Click.giftload keeps coming back, Google search results redirect

[felix_phillips]

Hi Blottedisk;

Well.

None of my browsers will work. Chrome will open but refuses to load any pages, including the New Tab page. IE opens, but immediatly becomes a white, frozen window. Firefox does not open at all. Pidgin, the IM client, also does not open.

The add/remove program application is unable to remove programs - it also just freezes.

Processes do not end on their own. Or at all, really. When I close a program, the process for it continues running in the Processes tab of the task manager. The task manager freezes when I tell it to stop one.

ZoneAlarm only sometimes appears in the task bar, and is stuck on a mouseover tooltip of something like "Security active, UI initializing..." or somesuch, and never gets past that. Can't doubleclick on it to bring up the window, can't right click on it, it never changes from the Z icon into the green and red bars.

Spywareblaster doesn't even pop up when it's icon is double-clicked on. Spybot S&D freezes a few minutes into a scan. About the only programs that run normally are avast! and notepad.

The computer also takes a long time to shut off. It's plagued with "unable to end program" windows.

My computer is basically unuseable. I'm writing this on a different computer.

I think the problem has to do with ZoneAlarm, but really I have no idea. Please help!

[Blottedisk]

Hi,


Please uninstall ZoneAlarm, and then download OTL from one of the following mirrors:

This is THE Mirror

--------------------------------------------------------------------

• Save it to your desktop
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click on Minimal Output at the top
• Download the following file scan.txt to your Desktop. Click here to download it.
• Double click inside the Custom Scan box at the bottom.
• A window will appear saying "Click OK to load a custom scan from a file or Cancel to cancel".
• Click the OK button and navigate to the file scan.txt which we just saved to your desktop.
• Select scan.txt and click Open. Writing will now appear under the Custom Scan box.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in this topic.
  • You may need two posts to fit them both in.

[felix_phillips]

Hi Blottedisk;

I can't uninstall ZoneAlarm. When I try to uninstall it from Add/Remove Programs, Add/Remove programs freezes up. Same thing if I try to uninstall any other program, it freezes the second I hit "Change/Remove." Also, using the ZoneAlarm Uninstaller in Start > All Programs does nothing. Cursor gets an hourglass next to it for a few seconds, and then nothing. If I look in the processes tab of the Task Manager, the uninstaller's process is still running. But I can't end it, or any other process - Task Manager freezes up.

[felix_phillips]

Finally managed to uninstall ZoneAlarm by starting my computer in safe mode. That's taken care of the immediate problems - everything works again. However, I assume this is some kind of conflict in programs - perhaps the AVG firewall remnant from that other scan? I don't know.

Here's the logs.


OTL logfile created on: 4/14/2011 8:47:53 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.65 Gb Total Space | 26.46 Gb Free Space | 38.00% Space Free | Partition Type: NTFS
Drive D: | 69.64 Gb Total Space | 12.17 Gb Free Space | 17.48% Space Free | Partition Type: NTFS
Drive E: | 4.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ACER-A3FE35D430 | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Ben\Local Settings\temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe ()
PRC - C:\WINDOWS\PLFSetI.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe (O2Micro International)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ben\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\TortoiseSVN\bin\TortoiseSVN.dll (http://tortoisesvn.net)
MOD - C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll (http://tortoisesvn.net)
MOD - C:\Program Files\TortoiseSVN\bin\libaprutil_tsvn.dll (Apache Software Foundation)
MOD - C:\Program Files\TortoiseSVN\bin\libapr_tsvn.dll (Apache Software Foundation)
MOD - C:\Program Files\TortoiseSVN\bin\intl3_tsvn.dll (Free Software Foundation)
MOD - C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4974_x-ww_d889290f\msvcr90.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4974_x-ww_d889290f\msvcp90.dll (Microsoft Corporation)
MOD - C:\Documents and Settings\Ben\Application Data\Dropbox\bin\DropboxExt.13.dll (Dropbox, Inc.)
MOD - C:\Documents and Settings\Ben\Application Data\Dropbox\bin\msvcp71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\dbghelp.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation)
MOD - C:\Documents and Settings\Ben\Application Data\Dropbox\bin\msvcr71.dll (Microsoft Corporation)
MOD - C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (TabletService) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)
SRV - (o2flash) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe (O2Micro International)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (O2SDRDR) -- C:\WINDOWS\system32\drivers\o2sd.sys (O2Micro )
DRV - (usbfilter) -- C:\WINDOWS\system32\drivers\usbfilter.sys (Advanced Micro Devices Inc.)
DRV - (O2MDRDR) -- C:\WINDOWS\system32\drivers\o2media.sys (O2Micro )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (ahcix86) -- C:\WINDOWS\system32\DRIVERS\ahcix86.sys (AMD Technologies Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (TpChoice) -- C:\WINDOWS\system32\drivers\TpChoice.sys (Alps Electric Co., Ltd.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (wacommousefilter) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\WINDOWS\system32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\AtiHdAud.sys (ATI Research Inc.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (RT25USBAP) -- C:\WINDOWS\system32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.100
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/25 18:01:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/05 18:21:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 18:23:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/10 10:43:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/11 02:46:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/04/10 10:43:56 | 000,000,000 | ---D | M]

[2010/09/10 15:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions
[2010/09/10 15:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/04/10 10:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c67mdut8.default\extensions
[2010/06/24 20:10:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c67mdut8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/18 00:28:18 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c67mdut8.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/07/15 21:59:17 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\c67mdut8.default\searchplugins\daemon-search.xml
[2011/04/10 12:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/10 18:04:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/01 14:54:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/02 12:06:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/10 12:01:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C67MDUT8.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
[2011/04/05 18:21:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/04/10 12:00:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/10 12:00:45 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/10 11:55:47 | 000,430,685 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14851 more lines...
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ben\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/ca...2.3.10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/...nAxControl.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ben\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/25 06:15:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

========== Files/Folders - Created Within 30 Days ==========

[2011/04/14 20:40:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ben\Recent
[2011/04/14 20:34:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/04/14 20:33:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/04/14 12:38:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2011/04/11 12:13:44 | 000,000,000 | ---D | C] -- C:\9444d5be8aa536320da0e78cbe
[2011/04/11 12:13:17 | 000,000,000 | ---D | C] -- C:\e56e8fa7595d6014b423b660b243
[2011/04/10 12:01:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/10 12:01:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/10 12:01:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/10 11:42:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBlaster
[2011/04/10 11:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2011/04/10 11:33:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/08 20:02:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Local Settings\Application Data\{3225C812-5FB8-41CE-B15F-997F80151000}
[2011/04/05 18:21:45 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/05 18:21:45 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/04/05 18:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/04/05 18:21:40 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/05 18:21:40 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/05 18:21:40 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/05 18:21:39 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/05 18:21:39 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/05 18:21:39 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/05 18:21:15 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/05 18:21:14 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/05 18:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/04/05 18:20:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/04/05 12:01:22 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/04/05 11:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/02 23:58:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/04/02 23:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/03/30 13:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/03/30 13:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2011/03/26 20:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ben\My Documents\Minecraft Mods
[2011/03/26 13:09:25 | 000,000,000 | ---D | C] -- C:\317bb37b7087d03d9fb4
[2011/03/26 13:08:53 | 000,000,000 | ---D | C] -- C:\c412b583335e06bfc5d36f7ea4
[2011/03/15 21:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2009/09/01 07:47:02 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2009/09/01 07:45:20 | 000,024,576 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2009/09/01 07:41:41 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/09/01 07:41:41 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009/09/01 07:06:36 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/14 20:50:25 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cb6f1636e2079c.job
[2011/04/14 20:34:03 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/04/14 20:32:53 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/14 20:32:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/14 20:32:08 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/04/14 20:31:23 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb6f16350793a6.job
[2011/04/14 20:30:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/14 20:30:42 | 1877,323,776 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/13 13:02:22 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011/04/12 11:06:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2011/04/10 12:00:45 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/10 12:00:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/10 12:00:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/10 12:00:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/04/10 12:00:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/04/10 11:55:47 | 000,430,685 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/10 11:42:39 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\SpywareBlaster.lnk
[2011/04/10 11:04:57 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/04/10 10:43:56 | 000,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/04/10 10:32:55 | 003,678,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/10 02:00:00 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ACER-A3FE35D430-Ben.job
[2011/04/10 01:01:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110410-115547.backup
[2011/04/09 23:29:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/09 19:39:20 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/04/09 11:08:48 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/04/09 00:05:16 | 000,000,480 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (Regular).job
[2011/04/09 00:05:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/05 18:21:45 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/04/05 18:21:40 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/04/05 12:01:30 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2011/04/02 14:37:15 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Team Fortress 2.url
[2011/04/02 14:16:18 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/30 21:31:35 | 000,001,897 | ---- | M] () -- C:\Documents and Settings\Ben\My Documents\Ben Whittaker.ascii
[2011/03/30 14:35:36 | 000,000,282 | ---- | M] () -- C:\Documents and Settings\Ben\My Documents\Run All Scans.bat
[2011/03/29 17:58:26 | 000,073,266 | ---- | M] () -- C:\Documents and Settings\Ben\My Documents\benwhittaker_proj02_peer_eval.pdf
[2011/03/26 14:51:56 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 19:53:32 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/03/22 23:37:05 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Ben\.recently-used.xbel
[2011/03/22 23:06:33 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/18 00:29:23 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pidgin.lnk
[2011/03/15 21:41:28 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/14 20:30:42 | 1877,323,776 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/10 11:42:39 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\SpywareBlaster.lnk
[2011/04/10 11:04:57 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/04/10 10:43:56 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/04/10 10:43:56 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/04/07 00:11:21 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/05 18:21:45 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/04/05 12:01:29 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2011/04/05 12:01:25 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/04/02 14:37:15 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Team Fortress 2.url
[2011/03/30 14:35:36 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\Ben\My Documents\Run All Scans.bat
[2011/03/29 17:58:26 | 000,073,266 | ---- | C] () -- C:\Documents and Settings\Ben\My Documents\benwhittaker_proj02_peer_eval.pdf
[2011/03/26 14:51:56 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/22 23:37:05 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Ben\.recently-used.xbel
[2011/03/21 13:26:38 | 000,000,480 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Scan (Regular).job
[2011/03/18 00:29:23 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Pidgin.lnk
[2011/03/18 00:29:23 | 000,000,658 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pidgin.lnk
[2011/03/15 21:41:28 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/02/26 11:51:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\FF3A.702
[2011/02/07 20:52:24 | 000,000,760 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2011/01/24 22:55:17 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/01/22 19:22:16 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/12/28 20:53:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/12/26 15:58:46 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010/12/26 15:23:13 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2010/12/19 16:06:06 | 000,006,851 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\.freeciv-client-rc-2.2
[2010/12/08 03:32:24 | 000,440,334 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1156776725-593954232-841774883-1012-0.dat
[2010/12/08 03:32:22 | 000,440,334 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/11/04 02:01:35 | 000,762,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/25 17:34:57 | 000,167,774 | ---- | C] () -- C:\WINDOWS\hpoins37.dat
[2010/10/25 17:34:56 | 000,000,632 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat
[2010/09/12 13:34:03 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2010/08/28 13:47:54 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/28 18:52:53 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/18 11:12:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/05 20:51:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/18 17:50:45 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Ben\Local Settings\Application Data\fusioncache.dat
[2009/12/20 19:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/09/03 20:35:04 | 000,038,868 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2009/09/03 20:35:04 | 000,029,359 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2009/09/01 18:18:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/01 10:34:58 | 000,000,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/09/01 07:43:03 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/09/01 07:43:03 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/09/01 07:43:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/09/01 07:41:42 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/09/01 07:41:42 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009/09/01 07:41:41 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\snp2uvc.sys
[2009/09/01 07:41:41 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\sncduvc.sys
[2009/09/01 07:41:41 | 000,000,169 | ---- | C] () -- C:\WINDOWS\System32\PidList.ini
[2009/09/01 07:41:28 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2009/09/01 07:41:28 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2009/09/01 07:41:28 | 000,000,169 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2009/09/01 07:09:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/09/01 07:05:31 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/09/01 07:05:31 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/09/01 07:05:31 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/09/01 07:05:30 | 000,168,883 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/09/01 07:04:35 | 000,000,039 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2008/08/26 14:48:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/26 14:47:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/26 14:24:26 | 000,551,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/08/26 14:24:26 | 000,106,966 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/08/26 14:20:06 | 003,678,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/26 12:19:38 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/08/26 12:19:38 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/08/26 12:18:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/08/26 12:18:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/06/25 06:14:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/25 06:12:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/13 22:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/13 22:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/13 22:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/13 22:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/13 22:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/13 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/13 22:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/13 22:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/13 22:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/10 15:18:16 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/14 14:04:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\XMLaunch.exe
[2004/02/26 00:18:04 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/11/24 16:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003/11/24 16:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2002/09/13 07:41:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/13 07:41:26 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/06/06 02:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

[felix_phillips]

And the other logs.


OTL Extras logfile created on: 4/14/2011 8:47:53 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.65 Gb Total Space | 26.46 Gb Free Space | 38.00% Space Free | Partition Type: NTFS
Drive D: | 69.64 Gb Total Space | 12.17 Gb Free Space | 17.48% Space Free | Partition Type: NTFS
Drive E: | 4.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ACER-A3FE35D430 | User Name: Ben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57738:TCP" = 57738:TCP:*:Enabled:Pando Media Booster
"57738:UDP" = 57738:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57738:TCP" = 57738:TCP:*:Enabled:Pando Media Booster
"57738:UDP" = 57738:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Ben\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Pidgin\pidgin.exe" = C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin -- (The Pidgin developer community)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Program Files\Steam\steamapps\common\mass effect\Binaries\MassEffect.exe" = D:\Program Files\Steam\steamapps\common\mass effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect -- (BioWare)
"D:\Program Files\Steam\steamapps\common\mass effect\docs\EA Help\Electronic_Arts_Technical_Support.htm" = D:\Program Files\Steam\steamapps\common\mass effect\docs\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Mass Effect -- ()
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\WiFiConnector\NintendoWFCReg.exe" = C:\Program Files\WiFiConnector\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector -- ()
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Turbine\DDO Unlimited\dndclient.exe" = C:\Program Files\Turbine\DDO Unlimited\dndclient.exe:*:Enabled:dndclient -- (Turbine, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"D:\Program Files\Steam\steamapps\common\titan quest\Titan Quest.exe" = D:\Program Files\Steam\steamapps\common\titan quest\Titan Quest.exe:*:Enabled:Titan Quest -- ()
"D:\Program Files\Steam\steamapps\common\titan quest\help.htm" = D:\Program Files\Steam\steamapps\common\titan quest\help.htm:*:Enabled:Titan Quest -- ()
"D:\Program Files\Steam\steamapps\common\titan quest immortal throne\Tqit.exe" = D:\Program Files\Steam\steamapps\common\titan quest immortal throne\Tqit.exe:*:Enabled:Titan Quest: Immortal Throne -- ()
"D:\Program Files\Steam\steamapps\common\titan quest immortal throne\help.htm" = D:\Program Files\Steam\steamapps\common\titan quest immortal throne\help.htm:*:Enabled:Titan Quest: Immortal Throne -- ()
"D:\Program Files\Steam\steamapps\common\osmos\osmos.exe" = D:\Program Files\Steam\steamapps\common\osmos\osmos.exe:*:Enabled:Osmos -- (Hemisphere Games, Inc.)
"D:\Program Files\Steam\steamapps\common\overlord\Config.exe" = D:\Program Files\Steam\steamapps\common\overlord\Config.exe:*:Enabled:Overlord -- ()
"D:\Program Files\Steam\steamapps\common\overlord\Overlord.exe" = D:\Program Files\Steam\steamapps\common\overlord\Overlord.exe:*:Enabled:Overlord: Raising Hell -- (Triumph Studios)
"D:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe" = D:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C3651D8-22A4-E868-62FD-50A416853E2A}" = CCC Help Chinese Standard
"{0C6F7EA4-D42E-4281-90E1-369D44FC761A}" = TortoiseSVN 1.6.8.19260 (32 bit)
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D9FEB48-2CAC-F487-5AB6-C2E7F83C8F60}" = CCC Help Chinese Traditional
"{0ED4D7CF-DB92-0D72-3DD3-846A8B57013D}" = Catalyst Control Center Localization Hungarian
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FDC2255-9294-4303-B05B-B4C6E89C2BB5}" = CCC Help Japanese
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{137847CE-F4FC-7EF7-42B0-13A846C3B647}" = Catalyst Control Center Localization Finnish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18E0918E-1060-48f3-925C-56C82E88551B}" = HP PSC & OfficeJet 3.5
"{18E410C2-9A08-0D5A-A8AC-B7E29780C93B}" = CCC Help Finnish
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AAEF53D-30FA-1667-EEE1-68B9180F12C6}" = Catalyst Control Center Core Implementation
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{2015DEE7-7F87-CCD5-BEB6-5D543EBEC9AE}" = Catalyst Control Center Localization Portuguese
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20c31435-2a0a-4580-be8b-ac06fc243ca4}" = Python 2.7
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22988B2A-374A-4A7B-B795-A1AFF2046BE9}" = PhotoGallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E12B40-C565-5957-1CC1-E7BEBC1B77B7}" = CCC Help Portuguese
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BA2F736-7663-4C76-9425-40890A46F995}" = Catalyst Control Center - Branding
"{2DE88B87-AF8D-A391-9222-554181BEA2B9}" = Catalyst Control Center Graphics Full New
"{2E0FED74-0E65-2C6D-B834-E0EFD4BD5EDE}" = CCC Help Italian
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java(TM) SE Development Kit 6 Update 21
"{3489FFCA-2355-5F31-F729-0CFF20950027}" = ccc-core-preinstall
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C0F0A1B-F2EC-AD3C-52AF-4DA06B09D83B}" = CCC Help Thai
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3D195D09-5791-1AE0-A1D4-6835F3F2545A}" = Catalyst Control Center Localization Chinese Standard
"{3D3CA279-884F-8CD6-1ACA-EBAB94AB9F3F}" = Catalyst Control Center Localization Polish
"{3F23A07B-123C-9F57-609D-8D153916F49A}" = Catalyst Control Center Localization Thai
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{43CD2B7E-3697-D04D-0C42-9CF69B7897A2}" = Catalyst Control Center Localization Korean
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44033775-1CE2-883D-9FF0-D3645A7C3368}" = Catalyst Control Center Localization Japanese
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C25360-AEBC-4B21-B233-87CE653B3369}" = AIOMinimal
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{55DCBED7-5710-4939-A928-4CBD9AB09EBB}" = 1310_Help
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5786D2C8-A4C4-4DDB-B671-8ED2A53310EC}" = 1310Tour
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{61B9BC1E-F0E6-4A4F-98CB-A0D2EB2D7731}" = O2Micro Flash Memory Card Reader Driver (x86)
"{627BF8BE-E723-4FA2-DFD5-2BF2CA7000EB}" = CCC Help French
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{643162B0-CFA4-9618-79A3-8FB0D58955C0}" = CCC Help Greek
"{645424AF-2ABB-3ED3-DC56-DEC371740F98}" = Catalyst Control Center Localization Dutch
"{6455DD26-368B-9B09-BDDD-1F27C59E40F2}" = CCC Help Norwegian
"{65F075C5-E1A4-B376-3E7C-BE724FE76052}" = CCC Help English
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6864A62D-3EF3-415F-9922-240EED34B4C0}" = Fax
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68B5A52F-CE99-0057-191F-66463728B2C9}" = Catalyst Control Center Localization Danish
"{6950EB38-C368-7BA4-A2FA-650A0834363B}" = CCC Help Czech
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D03AB23-1E1B-9BF0-4C91-98E2CFB5010A}" = CCC Help German
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{756CC70B-F63A-BDC2-46C9-D4E6BA1E4CDF}" = Catalyst Control Center Localization Italian
"{75DFA344-E460-37FA-A479-8704FBD11532}" = CCC Help Swedish
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{812E3EDD-A282-1E4A-2E93-4E30EEDC1064}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{892DAC32-2E42-825A-F347-F48B4ADA77F8}" = CCC Help Spanish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8AE0C0CC-A09D-9415-7311-9C9C5553B1D6}" = Catalyst Control Center Localization Czech
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99D48FBB-2DEF-49A9-BCC9-C5AF63DD2643}" = AiOSoftware
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9EB786BC-34AE-B8C2-BAD3-59E48A66CC72}" = CCC Help Korean
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.9.2
"{A7E8536F-5F70-FD7C-1DD7-C19242C1007E}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11}" = AiO_Scan
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7B74DFC-9255-7E51-3F4C-34CB0006FA23}" = Catalyst Control Center Localization Spanish
"{B7BAB0E7-47F7-6DD7-7AAE-89103D08D445}" = Catalyst Control Center Localization Russian
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B7E48B3F-E36A-4DFC-838C-89B2FC8874BA}" = Catalyst Control Center Localization Norwegian
"{B8040D64-3140-FAB7-4D3A-EE341ED906AF}" = Catalyst Control Center Localization French
"{B89F8614-157A-F2C7-F59A-41D56BAD91C4}" = CCC Help Hungarian
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C3F9FFFB-D994-BC9E-713A-B472821A85AA}" = CCC Help Danish
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C625B0D0-F630-AA2D-4D3F-D25E157D974D}" = CCC Help Turkish
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{C8E95BF5-C07F-4D98-BB42-F58FC98BC03E}" = Google Apps
"{CA796D95-C706-4BB9-BDDE-FF228D13D28A}" = Livestream Procaster
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CD946097-A4AD-4BA4-C181-B500F38C9340}" = Catalyst Control Center Localization German
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0CB445F-3003-5706-6231-05AF99422F09}" = Catalyst Control Center Graphics Light
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D5CB2D47-80CE-22D8-CCAF-BEB68769B017}" = Catalyst Control Center Localization Greek
"{D7F6DCFD-DA39-D1E8-C12D-94B0BAA8C4F5}" = Catalyst Control Center Graphics Full Existing
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD70931C-B0ED-5519-951E-6819D1850389}" = ccc-utility
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECCA8AE-D9EC-00C0-0A78-9F95FF2AAC1B}" = CCC Help Dutch
"{DF6382FE-F95D-CED9-28DB-29C110CC5790}" = Catalyst Control Center Localization Swedish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E443F067-3345-482C-BD7A-12675A53D292}" = Readme
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E702CB52-4691-5EAF-E242-D5123FFEBB19}" = Catalyst Control Center Localization Turkish
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C5CF53-FE88-B20E-CE8C-2B5CAA3ECFD0}" = ATI Catalyst Install Manager
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0F9FE06-4E18-0822-AA2A-93054C6DDA6C}" = ccc-core-static
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{f719d8a6-46fc-4d71-94c6-ffd17a8c9f35}" = Python 3.1.3
"{F730A60D-F6DA-4653-9C6E-548F7A3A5EE0}" = 1310Trb
"{F99808D3-76CF-388A-2F53-24DA6735FE5A}" = Catalyst Control Center Localization Chinese Traditional
"{F9B0968A-810E-484C-B81D-7F19DC2CBBF5}" = 1310
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.12.00.803
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"681AC783AEB04C5FAFCADE7871FE96B87C602BAF" = Windows Driver Package - Advanced Micro Devices Inc. AMD USB Filter Driver (05/27/2008 1.0.7.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"Download Manager" = Download Manager 2.3.10
"ERUNT_is1" = ERUNT 1.1j
"Foxit Reader" = Foxit Reader
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photo & Imaging" = HP Image Zone 3.5
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.7.0 (Basic)
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"Pidgin" = Pidgin
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"QuickTime" = QuickTime
"Shop for HP Supplies" = Shop for HP Supplies
"SpywareBlaster_is1" = SpywareBlaster 4.4
"ST6UNST #1" = ADRIFT
"Steam App 11450" = Overlord
"Steam App 12710" = Overlord: Raising Hell
"Steam App 17460" = Mass Effect
"Steam App 29180" = Osmos
"Steam App 400" = Portal
"Steam App 40800" = Super Meat Boy
"Steam App 440" = Team Fortress 2
"Steam App 4540" = Titan Quest
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 500" = Left 4 Dead
"Tablet Driver" = Tablet
"UnityWebPlayer" = Unity Web Player (All users)
"uTorrent" = µTorrent
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"UnityWebPlayer" = Unity Web Player
"Yume Nikki 0.10 English" = Yume Nikki 0.10 English

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/14/2011 2:38:21 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 4/14/2011 2:38:21 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2. OS error: 5(Access is
denied.).

Error - 4/14/2011 2:42:38 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 4/14/2011 2:42:38 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\master.mdf for file number 1. OS error: 5(Access is
denied.).

Error - 4/14/2011 2:42:38 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 4/14/2011 2:42:38 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2. OS error: 5(Access is
denied.).

Error - 4/14/2011 10:31:44 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 4/14/2011 10:31:44 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\master.mdf for file number 1. OS error: 5(Access is
denied.).

Error - 4/14/2011 10:31:44 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17207
Description = FCB::Open: Operating system error 5(Access is denied.) occurred while
creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\mastlog.ldf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 4/14/2011 10:31:44 PM | Computer Name = ACER-A3FE35D430 | Source = MSSQL$MSSMLBIZ | ID = 17204
Description = FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\mastlog.ldf for file number 2. OS error: 5(Access is
denied.).

[ System Events ]
Error - 4/14/2011 10:27:15 PM | Computer Name = ACER-A3FE35D430 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 4/14/2011 10:27:31 PM | Computer Name = ACER-A3FE35D430 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the NetBios over Tcpip service
which failed to start because of the following error: %%31

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the TCP/IP Protocol Driver service
which failed to start because of the following error: %%31

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the AFD service which
failed to start because of the following error: %%31

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7001
Description = The TrueVector Internet Monitor service depends on the vsdatant service
which failed to start because of the following error: %%31

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31

Error - 4/14/2011 10:27:52 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Aavmker4 AFD AmdPPM aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
vsdatant

Error - 4/14/2011 10:29:41 PM | Computer Name = ACER-A3FE35D430 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 4/14/2011 10:32:06 PM | Computer Name = ACER-A3FE35D430 | Source = Service Control Manager | ID = 7024
Description = The SQL Server (MSSMLBIZ) service terminated with service-specific
error 3417 (0xD59).


< End of report >

[Blottedisk]

Your log looks good. Apparently it was just a conflict between ZA and a program in your machine. Please run OTL.exe

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :Services
  
  
  :OTL
  [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  
  :Commands
  [purity]
  [EmptyFlash]
  [emptytemp]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot when it is done.
• It will produce a log for you on reboot, please post that log in your next reply.

[felix_phillips]

Great!

And here are the new logs:


All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator

User: All Users

User: Ben
->Flash cache emptied: 4705 bytes

User: Default User
->Flash cache emptied: 41620 bytes

User: LocalService

User: NetworkService
->Flash cache emptied: 2394 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Ben
->Temp folder emptied: 1023959 bytes
->Temporary Internet Files folder emptied: 5608612 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50629268 bytes
->Google Chrome cache emptied: 189049144 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 6552 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 82486 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 21203110 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 255.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04152011_140437

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_4dc.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_888.dat moved successfully.

Registry entries deleted on Reboot...

[Blottedisk]

Regarding the AVG firewall, maybe you could try the AVG removal tool to completely uninstall it:


AVG Remover


Please do the following:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.
• Now, from the desktop, delete any logs that you have left over.

Everything fine?

[felix_phillips]

Ran the AVG remover and cleaned up OTL. Everything seems to be working fine. Shall I install a different firewall now, then?

[Blottedisk]

Yes, you should install a different firewall; choose any of the other 3 I recommended you.