OTL logfile created on: 13/10/2009 12:19:57 AM - Run 1
OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Jason\Desktop
64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 214.75 Gb Total Space | 150.29 Gb Free Space | 69.99% Space Free | Partition Type: NTFS
Drive D: | 716.67 Gb Total Space | 715.29 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JASON-PC
Current User Name: Jason
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\ClipMate7\ClipMate.exe (Thornsoft Development, Inc.)
PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Users\Jason\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AppHostSvc [Auto | Running]) -- C:\Windows\SysWow64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Dhcp [Auto | Running]) -- C:\Windows\SysWow64\dhcpcore.dll (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (HomeGroupProvider [On_Demand | Running]) -- C:\Windows\SysWow64\provsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (KeyIso [On_Demand | Running]) -- C:\Windows\SysWow64\keyiso.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (MDM [Auto | Running]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2009/04/22 18:16:43 | 00,000,000 | ---D | M]
SRV - (Netlogon [On_Demand | Stopped]) -- C:\Windows\SysWow64\netlogon.dll (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\WBEM\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\Vss [2009/04/22 18:16:44 | 00,000,000 | ---D | M]
SRV - (W3SVC [Auto | Running]) -- C:\Windows\SysWow64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (WAS [On_Demand | Running]) -- C:\Windows\SysWow64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:[b]64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppHostSvc [Auto | Running]) -- C:\Windows\SysNative\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV [On_Demand | Stopped]) -- C:\Windows\SysNative\AxInstSV.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC [Unknown | Stopped]) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv [On_Demand | Stopped]) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc [On_Demand | Stopped]) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp [Auto | Running]) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV:64bit: - (FontCache [On_Demand | Stopped]) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener [On_Demand | Running]) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider [On_Demand | Running]) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc [On_Demand | Running]) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\peerdistsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg [On_Demand | Stopped]) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc [On_Demand | Running]) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (Power [Auto | Running]) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper [Unknown | Running]) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (SfCtlCom [Auto | Running]) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV:64bit: - (sppsvc [Auto | Stopped]) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (sppuinotify [On_Demand | Stopped]) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (Themes [Auto | Running]) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (TMBMServer [On_Demand | Running]) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV:64bit: - (TmPfw [On_Demand | Running]) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe (Trend Micro Inc.)
SRV:64bit: - (TmProxy [On_Demand | Running]) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (W3SVC [Auto | Running]) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (WAS [On_Demand | Running]) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WbioSrvc [On_Demand | Stopped]) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend [On_Demand | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (WwanSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009/08/29 21:34:56 | 00,000,000 | ---D | M]
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\WBEM\mpsdrv.mof ()
DRV - (NetBIOS [System | Running]) -- C:\Windows\SysWow64\netbios.dll (Microsoft Corporation)
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\WBEM\tcpip.mof ()
DRV - (WIMMount [On_Demand | Stopped]) -- C:\Windows\SysWow64\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (amdsata [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdsata.sys (AMD)
DRV:64bit: - (amdsbs [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (amdxata [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\amdxata.sys (AMD)
DRV:64bit: - (AppID [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (b06bdrv [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Beep [System | Running]) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (CNG [Boot | Running]) -- C:\Windows\SysNative\Drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (dc3d [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (discache [System | Running]) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\evbda.sys (Broadcom Corporation)
DRV:64bit: - (ENTECH64 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan)
DRV:64bit: - (FsDepends [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\FsDepends.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (hcw85cir [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hwpolicy [Boot | Running]) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (KSecPkg [Boot | Running]) -- C:\Windows\SysNative\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (Lbd [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\Lbd.sys (Lavasoft AB)
DRV:64bit: - (LSI_SAS2 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (mshidkmdf [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (netr7364 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (NuidFltr [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys (Microsoft Corporation)
DRV:64bit: - (pcw [Boot | Running]) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AgileVpn.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP [System | Running]) -- C:\Windows\SysNative\drivers\rdprefmp.sys (Microsoft Corporation)
DRV:64bit: - (rdyboost [Boot | Running]) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (s3cap [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (scfilter [Unknown | Stopped]) -- C:\Windows\SysNative\DRIVERS\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (stexstor [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\stexstor.sys (Promise Technology)
DRV:64bit: - (storflt [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (tmlwf [System | Running]) -- C:\Windows\SysNative\DRIVERS\tmlwf.sys (Trend Micro Inc.)
DRV:64bit: - (tmpreflt [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\tmpreflt.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi [System | Running]) -- C:\Windows\SysNative\DRIVERS\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (tmwfp [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\tmwfp.sys (Trend Micro Inc.)
DRV:64bit: - (tmxpflt [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\tmxpflt.sys (Trend Micro Inc.)
DRV:64bit: - (UmPass [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\umpass.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (vsapint [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\vsapint.sys (Trend Micro Inc.)
DRV:64bit: - (vwifibus [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt [System | Running]) -- C:\Windows\SysNative\DRIVERS\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf [System | Running]) -- C:\Windows\SysNative\DRIVERS\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (WIMMount [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf [On_Demand | Running]) -- C:\Windows\SysNative\drivers\WudfPf.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A 16 29 B2 23 3F CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/04/22 20:45:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/12 09:14:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/08 23:07:31 | 00,000,000 | ---D | M]
[2009/08/29 21:57:01 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions
[2009/08/29 21:57:01 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/13 00:09:19 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\smeoihga.default\extensions
[2009/08/29 22:06:23 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\smeoihga.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/01 23:02:00 | 00,000,687 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Mozilla\FireFox\Profiles\smeoihga.default\searchplugins\ask.xml
[2009/09/27 15:12:42 | 00,002,171 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Mozilla\FireFox\Profiles\smeoihga.default\searchplugins\bing.xml
[2009/10/13 00:09:19 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/09/10 17:43:44 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/06 20:47:00 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/10/13 00:00:07 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/09/10 17:43:43 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/09/10 17:43:43 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/09/10 17:43:43 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/12 09:14:31 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2009/07/30 18:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 18:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/07/30 18:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 18:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 18:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/07/30 18:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 18:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (338274 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11596 more lines...
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ClipMate7] C:\Program Files (x86)\ClipMate7\ClipMate.exe (Thornsoft Development, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2 C:\Windows\SysWow64\*.tmp files]
[2009/10/03 01:31:33 | 00,000,000 | -H-D | C] -- C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/09/27 14:33:30 | 00,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2009/10/03 01:31:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/12 00:47:17 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/10/08 22:38:10 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2009/09/27 21:12:19 | 00,000,000 | ---D | C] -- C:\ProgramData\Palo Alto Software
[2009/09/13 11:45:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2009/10/02 23:38:33 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Media Player Classic
[2009/09/28 00:58:07 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Palo Alto Software
[2009/10/05 17:02:06 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Safer Networking
[2009/10/05 18:04:02 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Apps
[2009/09/13 20:51:53 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Downloaded Installations
[2009/09/27 02:08:22 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\WindowsUpdate
[2009/10/08 22:49:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2009/09/27 20:56:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2009/09/27 19:19:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia
[2009/09/27 21:12:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Palo Alto Software
[2009/09/27 03:22:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2009/09/27 20:56:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2009/09/27 20:54:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CorelDRAW Graphics Suite 12 Installer
[2009/09/27 14:33:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink
[2009/10/07 20:43:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2009/09/21 23:15:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2009/10/06 20:46:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/10/03 01:31:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2009/09/27 19:19:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2009/10/08 22:38:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2009/09/27 03:18:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2009/09/27 10:22:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office Outlook Connector
[2009/09/27 03:18:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/09/27 10:21:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/09/27 21:12:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Palo Alto Software
[2009/10/05 16:44:06 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2009/10/05 10:26:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2009/09/20 11:40:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/09/27 10:20:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2009/09/27 10:20:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2009/09/13 11:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/27 10:22:09 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/10/13 00:17:14 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2009/10/13 00:00:06 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/10/13 00:00:06 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/10/13 00:00:06 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/10/08 23:31:42 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/10/08 23:31:41 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CF23577.exe
[2009/10/08 23:29:28 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CF26128.exe
[2009/10/08 23:29:06 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf
[2009/10/08 20:50:37 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CF29197.exe
[2009/10/07 20:43:54 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/06 23:41:34 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CF486.exe
[2009/10/06 23:41:31 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\swsc.exe
[2009/10/06 23:41:31 | 00,008,704 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP90.SYS
[2009/10/06 23:40:53 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/10/06 22:04:53 | 26,035,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009/10/06 20:50:44 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/10/06 20:46:59 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/10/05 22:19:25 | 00,000,000 | ---D | C] -- C:\PsTools
[2009/10/05 21:55:07 | 00,000,000 | ---D | C] -- C:\getservices
[2009/10/05 17:00:29 | 00,000,000 | ---D | C] -- C:\Users\Jason\Documents\TagsRevisited
[2009/10/03 02:05:27 | 00,068,640 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2009/09/27 21:04:54 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/09/27 20:21:09 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009/09/27 20:21:09 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF 6.0
[2009/09/27 19:52:50 | 00,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2009/09/27 16:34:48 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2009/09/27 16:34:47 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2009/09/27 16:34:47 | 00,000,000 | ---D | C] -- C:\inetpub
[2009/09/27 15:01:24 | 00,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmclien.dll
[2009/09/27 10:23:04 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/09/27 10:22:10 | 00,061,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2009/09/27 10:22:10 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2009/09/13 12:00:28 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\Service
[2009/09/13 10:24:23 | 01,883,152 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
[2009/09/13 10:24:23 | 00,339,984 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys
[2009/09/13 10:24:23 | 00,258,064 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
[2009/09/13 10:24:23 | 00,200,720 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys
[2009/09/13 10:24:23 | 00,107,536 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2009/09/13 10:24:23 | 00,042,000 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
[2009/09/13 10:24:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_64-bit
[2009/09/13 10:18:28 | 54,159,016 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_64-bit.exe
========== Files - Modified Within 30 Days ==========
[2 C:\Windows\SysWow64\*.tmp files]
[2009/10/13 00:16:41 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2009/10/13 00:15:13 | 00,839,560 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/13 00:15:13 | 00,709,442 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/13 00:15:13 | 00,139,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/12 23:29:48 | 00,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 23:29:48 | 00,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/12 23:22:11 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/12 23:22:09 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/12 23:22:07 | 10,667,54046 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/12 20:53:33 | 00,000,669 | ---- | M] () -- C:\Windows\SysNative\Controls.xml
[2009/10/12 01:05:25 | 00,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/10/08 23:31:41 | 00,008,704 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP90.SYS
[2009/10/08 23:31:27 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf
[2009/10/08 23:31:27 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CF23577.exe
[2009/10/08 23:29:07 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CF26128.exe
[2009/10/08 22:50:41 | 00,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/10/08 22:49:49 | 00,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2009/10/08 22:38:10 | 00,001,022 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan.lnk
[2009/10/08 22:38:10 | 00,001,020 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/08 20:50:02 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CF29197.exe
[2009/10/07 20:43:18 | 00,001,104 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/10/07 20:43:10 | 00,000,924 | ---- | M] () -- C:\Users\Jason\Desktop\NTREGOPT.lnk
[2009/10/07 20:43:10 | 00,000,905 | ---- | M] () -- C:\Users\Jason\Desktop\ERUNT.lnk
[2009/10/06 23:40:49 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CF486.exe
[2009/10/05 19:24:13 | 00,001,512 | ---- | M] () -- C:\Users\Jason\Documents\cc_20091005_192410.reg
[2009/10/05 19:23:56 | 00,007,138 | ---- | M] () -- C:\Users\Jason\Documents\cc_20091005_192353.reg
[2009/10/05 19:23:44 | 00,036,754 | ---- | M] () -- C:\Users\Jason\Documents\cc_20091005_192338.reg
[2009/10/05 19:20:19 | 00,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2009/10/04 00:51:30 | 00,338,274 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2009/10/04 00:51:16 | 00,338,274 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2009/10/03 02:05:17 | 00,015,688 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2009/10/03 01:31:33 | 00,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/10/03 00:37:29 | 00,338,274 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2009/09/29 23:03:36 | 00,028,160 | ---- | M] () -- C:\Users\Jason\Desktop\Virus Reports.xls
[2009/09/28 07:13:05 | 00,114,720 | ---- | M] () -- C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/09/28 07:10:20 | 00,422,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/09/28 01:04:39 | 00,012,288 | ---- | M] () -- C:\Windows\DCEBoot64.exe
[2009/09/28 01:01:15 | 00,001,361 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009/09/27 20:57:12 | 00,001,682 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/09/27 20:57:12 | 00,000,056 | RHS- | M] () -- C:\Windows\SysWow64\6AB8FB8DC1.sys
[2009/09/27 20:21:14 | 00,002,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
[2009/09/27 20:21:14 | 00,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 6.0 Professional.lnk
[2009/09/27 18:16:59 | 00,000,540 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\AutoGK.ini
[2009/09/27 16:35:37 | 00,783,876 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/27 10:21:14 | 00,000,020 | ---- | M] () -- C:\Windows\óÌt
[2009/09/21 23:15:21 | 00,001,055 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2009/09/21 23:11:30 | 00,005,876 | ---- | M] () -- C:\Users\Jason\Documents\cc_20090921_221124.reg
[2009/09/21 23:11:12 | 00,038,656 | ---- | M] () -- C:\Users\Jason\Documents\cc_20090921_221102.reg
[2009/09/20 11:52:04 | 00,002,392 | ---- | M] () -- C:\Users\Jason\Desktop\Cryp_mangle.CSV
[2009/09/20 11:40:54 | 00,002,093 | ---- | M] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2009/09/14 22:07:44 | 00,035,840 | ---- | M] () -- C:\Users\Jason\Desktop\n2004TheTeenTripleP.doc
[2009/09/13 10:24:23 | 01,883,152 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
[2009/09/13 10:24:23 | 00,339,984 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmwfp.sys
[2009/09/13 10:24:23 | 00,258,064 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
[2009/09/13 10:24:23 | 00,200,720 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmlwf.sys
[2009/09/13 10:24:23 | 00,107,536 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2009/09/13 10:24:23 | 00,042,000 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
[2009/09/13 10:24:13 | 54,159,016 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\TrendMicro_TIS_17.50_en-US_64-bit.exe
========== Files - No Company Name ==========
[2009/10/12 20:52:52 | 00,000,669 | ---- | C] () -- C:\Windows\SysNative\Controls.xml
[2009/10/08 22:49:49 | 00,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2009/10/08 22:38:10 | 00,001,022 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan.lnk
[2009/10/08 22:38:10 | 00,001,020 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/07 20:43:18 | 00,001,104 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2009/10/07 20:43:10 | 00,000,924 | ---- | C] () -- C:\Users\Jason\Desktop\NTREGOPT.lnk
[2009/10/07 20:43:10 | 00,000,905 | ---- | C] () -- C:\Users\Jason\Desktop\ERUNT.lnk
[2009/10/05 19:24:11 | 00,001,512 | ---- | C] () -- C:\Users\Jason\Documents\cc_20091005_192410.reg
[2009/10/05 19:23:54 | 00,007,138 | ---- | C] () -- C:\Users\Jason\Documents\cc_20091005_192353.reg
[2009/10/05 19:23:41 | 00,036,754 | ---- | C] () -- C:\Users\Jason\Documents\cc_20091005_192338.reg
[2009/10/03 10:03:07 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2009/10/03 02:05:33 | 00,000,496 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/10/03 01:31:33 | 00,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/10/02 21:12:43 | 00,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20091002.log
[2009/09/30 00:05:13 | 00,028,160 | ---- | C] () -- C:\Users\Jason\Desktop\Virus Reports.xls
[2009/09/28 01:01:15 | 00,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009/09/27 20:57:12 | 00,001,682 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/09/27 20:57:12 | 00,000,056 | RHS- | C] () -- C:\Windows\SysWow64\6AB8FB8DC1.sys
[2009/09/27 20:25:38 | 00,012,288 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2009/09/27 20:21:14 | 00,002,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
[2009/09/27 20:21:14 | 00,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 6.0 Professional.lnk
[2009/09/27 10:21:13 | 00,000,020 | ---- | C] () -- C:\Windows\óÌt
[2009/09/21 23:15:21 | 00,001,055 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2009/09/21 23:11:26 | 00,005,876 | ---- | C] () -- C:\Users\Jason\Documents\cc_20090921_221124.reg
[2009/09/21 23:11:08 | 00,038,656 | ---- | C] () -- C:\Users\Jason\Documents\cc_20090921_221102.reg
[2009/09/20 11:52:04 | 00,002,392 | ---- | C] () -- C:\Users\Jason\Desktop\Cryp_mangle.CSV
[2009/09/20 11:40:54 | 00,002,093 | ---- | C] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2009/09/14 22:07:43 | 00,035,840 | ---- | C] () -- C:\Users\Jason\Desktop\n2004TheTeenTripleP.doc
[2009/09/12 19:18:47 | 00,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/09/12 17:50:49 | 00,000,540 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\AutoGK.ini
[2009/09/01 19:02:42 | 00,783,876 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/08/29 22:11:29 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/08/29 22:11:28 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009/08/29 22:11:28 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/08/29 22:11:28 | 00,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/08/29 22:11:28 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/08/29 22:11:28 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009/08/29 21:45:47 | 00,114,720 | ---- | C] () -- C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/04/22 20:08:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009/04/22 20:08:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/04/22 17:37:02 | 00,000,478 | ---- | C] () -- C:\Windows\win.ini
[2009/04/22 17:37:02 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/04/22 14:40:32 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/04/22 12:04:20 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2002/10/16 09:54:04 | 00,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:B0D4D817
< End of report >
OTL Extras logfile created on: 13/10/2009 12:19:57 AM - Run 1
OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Jason\Desktop
64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 214.75 Gb Total Space | 150.29 Gb Free Space | 69.99% Space Free | Partition Type: NTFS
Drive D: | 716.67 Gb Total Space | 715.29 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JASON-PC
Current User Name: Jason
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe (Macromedia, Inc.)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe (Macromedia, Inc.)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1" (Macromedia, Inc.)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = E7 3D 5E 41 2C C3 C9 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BAE72B35-821F-6780-18C5-BE4EBDF8DC7A}" = ATI Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety
"{F7561C47-6327-E6A5-3B57-756FA920CEF3}" = ccc-utility64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259BDEFB-DCE0-990E-6C65-EA6DCAF1C604}" = Catalyst Control Center HydraVision Full
"{262296A3-87A4-4614-CBF1-E04455694390}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 15
"{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1" = ClipMate 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{4411E4C3-C60F-B094-0E1F-C6E73311A9EA}" = Catalyst Control Center InstallProxy
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{5E7AFD67-97C1-E310-CDC4-9F1547E1677C}" = Catalyst Control Center Graphics Previews Vista
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83A92C93-C5F2-128A-532A-B7C295450476}" = Catalyst Control Center Graphics Full Existing
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EA950F9-4CC6-35FC-BB9A-761298DE9ADC}" = Catalyst Control Center Graphics Full New
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9B4B3428-7640-400E-9B96-22243568E296}" = Catalyst Control Center Graphics Previews Common
"{A111CF27-5082-6499-17D3-7FDA158206EF}" = ccc-core-static
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8833100-1481-11D4-9731-00C04F8EEB39}" = Macromedia Fireworks 4
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C7BA228D-D0E9-44E5-B0B6-7AD4B0D6EBB0}" = Business Plan Pro 2004
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5C36070-143F-489D-FB5A-903940D42325}" = Catalyst Control Center Core Implementation
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E77C580F-E2C8-23C7-350E-F3317D1C4A8A}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"FileASSASSIN" = FileASSASSIN
"HijackThis" = HijackThis 2.0.2
"HTML Colors" = HTML Colors
"IsoBuster_is1" = IsoBuster 2.5.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.5 (Full)
"Macromedia Generator 2" = Macromedia Generator 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/10/2009 8:19:43 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 7/10/2009 8:19:53 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 8/10/2009 7:43:56 AM | Computer Name = Jason-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 1.9.1.3523, time
stamp: 0x4a92de61 Faulting module name: np_gp.dll_unloaded, version: 0.0.0.0, time
stamp: 0x4a55b8e9 Exception code: 0xc0000005 Fault offset: 0x058d5c1e Faulting process
id: 0x2cf4 Faulting application start time: 0x01ca480bc2dad5a0 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: np_gp.dll
Report
Id: dbbdc5e8-b3ff-11de-94df-002421a39d02
Error - 8/10/2009 7:47:33 AM | Computer Name = Jason-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 1.9.1.3523, time
stamp: 0x4a92de61 Faulting module name: np_gp.dll_unloaded, version: 0.0.0.0, time
stamp: 0x4a55b8e9 Exception code: 0xc000001d Fault offset: 0x058d396b Faulting process
id: 0x2cf4 Faulting application start time: 0x01ca480bc2dad5a0 Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: np_gp.dll
Report
Id: 5d48ead9-b400-11de-94df-002421a39d02
Error - 8/10/2009 7:47:33 AM | Computer Name = Jason-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Firefox because of this error. Program: Firefox File: The error
value is listed in the Additional Data section. User Action 1. Open the file again.
This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0
Error - 8/10/2009 7:49:28 AM | Computer Name = Jason-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 8/10/2009 9:13:15 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 8/10/2009 9:14:04 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 8/10/2009 9:14:15 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/10/2009 1:09:30 PM | Computer Name = Jason-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 1.9.1.3523, time
stamp: 0x4a92de61 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc000041d Fault offset: 0x74844cad Faulting process id: 0x40c Faulting application
start time: 0x01ca4a84466f100f Faulting application path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Faulting module path: unknown Report Id: d66a3e2c-b688-11de-b0ff-002421a39d02
[ System Events ]
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 11/10/2009 8:43:30 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/10/2009 1:37:15 AM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/10/2009 1:38:25 AM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
< End of report >