsoft Works\wkssb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 21:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 19:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2010-02-09 21:14 2937528 ----a-w- c:\program files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 01:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-07-08 16:31 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-11-30 08:21 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Speech Recognition]
2006-11-02 09:45 49664 ----a-w- c:\windows\Speech\Common\sapisvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-08-24 15:45 1242448 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-29 22:56 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2009-03-12 17:53 483422 ----a-w- c:\program files\IDT\WDM\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2009-11-29 20:10 1006264 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
2001-10-06 00:34 24576 ----a-w- c:\program files\Microsoft Works\wkfud.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1746604758-1044917362-344122428-1000]
"EnableNotificationsRef"=dword:00000001

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-03-08 3290184]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-08 691696]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2010-06-23 322608]
S2 ServicepointService;ServicepointService;c:\program files\Bell\Internet Service Advisor\ServicepointService.exe [2010-01-13 689392]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]

.
Contents of the 'Scheduled Tasks' folder

2010-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000Core.job
- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-29 22:45]

2010-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000UA.job
- c:\users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-29 22:45]

2010-08-28 c:\windows\Tasks\Norton Security Scan for Felix.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-04-12 05:27]

2010-08-28 c:\windows\Tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=14196&l=dis
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: c:\program files\Bell\Internet Service Advisor\nprpspa.dll
FF - plugin: c:\program files\Common Files\Motive\npMotive.dll
FF - plugin: c:\program files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\users\Felix\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-28 20:30
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-08-28 20:36:42
ComboFix-quarantined-files.txt 2010-08-29 00:36
ComboFix2.txt 2010-08-28 23:45
ComboFix3.txt 2010-08-28 20:33
ComboFix4.txt 2010-08-22 22:32

Pre-Run: 187,633,471,488 bytes free
Post-Run: 187,591,397,376 bytes free

- - End Of File - - 9C98C7A4171F4BBCE12E6A305A3155EC

Oh most definitely muchhhhh better. The "laggy" feel is gone and its feels like its running a lot smoother. I'm pretty sure the random cpu spikes are also gone.. Obviously thanks to your very helpful step-by-step process!

MBAM log(finally a good one!):

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4497

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

28/08/2010 9:12:00 PM
mbam-log-2010-08-28 (21-12-00).txt

Scan type: Quick scan
Objects scanned: 152148
Time elapsed: 6 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OTL log:

OTL logfile created on: 28/08/2010 9:17:01 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Felix\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 174.77 Gb Free Space | 37.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FELIX-PC
Current User Name: Felix
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
PRC - [2010/07/26 20:00:06 | 000,247,808 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2010/07/26 18:41:12 | 000,107,568 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
PRC - [2010/06/22 22:48:08 | 000,322,608 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2010/06/22 22:48:00 | 000,348,208 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2010/03/02 11:28:32 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/02/09 17:14:53 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/12 21:49:36 | 000,689,392 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe
PRC - [2009/12/03 20:28:05 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/11/29 15:42:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe
PRC - [2006/11/02 05:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe


========== Modules (SafeList) ==========

MOD - [2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
MOD - [2006/11/02 05:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/26 20:00:06 | 000,247,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2010/07/26 18:41:20 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2010/06/22 22:48:08 | 000,322,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2010/06/22 22:48:00 | 000,348,208 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2010/04/01 13:33:20 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/08 13:33:00 | 003,290,184 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/02/24 10:28:10 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/12 21:49:36 | 000,689,392 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe -- (ServicepointService)
SRV - [2009/11/29 16:10:41 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/03/12 13:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Felix\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/06/22 22:48:00 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010/06/16 16:33:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010/03/01 10:05:26 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:02 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/07 22:34:29 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/01/19 11:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/01/19 11:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/01/12 00:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/06/17 12:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 12:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 12:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/05/11 10:12:50 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/12 13:53:46 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/02/11 20:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/14 06:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/08/28 05:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 03:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2006/11/02 03:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2002/10/01 16:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPCA561.SYS -- (CA561)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/31 19:28:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/27 17:47:13 | 000,000,000 | ---D | M]

[2009/11/29 19:52:28 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Extensions
[2010/08/28 07:36:40 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions
[2009/12/01 09:01:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 12:02:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\extensions\firefox@tvunetworks.com
[2010/01/30 02:36:47 | 000,002,425 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\searchplugins\askcom.xml
[2010/04/12 01:37:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/09 17:14:51 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/08/28 20:30:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-EN Toolbar) - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Shareware.Pro-EN Toolbar) - {DA21BD13-CA22-42E3-A071-98F08F1CA1E7} - C:\Program Files\Peer2Peer-EN\tbPee1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Felix\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - MSH263.DRV File not found
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/08/28 21:12:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
[2010/08/28 20:36:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/28 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/28 20:36:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\temp
[2010/08/28 20:21:10 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/28 20:20:48 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/25 17:14:46 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\LolClient
[2010/08/25 16:56:01 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/08/24 11:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hotspot Shield
[2010/08/22 17:42:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/22 17:42:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/22 17:42:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/22 17:42:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/22 17:42:02 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/22 17:36:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/22 12:15:16 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Avira
[2010/08/21 15:19:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/21 15:19:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/21 14:56:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/08/21 14:56:52 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/08/21 14:56:52 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/08/21 14:56:52 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/08/21 14:56:51 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/08/21 14:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/08/21 14:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/08/13 18:26:18 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\StarCraft II
[2010/08/13 18:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010/08/13 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2010/08/07 01:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/08/04 16:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/08/04 16:57:47 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Simply Super Software
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Simply Super Software
[2010/08/04 16:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/08/02 19:04:33 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes
[2010/08/02 18:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/02 18:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/30 18:14:30 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\2K Sports
[2010/07/30 17:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\2K Sports
[2010/07/30 14:31:37 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\KONAMI
[2010/07/30 14:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2010/07/30 14:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010/07/29 17:37:55 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Softplicity
[2010/07/29 17:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\TotalAudioConverter
[2010/07/29 00:42:50 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\My pics
[2010/07/27 18:32:41 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\ManyCam
[2010/07/26 15:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2010/07/19 16:17:51 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Ubisoft
[2010/07/19 16:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010/07/19 15:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/07/19 15:46:24 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Gamessss
[2010/07/19 15:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2010/07/19 15:27:10 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\Movies
[2010/07/17 20:12:49 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\WinRAR
[2010/07/17 14:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2010/07/12 13:54:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\_tmp
[2010/07/02 15:02:48 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2010/06/22 22:48:00 | 000,037,376 | ---- | C] (AnchorFree Inc.) -- C:\Windows\System32\drivers\HssDrv.sys
[2010/06/17 17:58:45 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010/06/16 16:33:40 | 000,032,768 | ---- | C] (AnchorFree Inc) -- C:\Windows\System32\drivers\taphss.sys
[2010/06/09 16:09:54 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\D2LOD-1.12A-enUS
[2010/06/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\D2-1.12A-enUS
[2010/06/09 11:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/06/07 12:45:41 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Blizzard Entertainment
[2010/06/07 12:42:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010/06/04 11:19:27 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\HLSW

========== Files - Modified Within 90 Days ==========

[2010/08/28 21:17:16 | 004,980,736 | -HS- | M] () -- C:\Users\Felix\ntuser.dat
[2010/08/28 21:12:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Felix\Desktop\OTL.exe
[2010/08/28 21:07:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000UA.job
[2010/08/28 21:05:22 | 000,005,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 21:05:22 | 000,005,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 20:30:40 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/28 20:30:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/28 19:59:24 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Felix.job
[2010/08/28 19:13:14 | 003,830,469 | R--- | M] () -- C:\Users\Felix\Desktop\ComboFix.exe
[2010/08/28 16:11:50 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/28 16:11:45 | 000,034,895 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/28 08:07:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1746604758-1044917362-344122428-1000Core.job
[2010/08/28 00:25:45 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/28 00:13:20 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job
[2010/08/25 17:01:00 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/08/24 11:50:48 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2010/08/24 11:50:01 | 000,720,952 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/24 11:50:01 | 000,625,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/24 11:50:01 | 000,108,966 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/24 11:44:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/24 11:44:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/24 11:44:50 | 2144,350,208 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/24 11:42:38 | 005,540,368 | ---- | M] () -- C:\Users\Felix\Desktop\HSS-1.49-install-anchorfree-243-ask3.exe
[2010/08/22 18:04:22 | 002,666,522 | -H-- | M] () -- C:\Users\Felix\AppData\Local\IconCache.db
[2010/08/22 17:41:22 | 157,829,830 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/21 23:01:24 | 000,001,394 | ---- | M] () -- C:\Users\Felix\Desktop\DivX Movies (2).lnk
[2010/08/21 23:01:24 | 000,000,890 | ---- | M] () -- C:\Users\Felix\Desktop\StarCraft II.lnk
[2010/08/21 23:01:24 | 000,000,837 | ---- | M] () -- C:\Users\Felix\Desktop\AudioConverter (2).lnk
[2010/08/21 23:01:24 | 000,000,457 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 3 - Shortcut.lnk
[2010/08/21 18:02:56 | 000,012,055 | ---- | M] () -- C:\Users\Felix\Documents\Coverletter.docx
[2010/08/21 15:19:31 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/21 14:57:16 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/08/21 06:07:49 | 000,002,042 | ---- | M] () -- C:\Users\Felix\Desktop\Google Chrome.lnk
[2010/08/15 10:23:36 | 000,007,680 | ---- | M] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/13 18:54:52 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/08/07 14:21:39 | 000,103,139 | ---- | M] () -- C:\Users\Felix\theboys.jpg
[2010/08/07 01:55:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01005.Wdf
[2010/08/04 16:57:30 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/08/02 19:57:53 | 000,000,050 | ---- | M] () -- C:\Windows\wininit.ini
[2010/08/01 14:58:03 | 000,000,680 | ---- | M] () -- C:\Users\Felix\AppData\Local\d3d9caps.dat
[2010/07/30 18:12:55 | 000,000,951 | ---- | M] () -- C:\Users\Felix\Desktop\MLB 2K10.lnk
[2010/07/30 14:41:55 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010/07/29 17:37:46 | 000,000,837 | ---- | M] () -- C:\Users\Felix\Desktop\AudioConverter.lnk
[2010/07/27 18:32:48 | 000,117,552 | ---- | M] () -- C:\Users\Felix\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/27 00:07:33 | 000,025,367 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 8,9,10,11.docx
[2010/07/26 15:06:43 | 000,001,394 | ---- | M] () -- C:\Users\Felix\Desktop\DivX Movies.lnk
[2010/07/26 15:06:14 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/07/26 15:06:05 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/07/21 08:29:18 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.2.regtrans-ms
[2010/07/21 08:29:18 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.1.regtrans-ms
[2010/07/21 08:29:17 | 001,048,576 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.0.regtrans-ms
[2010/07/21 08:29:17 | 000,065,536 | -HS- | M] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.blf
[2010/07/21 08:02:21 | 000,012,092 | ---- | M] () -- C:\Users\Felix\Documents\Bibliography.docx
[2010/07/20 19:03:59 | 000,001,059 | ---- | M] () -- C:\Users\Felix\Desktop\AssassinsCreed II.lnk
[2010/07/20 16:37:56 | 000,016,164 | ---- | M] () -- C:\Users\Felix\Documents\Gay marriage.docx
[2010/07/17 14:47:50 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010/07/17 12:42:07 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/16 07:46:57 | 000,024,621 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 6 and 7.docx
[2010/07/15 23:22:41 | 000,011,961 | ---- | M] () -- C:\Users\Felix\Documents\Killing Ground.docx
[2010/07/15 22:32:34 | 000,012,370 | ---- | M] () -- C:\Users\Felix\Documents\Cinderella Man.docx
[2010/07/12 23:09:46 | 000,014,826 | ---- | M] () -- C:\Users\Felix\Documents\Chapter 3.docx
[2010/07/11 01:59:59 | 000,014,229 | ---- | M] () -- C:\Users\Felix\Documents\Belen Echegaray resume.docx
[2010/06/28 10:25:06 | 000,000,804 | ---- | M] () -- C:\Users\Felix\Desktop\Steam.lnk
[2010/06/27 23:15:33 | 000,000,256 | ---- | M] () -- C:\Windows\System32\pool.bin
[2010/06/27 23:14:27 | 001,099,180 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 3.jpg
[2010/06/27 23:13:32 | 000,941,463 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo 2.jpg
[2010/06/27 21:29:12 | 001,764,681 | ---- | M] () -- C:\Users\Felix\Desktop\todo equipo.jpg
[2010/06/22 22:48:00 | 000,037,376 | ---- | M] (AnchorFree Inc.) -- C:\Windows\System32\drivers\HssDrv.sys
[2010/06/16 16:33:40 | 000,032,768 | ---- | M] (AnchorFree Inc) -- C:\Windows\System32\drivers\taphss.sys
[2010/06/16 01:59:29 | 000,853,499 | ---- | M] () -- C:\Users\Felix\Documents\english thinnggggg pics.docx
[2010/06/16 01:59:15 | 000,011,606 | ---- | M] () -- C:\Users\Felix\Documents\Depression.docx
[2010/06/16 01:34:01 | 000,015,376 | ---- | M] () -- C:\Users\Felix\Documents\Role Scoring.docx
[2010/06/15 21:42:10 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/06/14 13:13:15 | 000,036,864 | ---- | M] () -- C:\Users\Felix\Documents\FelixAlbertoResume..doc
[2010/06/09 10:20:10 | 000,241,778 | ---- | M] () -- C:\Users\Felix\Documents\law cpt.docx
[2010/06/04 12:04:36 | 000,000,782 | ---- | M] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Ventrilo.lnk
[2010/06/04 00:52:00 | 004,975,311 | ---- | M] () -- C:\Users\Felix\Desktop\Por Amor (dirty).mp3
[2010/06/03 22:34:01 | 000,011,570 | ---- | M] () -- C:\Users\Felix\Documents\Letter to craig.docx
[2010/06/03 21:47:49 | 000,017,114 | ---- | M] () -- C:\Users\Felix\Documents\Religion CPT part 2.docx
[2010/05/31 21:38:10 | 000,000,932 | ---- | M] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (4).lnk

========== Files Created - No Company Name ==========

[2010/08/28 19:13:05 | 003,830,469 | R--- | C] () -- C:\Users\Felix\Desktop\ComboFix.exe
[2010/08/25 17:01:00 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/08/24 11:50:48 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2010/08/24 11:42:24 | 005,540,368 | ---- | C] () -- C:\Users\Felix\Desktop\HSS-1.49-install-anchorfree-243-ask3.exe
[2010/08/22 17:42:18 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/22 17:42:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/22 17:42:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/22 17:42:18 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/22 17:42:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/21 23:01:24 | 000,001,394 | ---- | C] () -- C:\Users\Felix\Desktop\DivX Movies (2).lnk
[2010/08/21 23:01:24 | 000,000,890 | ---- | C] () -- C:\Users\Felix\Desktop\StarCraft II.lnk
[2010/08/21 23:01:24 | 000,000,837 | ---- | C] () -- C:\Users\Felix\Desktop\AudioConverter (2).lnk
[2010/08/21 23:01:24 | 000,000,457 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 3 - Shortcut.lnk
[2010/08/21 18:02:55 | 000,012,055 | ---- | C] () -- C:\Users\Felix\Documents\Coverletter.docx
[2010/08/21 16:03:51 | 2144,350,208 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/21 15:19:31 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/21 14:57:16 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/08/13 18:26:18 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/08/07 14:21:38 | 000,103,139 | ---- | C] () -- C:\Users\Felix\theboys.jpg
[2010/08/07 01:55:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01005.Wdf
[2010/08/04 16:57:30 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/08/04 16:57:27 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/08/04 16:57:27 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/08/04 16:57:27 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/08/04 16:57:27 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/08/02 18:39:36 | 000,000,050 | ---- | C] () -- C:\Windows\wininit.ini
[2010/08/01 15:04:40 | 000,034,895 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/08/01 15:04:40 | 000,034,895 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/08/01 14:57:25 | 000,000,680 | ---- | C] () -- C:\Users\Felix\AppData\Local\d3d9caps.dat
[2010/07/30 18:12:55 | 000,000,951 | ---- | C] () -- C:\Users\Felix\Desktop\MLB 2K10.lnk
[2010/07/30 14:41:55 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010/07/29 17:37:46 | 000,000,837 | ---- | C] () -- C:\Users\Felix\Desktop\AudioConverter.lnk
[2010/07/28 20:41:30 | 000,007,680 | ---- | C] () -- C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/26 15:17:02 | 000,497,664 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
[2010/07/24 16:47:44 | 000,025,367 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 8,9,10,11.docx
[2010/07/21 08:29:18 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.2.regtrans-ms
[2010/07/21 08:29:18 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.1.regtrans-ms
[2010/07/21 08:29:17 | 001,048,576 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.0.regtrans-ms
[2010/07/21 08:29:17 | 000,065,536 | -HS- | C] () -- C:\Users\Felix\ntuser.dat{fa87bba6-20c4-11df-954e-0019d157ee1e}.TxR.blf
[2010/07/21 08:02:20 | 000,012,092 | ---- | C] () -- C:\Users\Felix\Documents\Bibliography.docx
[2010/07/20 19:03:59 | 000,001,059 | ---- | C] () -- C:\Users\Felix\Desktop\AssassinsCreed II.lnk
[2010/07/17 14:47:50 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010/07/16 21:57:19 | 004,975,311 | ---- | C] () -- C:\Users\Felix\Desktop\Por Amor (dirty).mp3
[2010/07/16 07:49:31 | 000,016,164 | ---- | C] () -- C:\Users\Felix\Documents\Gay marriage.docx
[2010/07/16 07:46:57 | 000,024,621 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 6 and 7.docx
[2010/07/15 23:22:40 | 000,011,961 | ---- | C] () -- C:\Users\Felix\Documents\Killing Ground.docx
[2010/07/15 22:32:33 | 000,012,370 | ---- | C] () -- C:\Users\Felix\Documents\Cinderella Man.docx
[2010/07/12 23:09:45 | 000,014,826 | ---- | C] () -- C:\Users\Felix\Documents\Chapter 3.docx
[2010/07/11 01:53:58 | 000,014,229 | ---- | C] () -- C:\Users\Felix\Documents\Belen Echegaray resume.docx
[2010/06/28 10:25:06 | 000,000,804 | ---- | C] () -- C:\Users\Felix\Desktop\Steam.lnk
[2010/06/27 23:14:26 | 001,099,180 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 3.jpg
[2010/06/27 23:13:31 | 000,941,463 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo 2.jpg
[2010/06/27 21:29:11 | 001,764,681 | ---- | C] () -- C:\Users\Felix\Desktop\todo equipo.jpg
[2010/06/16 01:59:15 | 000,011,606 | ---- | C] () -- C:\Users\Felix\Documents\Depression.docx
[2010/06/16 01:52:24 | 000,853,499 | ---- | C] () -- C:\Users\Felix\Documents\english thinnggggg pics.docx
[2010/06/16 01:33:59 | 000,015,376 | ---- | C] () -- C:\Users\Felix\Documents\Role Scoring.docx
[2010/06/15 21:42:10 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/06/08 17:09:24 | 000,241,778 | ---- | C] () -- C:\Users\Felix\Documents\law cpt.docx
[2010/06/03 22:34:00 | 000,011,570 | ---- | C] () -- C:\Users\Felix\Documents\Letter to craig.docx
[2010/06/03 21:36:07 | 000,017,114 | ---- | C] () -- C:\Users\Felix\Documents\Religion CPT part 2.docx
[2010/05/31 21:38:10 | 000,000,932 | ---- | C] () -- C:\Users\Felix\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (4).lnk
[2010/04/17 13:01:04 | 000,000,969 | ---- | C] () -- C:\Users\Felix\AppData\Roaming\BBMS_EXCEPTION.txt
[2009/11/30 22:24:11 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/11/30 18:48:27 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/29 18:29:10 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/07/30 18:14:30 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\2K Sports
[2010/08/11 14:17:07 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Azureus
[2010/07/27 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Bell
[2010/02/12 23:20:40 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\DAEMON Tools Lite
[2010/08/28 19:48:46 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\foobar2000
[2010/08/22 15:37:39 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\FrostWire
[2010/07/20 17:57:41 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\HLSW
[2010/02/25 13:05:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Leadertech
[2010/08/25 17:14:46 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient
[2010/02/15 01:32:58 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/07/27 18:32:41 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\ManyCam
[2010/04/17 12:57:21 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Research In Motion
[2010/08/04 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Simply Super Software
[2010/07/29 17:37:55 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Softplicity
[2010/05/28 15:17:30 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\SystemRequirementsLab
[2010/07/19 16:17:51 | 000,000,000 | ---D | M] -- C:\Users\Felix\AppData\Roaming\Ubisoft
[2010/08/22 18:13:56 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/28 00:13:20 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1AAA177D-1F84-4B11-9163-6DDC448CB382}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/06/09 17:12:11 | 000,000,000 | ---- | M] () -- C:\BnetLog.txt
[2006/11/02 05:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2009/11/28 22:20:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/08/28 20:36:42 | 000,033,999 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/03/10 21:20:52 | 000,799,352 | ---- | M] () -- C:\D2XP_IX86_112a_113c.mpq
[2010/08/24 11:44:50 | 2144,350,208 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/30 18:00:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/12/30 18:00:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/24 11:44:48 | 2458,341,376 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >


< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 05:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/11/30 04:24:58 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/11/29 15:04:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2006/11/02 05:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 05:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Felix\Documents\FelixAlbertoResume..doc:Roxio EMC Stream
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >


Extras log:

OTL Extras logfile created on: 28/08/2010 9:17:01 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Felix\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 174.77 Gb Free Space | 37.52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FELIX-PC
Current User Name: Felix
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 File not found
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome File not found
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 File not found
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1746604758-1044917362-344122428-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4669E9C5-AD75-46DB-AAF5-4E990486FD5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{68F5D613-4DF4-442A-973C-9C91A9CC2AFB}" = lport=8375 | protocol=17 | dir=in | name=league of legends launcher |
"{9ABBB351-4F89-4231-BAC8-9D94D5AC3DFC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AD6E82B0-7FC1-44D7-A9E0-93AD482E8ECE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C769CE51-FCFB-4BE8-99E0-4FDA0F33C5D3}" = lport=8375 | protocol=6 | dir=in | name=league of legends launcher |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F0B99B5-057D-4C98-8A4B-47EB954D62A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10B7A7A7-9AC2-4E07-9DF0-A6264F7185BA}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{120DEE6D-9107-4835-852E-967640276C81}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{137123F0-37DF-43F8-881B-5BB19310067F}" = protocol=17 | dir=in | app=c:\users\felix\desktop\zsnesw\crack\pes2010.exe |
"{1423D5AD-7B01-4F2D-8C89-51A3B7751F70}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{150FAA0C-2C71-431C-93E1-6CD77D8DCD59}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
"{16F519F8-3735-4321-8610-E8D8BA7988BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\day of defeat source\hl2.exe |
"{2800C5D4-B600-49D6-9158-3344A34C86D7}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{296DD1E6-3068-4451-9443-EF40706CE1CB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2B8C9CF7-DE12-4DD2-9E50-D632C69DD87F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{40CD944E-0AF7-4814-9796-6F7DDD97C8D8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{41DB3967-FFBC-42FC-A00C-9496D3AB1B22}" = protocol=17 | dir=in | app=c:\program files\bell\internet service advisor\servicepointservice.exe |
"{48DE015D-503A-4955-B94E-EE0C94CCA1E1}" = protocol=17 | dir=in | app=c:\users\felix\desktop\pes2010.exe |
"{4A53C985-0418-421C-9D6C-ADC62F6EC389}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{507AF79D-5C18-4CC3-AE8D-061235C68519}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{55593FDD-15EB-4AD3-A2FF-83A54757227E}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{587581A0-F45C-4701-AB47-9EAE57AAD4F8}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{5D994136-EDAC-4640-BFEF-ABDAF56F1C41}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6025797F-0A0C-4987-812B-23219067B926}" = protocol=6 | dir=in | app=c:\gpotato.com\allods online\bin\launcher.exe |
"{6E0869B2-AED9-46A6-969C-71076E5267D0}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{72E850B3-49DE-49E3-9522-6D2AFEF99A27}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{7A6A9571-54C8-4B61-9CFB-4FBCAFE07909}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{7E1AC1B2-311B-48DB-88F1-8E9748E8E7F5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike\hl.exe |
"{83D0EC07-B785-43CD-9DBB-C56E1C80ACB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8686168B-1146-42A7-867E-36C788522124}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{87859A44-6E15-4C0A-89E8-27E0A6A54496}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{8D3EAADF-9832-40F1-973A-1D592F562441}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8DA4C7F7-78B5-4A1E-8A13-FF5B3FE28897}" = protocol=6 | dir=in | app=c:\program files\bell\internet service advisor\servicepointservice.exe |
"{9F89AB77-EFF0-4283-91DA-5BF52D55E1C3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\day of defeat source\hl2.exe |
"{A244CDAD-5506-438C-9AE2-52A18DFB8DD8}" = protocol=6 | dir=in | app=c:\users\felix\desktop\zsnesw\crack\pes2010.exe |
"{A9D8901C-2229-495F-8B80-E0B4C5F9C98C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{ABE19D81-0F42-4F71-AE2C-91474F61157E}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{AC37425D-FDF1-4216-8D8C-A5507F02BB53}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C0DFA2BE-09B6-4E5A-8E43-F6DC94B3B1D7}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{C82C80BB-32CB-4BD7-9D09-8A5EEC70AD93}" = protocol=17 | dir=in | app=c:\users\felix\kitserver2010\pes2010.exe |
"{D20E433A-0445-437B-99B4-3B7B720B897B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike\hl.exe |
"{D4D99F58-951F-43DC-8B6C-FF391D269C7D}" = protocol=6 | dir=in | app=c:\users\felix\desktop\pes2010.exe |
"{DB135F3E-BECC-4BB4-B295-DD04A3941C39}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\config.exe |
"{E441F1D7-819B-4B99-9A34-1DFA1012D1A3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB6DCAE7-932F-47FA-BDF2-E4FE9C882973}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{EBF7D565-BEE6-4D45-8158-E4B3F7909A84}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike source\hl2.exe |
"{F0A172BB-4A99-44F6-B85D-34ECB26596F5}" = protocol=17 | dir=in | app=c:\gpotato.com\allods online\bin\aogame.exe |
"{F1242F82-BB06-4301-9447-2570BA7FC92D}" = protocol=6 | dir=in | app=c:\users\felix\kitserver2010\pes2010.exe |
"{F1D07D06-4811-4944-AD08-3632BC0F717C}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{F26D769C-B3EF-4E04-B386-EC60C68EC295}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F8D1A4DB-FE90-498E-A0AC-A4973FFF9EAD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{FA8FF8B7-5A52-4C1E-A2B2-913F52531998}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\counter-strike source\hl2.exe |
"{FD4D90A7-2F4E-4A1C-B500-7DEE02955170}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{FD6693A1-C57D-42CD-859F-84C73CE3BE12}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\virtua tennis 2009\config.exe |
"{FEC78854-3C65-4E6E-9013-D3D421C928C8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{09337C7C-B347-4388-9971-75ECE0406C36}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{128EBA46-A061-4D3F-8855-8F29DA1B5E2E}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{2E195B73-6775-4BE5-8A6A-DD96A72F803A}C:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe |
"TCP Query User{301EDF42-C96E-4A26-9499-09E98ED850B2}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{4A982C7F-27F2-4D2F-A297-77A9E71FE21D}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{533291AE-BA22-49F6-AE9B-E6195CF6745F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{AC66040C-833F-47CC-A105-B68D2B63F0F3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B81931D8-24A2-4511-9AB2-873E14786006}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{D29FEE6F-AD02-4E75-987E-C746D49679BE}C:\users\felix\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\felix\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{D5EE5156-BAD8-4934-94A3-0BFA09B9E0A7}C:\program files\virtualdj\virtualdj.exe" = protocol=6 | dir=in | app=c:\program files\virtualdj\virtualdj.exe |
"TCP Query User{E1A699D1-8CF2-4566-9945-BD6C97EB08DF}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EC2359D3-DDD4-4AFE-9AFC-B7D9FA50E25A}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{EE885B51-0EA5-4BC8-97C3-396A25320ACE}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FCDFD07B-3B23-4D20-9204-BC65A74DEB9B}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{1D1DB432-9A35-47DA-B2B8-0BC7CA4F1D70}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1E1B5747-7138-4A90-B0F9-9F470B8EFF42}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{29F670CA-EBD0-4655-9C80-6C4E4C51FE11}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{3C739832-61A8-4277-BD3D-7E5B02F2ED83}C:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\diablolatino_6t9@hotmail.com\smashball\hl2.exe |
"UDP Query User{55F61D4E-44CC-46E8-A11C-2CDA826D18D9}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{5DD955EB-9191-42B7-B6E8-F3B66B423700}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{6D1BA012-95B9-41C4-864B-1DD7F20EA348}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{A8B82A22-5C84-47DC-B1CC-D199DBCD60FF}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{B117D9A5-8F47-4CC5-A3E2-32D1C0624822}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{B51EFE4C-EA75-4508-8489-ED076DD037A0}C:\users\felix\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\felix\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{B709D759-820B-43D2-BC3B-00DC7D9B3359}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{B8515A6A-9158-4F9E-A2DC-D8F9343D5B6B}C:\users\felix\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\felix\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{BD3C50B9-26DF-422F-9B8A-F21E977C0E8A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E59639F3-E6B8-42E0-B49D-62CD8786EE64}C:\program files\virtualdj\virtualdj.exe" = protocol=17 | dir=in | app=c:\program files\virtualdj\virtualdj.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09F4655B-C804-4AD0-B7DF-078E338F8F85}" = League of Legends
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{5211BF94-F97C-47E7-BC7C-BE804A79F8A2}" = MLB 2K10
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends
"{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}" = Works Synchronization
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C3A439E4-7303-491F-A678-CEA36A87D517}" = Microsoft Works Suite Add-in for Microsoft Word
"{C9FF844C-02F5-4221-8AD4-0BD823533C6E}_is1" = Ares 3.1.5.3034
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECC69E86-3B0E-4010-AA37-414C5D71B7B9}" = RPS CRT
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ares" = Ares 2.1.2
"AstrumNival Allods" = Allods Online 1.0.05.41
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"BellCanada" = Bell Internet Check-up
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.0.2.1
"FrostWire" = FrostWire 4.18.6
"gBurner" = gBurner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HotspotShield" = Hotspot Shield 1.49
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"MediaInfo" = MediaInfo 0.7.34
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NSS" = Norton Security Scan
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Peer2Peer-EN Toolbar" = Peer2Peer-EN Toolbar
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PowerISO" = PowerISO
"RadialpointClientGateway_is1" = Bell Internet Service Advisor 3.5.15
"SopCast" = SopCast 3.2.4
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 400" = Portal
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"SystemRequirementsLab" = System Requirements Lab
"Total Audio Converter_is1" = TotalAudioConverter
"Trojan Remover_is1" = Trojan Remover 6.8.2
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.17
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Works2002Setup" = Microsoft Works 2002 Setup Launcher

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/08/2010 11:38:52 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:38:59 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:39:03 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:39:11 AM | Computer Name = Felix-PC | Source = HotspotShieldService | ID = 10116
Description =

Error - 24/08/2010 11:42:38 AM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application DM-243.exe, version 0.0.0.0, time stamp 0x4aa7ac2e,
faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception
code 0xc0000005, fault offset 0x0002294f, process id 0xee8, application start time
0x01cb43a2edcafcfb.

Error - 24/08/2010 11:47:20 AM | Computer Name = Felix-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 25/08/2010 5:00:59 PM | Computer Name = Felix-PC | Source = System Restore | ID = 8193
Description =

Error - 27/08/2010 12:16:06 PM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4c354523,
faulting module client.dll, version 0.0.0.0, time stamp 0x4c76d0fd, exception code
0xc0000005, fault offset 0x0024cc04, process id 0x1180, application start time 0x01cb4601ad779d47.

Error - 28/08/2010 6:00:03 PM | Computer Name = Felix-PC | Source = Application Error | ID = 1000
Description = Faulting application TVUPlayer.exe, version 2.5.2.2, time stamp 0x4b8764a5,
faulting module AutoUpgrade.dll, version 2.5.2.2, time stamp 0x4b876441, exception
code 0xc0000005, fault offset 0x000140d6, process id 0x12c0, application start time
0x01cb46fc5d03fec7.

Error - 28/08/2010 8:47:54 PM | Computer Name = Felix-PC | Source = Application Hang | ID = 1002
Description = The program SC2.exe version 1.0.3.16291 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1430 Start Time: 01cb47139122e738 Termination Time: 79

[ Media Center Events ]
Error - 29/12/2009 1:25:16 PM | Computer Name = Felix-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError
returned 0D Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:33 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:17:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:18:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:19:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:20:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:21:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:22:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.

Error - 28/08/2010 9:23:46 PM | Computer Name = Felix-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume G:.


< End of report >

OTL Log:

All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
File C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\f7jn383c.default\se archplugins\askcom.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
ADS C:\Users\Felix\Documents\FelixAlbertoResume..doc:Roxio EMC Stream deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Felix
->Temp folder emptied: 470230 bytes
->Temporary Internet Files folder emptied: 238799 bytes
->Java cache emptied: 65919 bytes
->FireFox cache emptied: 42501040 bytes
->Google Chrome cache emptied: 360526729 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 35534 bytes

User: pizzowned
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 385.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Felix
->Flash cache emptied: 0 bytes

User: pizzowned
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 08282010_220050

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

SecurityCheck log:

Results of screen317's Security Check version 0.99.5
Windows Vista (UAC is disabled!)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Avira AntiVir Personal - Free Antivirus
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player 10.1.53.64
Adobe Reader 9
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

No real reason..i tried doing a windows update once and i had some sort of a hard drive error or something. I will the kaspersky scan tonight as it seems to be quite lengthy.

ok we have a problem..funny that you mention the sp1 update because i am now able to recall what happened the first time it tried to update since it just happened again. Ntoskrnl.exe is corrupt and vista will not start in any mode..for some reason it did a windows update and after 1 of 3 it restarted and i got the black screen. I am unable to even start it up..what do i do? lol