Backdoor.Bot

I recently just removed Security Tools off of my computer. After removal I have some files still kicking around. Backdoor.Bot in the format of a file, memory process and registry value. MBAM and SAS are scanning, locating but failing to get rid of the files. As per the "Read Before Posting" thread I scanned my computer using OTL. The following post will be the results of the scan.

OTL logfile created on: 2010-10-21 4:14:08 PM - Run 1
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Users\James\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 41.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 510.68 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
Drive D: | 16.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 291.83 Gb Total Space | 94.83 Gb Free Space | 32.50% Space Free | Partition Type: NTFS
Drive F: | 6.26 Gb Total Space | 0.88 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Drive I: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 3.50 Gb Free Space | 46.79% Space Free | Partition Type: FAT32

Computer Name: ANDI | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
PRC - [2010-10-20 17:41:14 | 000,102,912 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\svchost.exe
PRC - [2010-10-20 12:32:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-10-20 12:32:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-19 09:43:43 | 000,123,904 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe
PRC - [2010-10-19 09:43:30 | 000,111,616 | ---- | M] () -- C:\Users\James\AppData\Local\Temp\dwm.exe
PRC - [2010-10-12 21:19:35 | 009,115,800 | ---- | M] (Blizzard Entertainment) -- C:\Users\Public\World of Warcraft\Wow.exe
PRC - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010-02-18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
MOD - [2010-08-21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-03-01 20:35:38 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009-07-13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-10-20 07:27:22 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-01-09 00:12:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-06-10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-04-29 04:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-04-19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010-02-17 02:07:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-01-29 02:04:38 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009-07-31 01:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009-07-13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009-06-10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009-06-10 16:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009-06-10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009-04-29 04:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009-02-13 07:21:20 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2009-02-13 07:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009-02-13 07:18:30 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2007-04-16 21:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006-06-17 23:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010-02-17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys -- (SASDIFSV)
DRV - [2010-02-17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys -- (SASKUTIL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {43402508-4063-4C73-887C-236E5D2C4DA3}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-20 12:32:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-10-20 12:36:42 | 000,000,000 | ---D | M]

[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010-10-21 07:51:42 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions
[2010-10-21 07:51:38 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\personas@christopher.beard
[2010-06-07 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\toolbar@ask.com
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009-06-10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKCU..\Run: [Btmchk] C:\Users\James\AppData\Local\Temp\Adobe\AdobeRdrPlug.DLL File not found
O4 - HKCU..\Run: [svchost] C:\Users\James\AppData\Roaming\Microsoft\svchost.exe ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
F3:64bit: - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
F3 - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe) - C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-12-09 16:16:52 | 000,000,074 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-05-06 07:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009-12-28 04:47:58 | 000,000,090 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell\AutoRun\command - "" = G:\Borderlands.exe -- File not found
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007-10-23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-21 16:04:59 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-21 03:15:16 | 001,710,310 | -H-- | C] () -- C:\Users\James\AppData\Local\IconCache.db
[2010-10-20 19:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010-10-20 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-20 19:47:24 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010-10-20 19:47:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010-10-20 19:31:37 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Windows Live
[2010-10-20 19:31:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010-10-20 19:31:25 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010-10-20 19:31:25 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010-10-20 19:31:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010-10-20 19:31:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010-10-20 19:31:24 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010-10-20 19:31:24 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010-10-20 19:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-10-20 16:21:49 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010-10-20 12:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-10-20 12:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-10-20 12:36:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-10-20 12:36:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-10-19 22:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010-10-19 16:11:47 | 000,000,000 | ---- | C] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | C] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | C] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-18 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\{43402508-4063-4C73-887C-236E5D2C4DA3}
[2010-10-12 15:53:07 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010-10-12 15:53:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-10-12 15:53:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010-10-12 15:53:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010-10-12 15:53:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-10-12 15:53:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-10-12 15:53:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010-10-12 15:53:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-10-12 15:53:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010-10-12 15:53:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-10-12 15:53:06 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010-10-12 15:53:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-10-12 15:53:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010-10-12 15:53:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010-10-12 15:49:55 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010-10-12 15:49:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010-10-12 15:49:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010-10-12 15:49:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010-10-12 15:49:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010-10-12 15:46:44 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010-10-12 15:46:44 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010-10-12 15:44:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010-10-12 15:44:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010-10-12 15:42:54 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010-10-12 15:42:54 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010-10-12 15:42:53 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010-10-12 15:42:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010-10-12 15:40:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-10-02 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Pokemon Walls
[2010-07-11 04:32:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\winafx.log
[2010-06-07 13:32:59 | 000,790,828 | ---- | C] () -- C:\Users\James\AppData\Local\rx_image32.Cache
[2010-02-11 00:06:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-02-11 00:06:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7DD47A1773.sys
[2010-01-27 03:08:03 | 000,005,632 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-08 03:25:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-01-08 00:02:04 | 000,065,952 | ---- | C] () -- C:\Users\James\AppData\Local\GDIPFONTCACHEV1.DAT
[2009-07-13 23:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009-07-13 23:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:39:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-20 19:50:14 | 000,000,020 | ---- | M] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | M] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:16:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-10-19 16:16:10 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-10-19 16:16:10 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-10-19 16:11:47 | 000,000,000 | ---- | M] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | M] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | M] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-13 16:56:50 | 000,005,632 | ---- | M] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-13 03:14:48 | 000,304,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-10-12 21:18:26 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010-10-04 20:49:08 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-20 19:50:14 | 000,000,020 | ---- | C] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | C] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-04 20:49:08 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-06-07 14:23:14 | 000,000,387 | ---- | C] () -- C:\Windows\WININIT.INI
[2010-03-10 21:02:37 | 000,000,269 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2004-01-30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll

========== Custom Scans ==========


< >

< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-21 07:39:07 | 4293,451,776 | -HS- | M] () -- C:\pagefile.sys
[2010-02-10 16:14:48 | 000,483,312 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%*. >
[2010-08-02 01:39:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\2K Games
[2010-01-29 14:50:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010-02-17 02:35:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2010-02-07 02:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010-06-07 16:46:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ask.com
[2010-10-20 19:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-04 20:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010-10-19 22:53:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2010-03-21 14:06:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010-10-20 12:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010-06-07 14:22:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2010-02-17 02:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010-02-17 02:28:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon Age
[2010-08-02 01:39:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010-10-04 20:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010-10-20 12:36:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010-02-17 16:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
[2010-06-11 18:29:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-01-08 00:10:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010-03-07 13:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2010-06-29 15:03:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010-09-29 07:35:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-06-27 07:03:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010-10-20 12:32:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010-10-20 19:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010-02-14 08:00:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010-06-07 16:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2010-10-04 20:46:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010-01-08 03:22:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2010-04-04 14:51:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Starcraft
[2010-08-18 13:43:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StarCraft II
[2010-10-20 17:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2010-06-21 14:21:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Triumph Studios
[2009-07-13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010-09-29 07:35:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2010-03-10 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ventrillo
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010-10-20 19:50:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010-04-20 02:05:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2010-05-16 07:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009-07-14 00:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010-02-17 02:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winrar

< %appdata%*.* >


< MD5 for: AGP440.SYS >
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009-07-13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTORV.SYS >
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009-07-13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009-07-13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >
PRC - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
PRC - [2010-10-20 17:41:14 | 000,102,912 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\svchost.exe
PRC - [2010-10-20 12:32:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-10-20 12:32:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-19 09:43:43 | 000,123,904 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe
PRC - [2010-10-19 09:43:30 | 000,111,616 | ---- | M] () -- C:\Users\James\AppData\Local\Temp\dwm.exe
PRC - [2010-10-12 21:19:35 | 009,115,800 | ---- | M] (Blizzard Entertainment) -- C:\Users\Public\World of Warcraft\Wow.exe
PRC - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010-02-18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
MOD - [2010-08-21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-03-01 20:35:38 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009-07-13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-10-20 07:27:22 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-01-09 00:12:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-06-10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-04-29 04:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-04-19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010-02-17 02:07:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-01-29 02:04:38 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009-07-31 01:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009-07-13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009-06-10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009-06-10 16:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009-06-10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009-04-29 04:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009-02-13 07:21:20 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2009-02-13 07:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009-02-13 07:18:30 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2007-04-16 21:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006-06-17 23:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010-02-17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys -- (SASDIFSV)
DRV - [2010-02-17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys -- (SASKUTIL)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {43402508-4063-4C73-887C-236E5D2C4DA3}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-20 12:32:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-10-20 12:36:42 | 000,000,000 | ---D | M]

[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010-10-21 07:51:42 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions
[2010-10-21 07:51:38 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\personas@christopher.beard
[2010-06-07 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\toolbar@ask.com
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009-06-10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKCU..\Run: [Btmchk] C:\Users\James\AppData\Local\Temp\Adobe\AdobeRdrPlug.DLL File not found
O4 - HKCU..\Run: [svchost] C:\Users\James\AppData\Roaming\Microsoft\svchost.exe ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
F3:64bit: - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
F3 - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe) - C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-12-09 16:16:52 | 000,000,074 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-05-06 07:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009-12-28 04:47:58 | 000,000,090 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell\AutoRun\command - "" = G:\Borderlands.exe -- File not found
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007-10-23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-21 16:04:59 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-20 19:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010-10-20 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-20 19:47:24 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010-10-20 19:47:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010-10-20 19:31:37 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Windows Live
[2010-10-20 19:31:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010-10-20 19:31:25 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010-10-20 19:31:25 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010-10-20 19:31:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010-10-20 19:31:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010-10-20 19:31:24 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010-10-20 19:31:24 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010-10-20 19:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-10-20 16:21:49 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010-10-20 12:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-10-20 12:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-10-20 12:36:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-10-20 12:36:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-10-19 22:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010-10-18 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\{43402508-4063-4C73-887C-236E5D2C4DA3}
[2010-10-12 15:53:07 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010-10-12 15:53:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-10-12 15:53:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010-10-12 15:53:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010-10-12 15:53:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-10-12 15:53:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-10-12 15:53:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010-10-12 15:53:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-10-12 15:53:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010-10-12 15:53:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-10-12 15:53:06 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010-10-12 15:53:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-10-12 15:53:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010-10-12 15:53:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010-10-12 15:49:55 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010-10-12 15:49:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010-10-12 15:49:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010-10-12 15:49:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010-10-12 15:49:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010-10-12 15:46:44 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010-10-12 15:46:44 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010-10-12 15:44:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010-10-12 15:44:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010-10-12 15:42:54 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010-10-12 15:42:54 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010-10-12 15:42:53 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010-10-12 15:42:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010-10-12 15:40:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-10-02 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Pokemon Walls
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:39:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-20 19:50:14 | 000,000,020 | ---- | M] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | M] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:16:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-10-19 16:16:10 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-10-19 16:16:10 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-10-19 16:11:47 | 000,000,000 | ---- | M] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | M] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | M] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-13 16:56:50 | 000,005,632 | ---- | M] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-13 03:14:48 | 000,304,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-10-12 21:18:26 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010-10-04 20:49:08 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-20 19:50:14 | 000,000,020 | ---- | C] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | C] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:11:47 | 000,000,000 | ---- | C] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | C] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | C] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-04 20:49:08 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-07-11 04:32:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\winafx.log
[2010-06-07 14:23:14 | 000,000,387 | ---- | C] () -- C:\Windows\WININIT.INI
[2010-06-07 13:32:59 | 000,790,828 | ---- | C] () -- C:\Users\James\AppData\Local\rx_image32.Cache
[2010-03-10 21:02:37 | 000,000,269 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010-02-11 00:06:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-02-11 00:06:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7DD47A1773.sys
[2010-01-27 03:08:03 | 000,005,632 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-08 03:25:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2004-01-30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll

========== Custom Scans ==========


< >

< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-21 07:39:07 | 4293,451,776 | -HS- | M] () -- C:\pagefile.sys
[2010-02-10 16:14:48 | 000,483,312 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%*. >
[2010-08-02 01:39:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\2K Games
[2010-01-29 14:50:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010-02-17 02:35:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2010-02-07 02:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010-06-07 16:46:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ask.com
[2010-10-20 19:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-04 20:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010-10-19 22:53:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2010-03-21 14:06:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010-10-20 12:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010-06-07 14:22:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2010-02-17 02:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010-02-17 02:28:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon Age
[2010-08-02 01:39:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010-10-04 20:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010-10-20 12:36:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010-02-17 16:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
[2010-06-11 18:29:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-01-08 00:10:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010-03-07 13:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2010-06-29 15:03:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010-09-29 07:35:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-06-27 07:03:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010-10-20 12:32:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010-10-20 19:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010-02-14 08:00:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010-06-07 16:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2010-10-04 20:46:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010-01-08 03:22:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2010-04-04 14:51:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Starcraft
[2010-08-18 13:43:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StarCraft II
[2010-10-20 17:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2010-06-21 14:21:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Triumph Studios
[2009-07-13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010-09-29 07:35:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2010-03-10 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ventrillo
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010-10-20 19:50:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010-04-20 02:05:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2010-05-16 07:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009-07-14 00:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010-02-17 02:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winrar

< %appdata%*.* >


< MD5 for: AGP440.SYS >
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009-07-13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTORV.SYS >
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009-07-13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009-07-13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >

PRC - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
PRC - [2010-10-20 17:41:14 | 000,102,912 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\svchost.exe
PRC - [2010-10-20 12:32:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-10-20 12:32:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-10-19 09:43:43 | 000,123,904 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe
PRC - [2010-10-19 09:43:30 | 000,111,616 | ---- | M] () -- C:\Users\James\AppData\Local\Temp\dwm.exe
PRC - [2010-10-12 21:19:35 | 009,115,800 | ---- | M] (Blizzard Entertainment) -- C:\Users\Public\World of Warcraft\Wow.exe
PRC - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
MOD - [2010-08-21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-03-01 20:35:38 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009-07-13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-10-20 07:27:22 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-08-13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-18 14:01:06 | 000,462,632 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-01-09 00:12:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-07-26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-06-10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-04-29 04:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008-09-16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-04-19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010-02-17 02:07:09 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-01-29 02:04:38 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009-07-31 01:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009-07-13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009-06-10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009-06-10 16:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009-06-10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009-04-29 04:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009-02-13 07:21:20 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2009-02-13 07:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009-02-13 07:18:30 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2007-04-16 21:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006-06-17 23:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010-02-17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys -- (SASDIFSV)
DRV - [2010-02-17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Users\James\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys -- (SASKUTIL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {43402508-4063-4C73-887C-236E5D2C4DA3}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-10-20 12:32:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-10-20 12:36:42 | 000,000,000 | ---D | M]

[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2010-02-17 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010-10-21 07:51:42 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions
[2010-10-21 07:51:38 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\personas@christopher.beard
[2010-06-07 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\id5ujizt.default\extensions\toolbar@ask.com
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010-10-20 12:36:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009-06-10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKCU..\Run: [Btmchk] C:\Users\James\AppData\Local\Temp\Adobe\AdobeRdrPlug.DLL File not found
O4 - HKCU..\Run: [svchost] C:\Users\James\AppData\Roaming\Microsoft\svchost.exe ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
F3:64bit: - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
F3 - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe) - C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-12-09 16:16:52 | 000,000,074 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-05-06 07:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009-12-28 04:47:58 | 000,000,090 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell\AutoRun\command - "" = G:\Borderlands.exe -- File not found
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007-10-23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-21 16:04:59 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-20 19:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010-10-20 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-20 19:47:24 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010-10-20 19:47:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010-10-20 19:31:37 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Windows Live
[2010-10-20 19:31:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010-10-20 19:31:25 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010-10-20 19:31:25 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010-10-20 19:31:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010-10-20 19:31:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010-10-20 19:31:24 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010-10-20 19:31:24 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010-10-20 19:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-10-20 16:21:49 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010-10-20 12:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-10-20 12:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-10-20 12:36:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-10-20 12:36:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-10-19 22:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010-10-18 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\{43402508-4063-4C73-887C-236E5D2C4DA3}
[2010-10-12 15:53:07 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010-10-12 15:53:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-10-12 15:53:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010-10-12 15:53:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010-10-12 15:53:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-10-12 15:53:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-10-12 15:53:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010-10-12 15:53:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-10-12 15:53:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010-10-12 15:53:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-10-12 15:53:06 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010-10-12 15:53:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-10-12 15:53:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010-10-12 15:53:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010-10-12 15:49:55 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010-10-12 15:49:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010-10-12 15:49:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010-10-12 15:49:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010-10-12 15:49:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010-10-12 15:46:44 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010-10-12 15:46:44 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010-10-12 15:44:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010-10-12 15:44:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010-10-12 15:42:54 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010-10-12 15:42:54 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010-10-12 15:42:53 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010-10-12 15:42:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010-10-12 15:40:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-10-02 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Pokemon Walls
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:39:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-20 19:50:14 | 000,000,020 | ---- | M] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | M] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:16:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-10-19 16:16:10 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-10-19 16:16:10 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-10-19 16:11:47 | 000,000,000 | ---- | M] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | M] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | M] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-13 16:56:50 | 000,005,632 | ---- | M] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-13 03:14:48 | 000,304,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-10-12 21:18:26 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010-10-04 20:49:08 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-20 19:50:14 | 000,000,020 | ---- | C] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | C] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:11:47 | 000,000,000 | ---- | C] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | C] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | C] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-04 20:49:08 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-07-11 04:32:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\winafx.log
[2010-06-07 14:23:14 | 000,000,387 | ---- | C] () -- C:\Windows\WININIT.INI
[2010-06-07 13:32:59 | 000,790,828 | ---- | C] () -- C:\Users\James\AppData\Local\rx_image32.Cache
[2010-03-10 21:02:37 | 000,000,269 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010-02-11 00:06:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-02-11 00:06:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7DD47A1773.sys
[2010-01-27 03:08:03 | 000,005,632 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-08 03:25:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2004-01-30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll

========== Custom Scans ==========


< >

< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-21 07:39:07 | 4293,451,776 | -HS- | M] () -- C:\pagefile.sys
[2010-02-10 16:14:48 | 000,483,312 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%*. >
[2010-08-02 01:39:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\2K Games
[2010-01-29 14:50:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010-02-17 02:35:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2010-02-07 02:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010-06-07 16:46:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ask.com
[2010-10-20 19:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-04 20:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010-10-19 22:53:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2010-03-21 14:06:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010-10-20 12:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010-06-07 14:22:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2010-02-17 02:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010-02-17 02:28:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon Age
[2010-08-02 01:39:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010-10-04 20:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010-10-20 12:36:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010-02-17 16:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
[2010-06-11 18:29:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-01-08 00:10:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010-03-07 13:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2010-06-29 15:03:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010-09-29 07:35:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-06-27 07:03:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010-10-20 12:32:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010-10-20 19:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010-02-14 08:00:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010-06-07 16:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2010-10-04 20:46:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010-01-08 03:22:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2010-04-04 14:51:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Starcraft
[2010-08-18 13:43:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StarCraft II
[2010-10-20 17:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2010-06-21 14:21:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Triumph Studios
[2009-07-13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010-09-29 07:35:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2010-03-10 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ventrillo
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010-10-20 19:50:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010-04-20 02:05:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2010-05-16 07:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009-07-14 00:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010-02-17 02:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winrar

< %appdata%*.* >


< MD5 for: AGP440.SYS >
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009-07-13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTORV.SYS >
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009-07-13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009-07-13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >
O4 - HKCU..\Run: [Btmchk] C:\Users\James\AppData\Local\Temp\Adobe\AdobeRdrPlug.DLL File not found
O4 - HKCU..\Run: [svchost] C:\Users\James\AppData\Roaming\Microsoft\svchost.exe ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe (Lime Wire, LLC)
F3:64bit: - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
F3 - HKCU WinNT: Load - (C:\Users\James\AppData\Local\Temp\dwm.exe) - C:\Users\James\AppData\Local\Temp\dwm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe) - C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-12-09 16:16:52 | 000,000,074 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-05-06 07:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009-12-28 04:47:58 | 000,000,090 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{0bbe8fe9-1b94-11df-b10d-0018f3f168ce}\Shell\AutoRun\command - "" = G:\Borderlands.exe -- File not found
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell - "" = AutoRun
O33 - MountPoints2\{2d3f68d5-fce2-11de-8eb7-0018f3f168ce}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007-10-23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-10-21 16:04:59 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-20 19:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010-10-20 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-20 19:47:24 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010-10-20 19:47:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010-10-20 19:47:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010-10-20 19:31:37 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Windows Live
[2010-10-20 19:31:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010-10-20 19:31:25 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010-10-20 19:31:25 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010-10-20 19:31:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010-10-20 19:31:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010-10-20 19:31:24 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010-10-20 19:31:24 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010-10-20 19:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010-10-20 16:21:49 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010-10-20 12:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-10-20 12:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-10-20 12:36:42 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010-10-20 12:36:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010-10-20 12:36:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010-10-19 22:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com
[2010-10-19 16:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010-10-18 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\{43402508-4063-4C73-887C-236E5D2C4DA3}
[2010-10-12 15:53:07 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010-10-12 15:53:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010-10-12 15:53:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010-10-12 15:53:07 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010-10-12 15:53:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010-10-12 15:53:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010-10-12 15:53:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010-10-12 15:53:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010-10-12 15:53:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010-10-12 15:53:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010-10-12 15:53:06 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010-10-12 15:53:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010-10-12 15:53:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010-10-12 15:53:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010-10-12 15:49:55 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010-10-12 15:49:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010-10-12 15:49:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010-10-12 15:49:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010-10-12 15:49:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010-10-12 15:46:44 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010-10-12 15:46:44 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010-10-12 15:44:06 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010-10-12 15:44:06 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010-10-12 15:42:54 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010-10-12 15:42:54 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010-10-12 15:42:53 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010-10-12 15:42:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010-10-12 15:40:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010-10-04 20:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-10-04 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010-10-02 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Pokemon Walls
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-10-21 16:05:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:46:30 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-10-21 07:39:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-20 19:50:14 | 000,000,020 | ---- | M] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | M] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:16:10 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-10-19 16:16:10 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-10-19 16:16:10 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-10-19 16:11:47 | 000,000,000 | ---- | M] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | M] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | M] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-13 16:56:50 | 000,005,632 | ---- | M] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-13 03:14:48 | 000,304,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-10-12 21:18:26 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010-10-04 20:49:08 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-10-20 19:50:14 | 000,000,020 | ---- | C] () -- C:\Windows\H÷S
[2010-10-20 12:32:21 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-10-19 22:53:55 | 000,000,963 | ---- | C] () -- C:\Users\James\Desktop\CCleaner.lnk
[2010-10-19 16:11:47 | 000,000,000 | ---- | C] () -- C:\Users\James\AppData\Local\Uwuwaguvimupagi.bin
[2010-10-19 09:15:13 | 001,196,032 | ---- | C] () -- C:\Users\James\AppData\Local\DELETE.exe
[2010-10-18 21:16:36 | 000,000,120 | ---- | C] () -- C:\Users\James\AppData\Local\Swipa.dat
[2010-10-04 20:49:08 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010-10-04 20:46:21 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010-07-11 04:32:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\winafx.log
[2010-06-07 14:23:14 | 000,000,387 | ---- | C] () -- C:\Windows\WININIT.INI
[2010-06-07 13:32:59 | 000,790,828 | ---- | C] () -- C:\Users\James\AppData\Local\rx_image32.Cache
[2010-03-10 21:02:37 | 000,000,269 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010-02-11 00:06:46 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-02-11 00:06:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7DD47A1773.sys
[2010-01-27 03:08:03 | 000,005,632 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-08 03:25:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008-10-07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2004-01-30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll

========== Custom Scans ==========


< >

< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2010-10-21 07:39:07 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2010-10-21 07:39:07 | 4293,451,776 | -HS- | M] () -- C:\pagefile.sys
[2010-02-10 16:14:48 | 000,483,312 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%*. >
[2010-08-02 01:39:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\2K Games
[2010-01-29 14:50:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010-02-17 02:35:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2010-02-07 02:09:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010-06-07 16:46:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ask.com
[2010-10-20 19:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2010-10-04 20:44:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010-10-19 22:53:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2010-03-21 14:06:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010-10-20 12:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010-06-07 14:22:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2010-02-17 02:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010-02-17 02:28:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon Age
[2010-08-02 01:39:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010-10-04 20:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2010-10-20 12:36:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010-02-17 16:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LimeWire
[2010-06-11 18:29:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-01-08 00:10:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010-03-07 13:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft LifeCam
[2010-06-29 15:03:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010-09-29 07:35:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010-06-27 07:03:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010-10-20 12:32:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010-10-20 19:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010-02-14 08:00:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010-06-07 16:56:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2010-10-04 20:46:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010-01-08 03:22:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2010-04-04 14:51:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Starcraft
[2010-08-18 13:43:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StarCraft II
[2010-10-20 17:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2010-06-21 14:21:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Triumph Studios
[2009-07-13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010-09-29 07:35:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2010-03-10 21:02:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ventrillo
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010-10-20 19:50:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010-04-20 02:05:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2010-05-16 07:16:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010-10-13 03:13:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009-07-14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009-07-14 00:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009-07-14 00:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010-02-17 02:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winrar

< %appdata%*.* >


< MD5 for: AGP440.SYS >
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009-07-13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTORV.SYS >
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009-07-13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009-07-13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >

< MD5 for: [2009-07-13 19:06:34 | 000,089,600 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009-07-13 19:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< MD5 for: [2009-07-13 20:15:06 | 000,012,288 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cngaudit.dll
[2009-07-13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: [2009-07-13 20:16:02 | 000,563,712 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netlogon.dll
[2009-07-13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: [2009-07-13 20:16:13 | 000,175,616 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\scecli.dll
[2009-07-13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

< MD5 for: [2009-07-13 20:40:20 | 000,018,944 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: [2009-07-13 20:41:52 | 000,692,736 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

< MD5 for: [2009-07-13 20:41:53 | 000,232,448 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: [2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA CORPORATION) >
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: [2009-07-13 20:47:48 | 000,073,280 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009-07-13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: [2009-07-13 20:48:04 | 000,410,688 | ---- | M] (INTEL CORPORATION) >
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: [2009-07-13 20:52:21 | 000,024,128 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: [2009-07-13 20:52:21 | 000,061,008 | ---- | M] (MICROSOFT CORPORATION) >
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

< End of report >

Ok so that seems like alot but I hope it helps.

Hello.

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  PRC - [2010-10-20 17:41:14 | 000,102,912 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\svchost.exe
  PRC - [2010-10-19 09:43:43 | 000,123,904 | ---- | M] () -- C:\Users\James\AppData\Roaming\Microsoft\Windows\shell.exe
  PRC - [2010-10-19 09:43:30 | 000,111,616 | ---- | M] () -- C:\Users\James\AppData\Local\Temp\dwm.exe
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
  O4 - HKCU..\Run: [svchost] C:\Users\James\AppData\Roaming\Microsoft\svchost.exe ()
  
  :files
  C:\Users\James\AppData\Roaming\Microsoft\svchost.exe
  
  :commands
  [emptytemp]
  [reboot]
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Log after restart from OTL:

All processes killed
========== OTL ==========
No active process named svchost.exe was found!
No active process named shell.exe was found!
No active process named dwm.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\svchost deleted successfully.
File C:\Users\James\AppData\Roaming\Microsoft\svchost.exe not found.
========== FILES ==========
File\Folder C:\Users\James\AppData\Roaming\Microsoft\svchost.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: James
->Temp folder emptied: 66033607 bytes
->Temporary Internet Files folder emptied: 1495540 bytes
->Java cache emptied: 40328941 bytes
->FireFox cache emptied: 78492115 bytes
->Flash cache emptied: 47226 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128666 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50397 bytes
RecycleBin emptied: 4581817 bytes

Total Files Cleaned = 183.00 mb


OTL by OldTimer - Version 3.2.16.0 log created on 10212010_194507

Files\Folders moved on Reboot...
C:\Users\James\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\James\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UBVRJ6Q\01[1].htm not found!
File\Folder C:\Users\James\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UBVRJ6Q\ADSAdClient31[1].txt not found!

Registry entries deleted on Reboot...

Ran MBAM and those same things registered as infected once again.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.