Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus Suspicion?

Started by Triskelion , Dec 07 2009 04:57 PM

  • Please log in to reply

#1
Triskelion
Posted 07 December 2009 - 04:57 PM

Triskelion

    Member

  • Member
  • PipPipPip
  • 663 posts
I let a co-worker of mine use my laptop last week and now it seems like things aren't right? Computer lags and there are glitches everywhere. Something just doesn't feel right and I was hoping someone could take a look for me?
I have included my logs below..

OTL

OTL logfile created on: 07/12/2009 3:43:21 PM - Run 1
OTL by OldTimer - Version 3.1.11.9 Folder = C:\GTG Tools
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.04% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 29.36 Gb Free Space | 26.32% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 57.02 Gb Free Space | 51.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3.69 Gb Total Space | 3.27 Gb Free Space | 88.74% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BUTLER-PC
Current User Name: Butler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/12/07 15:42:23 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\GTG Tools\OTL.exe
PRC - [2009/11/20 19:01:18 | 00,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009/11/12 17:06:04 | 00,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/09/17 22:18:38 | 02,887,880 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2009/09/17 22:18:36 | 06,503,624 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2009/09/17 22:18:36 | 03,184,328 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2009/09/17 22:18:36 | 01,244,360 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/10 23:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/10 23:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/01/20 19:23:48 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/20 19:23:09 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/20 19:21:41 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2007/12/20 10:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/12/19 17:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/10/01 15:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/09/20 12:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/01/01 14:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Users\Butler\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (SafeList) ==========

MOD - [2009/12/07 15:42:23 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\GTG Tools\OTL.exe
MOD - [2009/11/23 10:38:10 | 00,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/09/17 22:18:36 | 00,860,360 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2009/04/10 23:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:22:55 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008/01/20 19:22:14 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2008/01/20 19:21:55 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (SessionLauncher)
SRV - File not found -- -- (F-Secure BlackLight Sensor)
SRV - [2009/11/12 17:06:04 | 00,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/03 12:37:41 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 18:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/17 22:18:36 | 03,184,328 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/09/17 22:18:36 | 01,244,360 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/07/21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/10 23:28:25 | 00,375,808 | ---- | M] (Microsoft Corporation) -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/20 12:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/19 18:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/07/18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/20 06:03:48 | 02,376,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/03/09 22:59:02 | 00,655,360 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2008/03/06 16:19:44 | 00,313,840 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2008/03/06 16:19:44 | 00,170,480 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2008/03/06 16:19:40 | 01,108,464 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2008/01/20 19:21:41 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/03 00:55:52 | 00,506,416 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/12/20 10:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/12/19 17:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/11/27 17:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/01 15:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/09/20 12:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/09/10 14:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/08/24 14:53:16 | 00,362,992 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 14:53:14 | 00,072,176 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 14:52:48 | 00,309,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 14:52:46 | 00,166,384 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 14:52:38 | 01,083,888 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2007/02/10 04:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/01/11 03:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2006/11/28 17:44:58 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2006/11/02 05:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 02:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irmon.dll -- (Irmon)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {7de9f521-7349-4585-b66a-b6d2e23e9284} - C:\Program Files\Ultimate_farmville\tbUlti.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {7de9f521-7349-4585-b66a-b6d2e23e9284} - C:\Program Files\Ultimate_farmville\tbUlti.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: cfxHelper@Triton:0.9.9.5
FF - prefs.js..extensions.enabledItems: {34dea790-6450-11db-bd13-0800200c9a66}:2.0.3
FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.8.2Lite
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {bbfec13c-8cb2-53f2-b852-999eb2a852c9}:0.1.4
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.1
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.7.3
FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501
FF - prefs.js..extensions.enabledItems: {39952c40-5197-11da-8cd6-0800200c9a66}:0.5.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {792BDDFE-2E7C-42ed-B18D-18154D2761BD}:0.9.6
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.3
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6
FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.2.5


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/12/03 09:56:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/07 11:04:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/07 11:04:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/11/19 11:33:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/11/23 12:09:43 | 00,000,000 | ---D | M]

[2009/04/15 10:09:47 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Extensions
[2009/04/15 10:09:47 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/12/07 11:31:36 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions
[2009/11/23 10:16:43 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2009/11/17 10:22:25 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2009/12/05 14:54:50 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2009/11/22 13:43:58 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
[2009/01/13 16:02:38 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{34dea790-6450-11db-bd13-0800200c9a66}
[2009/11/22 00:17:15 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{39952c40-5197-11da-8cd6-0800200c9a66}
[2009/02/16 17:30:53 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2009/05/12 09:12:40 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/30 08:39:12 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2009/12/06 10:31:12 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/10/07 11:10:25 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}
[2009/12/05 14:50:49 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{bbfec13c-8cb2-53f2-b852-999eb2a852c9}
[2009/10/10 20:06:36 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}
[2009/12/07 11:31:30 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2009/10/16 11:24:28 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009/07/02 09:07:59 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2009/11/23 10:11:40 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\cfxe@Triton
[2009/11/23 10:11:51 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\cfxHelper@Triton
[2009/11/09 00:13:01 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Firefox\Profiles\dtv3cfs3.default\extensions\FasterFox_Lite@BigRedBrent
[2008/08/11 16:10:20 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Mozilla\Sunbird\Profiles\9tli4rjh.default\extensions
[2009/12/07 11:04:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/03 17:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2009/09/23 04:23:24 | 01,916,928 | ---- | M] (Total Immersion) -- C:\Program Files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll
[2009/08/03 15:07:42 | 00,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: (2 bytes) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Ultimate farmville Toolbar) - {7de9f521-7349-4585-b66a-b6d2e23e9284} - C:\Program Files\Ultimate_farmville\tbUlti.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ultimate farmville Toolbar) - {7de9f521-7349-4585-b66a-b6d2e23e9284} - C:\Program Files\Ultimate_farmville\tbUlti.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Ultimate farmville Toolbar) - {7DE9F521-7349-4585-B66A-B6D2E23E9284} - C:\Program Files\Ultimate_farmville\tbUlti.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\OAui.exe (Tall Emu)
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [Afaria Client File Differencing] C:\Nodesys\Afaria\Bin\XCDiffCache.exe (iAnywhere Solutions, Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [DSF-DFS Updates Installation] C:\Nodesys\Maj\ExemajLauncher.exe (DSF)
O4 - HKCU..\Run: [EPSON Stylus Photo RX680 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Google Update] C:\Users\Butler\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\Butler\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKCU..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://www.avdlext.com/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30047a16-6615-11dd-a3d9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{30047a16-6615-11dd-a3d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/20 19:32:53 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2009/12/06 23:23:07 | 00,000,000 | ---D | C] -- C:\Users\Butler\AppData\Local\Adobe
[2009/12/06 23:22:43 | 00,000,000 | ---D | C] -- C:\Users\Butler\AppData\Local\Apple Computer
[2009/12/05 15:57:29 | 00,000,000 | ---D | C] -- C:\Users\Butler\Desktop\Cannery
[2009/12/05 15:47:54 | 00,000,000 | ---D | C] -- C:\GTG Tools
[2009/12/01 22:18:49 | 00,000,000 | ---D | C] -- C:\Users\Butler\AppData\Roaming\Research In Motion
[2009/12/01 21:59:49 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/11/29 21:36:38 | 00,000,000 | ---D | C] -- C:\Users\Butler\Desktop\SNL Celebrity Jeopardy
[2008/08/11 09:32:40 | 00,018,944 | ---- | C] ( ) -- C:\Windows\System32\Implode.dll
[2008/08/09 10:04:40 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/08/09 10:04:40 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

========== Files - Modified Within 14 Days ==========

[2009/12/07 15:44:18 | 03,932,160 | -HS- | M] () -- C:\Users\Butler\NTUSER.DAT
[2009/12/07 15:40:02 | 00,000,000 | ---- | M] () -- C:\Windows\System32\settings.dat
[2009/12/07 15:35:35 | 00,751,512 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/07 15:35:35 | 00,641,922 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/07 15:35:35 | 00,123,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/07 15:00:00 | 00,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3626016547-810892904-695224358-1003UA.job
[2009/12/07 14:50:53 | 00,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/07 14:50:53 | 00,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/07 12:27:25 | 00,100,352 | ---- | M] () -- C:\Users\Butler\Desktop\Football 2009-2010.xls
[2009/12/07 10:54:27 | 00,002,633 | ---- | M] () -- C:\Users\Butler\Desktop\Microsoft Office Outlook 2007.lnk
[2009/12/07 10:51:00 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/07 10:50:51 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/07 10:50:47 | 29,508,07552 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/07 10:48:50 | 00,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3626016547-810892904-695224358-1003Core.job
[2009/12/07 10:48:44 | 02,204,919 | -H-- | M] () -- C:\Users\Butler\AppData\Local\IconCache.db
[2009/12/07 01:03:42 | 00,696,832 | ---- | M] () -- C:\Windows\is-164CP.exe
[2009/12/07 01:03:42 | 00,010,498 | ---- | M] () -- C:\Windows\is-164CP.msg
[2009/12/07 01:03:42 | 00,000,333 | ---- | M] () -- C:\Windows\is-164CP.lst
[2009/12/06 23:19:28 | 28,383,0583 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/12/06 21:08:17 | 00,524,288 | -HS- | M] () -- C:\Users\Butler\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
[2009/12/06 21:08:17 | 00,065,536 | -HS- | M] () -- C:\Users\Butler\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/03 13:47:14 | 00,073,891 | ---- | M] () -- C:\Users\Butler\Desktop\Rider Pride Job.jpg
[2009/12/01 22:00:20 | 00,001,873 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2009/12/01 18:45:27 | 05,089,280 | ---- | M] () -- C:\Users\Butler\Desktop\AwesomeAirPhotos.pps
[2009/11/30 21:50:35 | 00,099,840 | ---- | M] () -- C:\Users\Butler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/30 17:12:41 | 00,000,480 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2009/11/27 15:32:42 | 00,000,680 | ---- | M] () -- C:\Users\Butler\AppData\Local\d3d9caps.dat
[2009/11/24 10:16:59 | 00,000,718 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

========== Files Created - No Company Name ==========

[2009/12/07 15:40:02 | 00,000,000 | ---- | C] () -- C:\Windows\System32\settings.dat
[2009/12/07 01:03:42 | 00,696,832 | ---- | C] () -- C:\Windows\is-164CP.exe
[2009/12/07 01:03:42 | 00,010,498 | ---- | C] () -- C:\Windows\is-164CP.msg
[2009/12/07 01:03:42 | 00,000,333 | ---- | C] () -- C:\Windows\is-164CP.lst
[2009/12/03 13:47:13 | 00,073,891 | ---- | C] () -- C:\Users\Butler\Desktop\Rider Pride Job.jpg
[2009/12/01 22:00:20 | 00,001,873 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2009/12/01 18:45:27 | 05,089,280 | ---- | C] () -- C:\Users\Butler\Desktop\AwesomeAirPhotos.pps
[2009/10/22 09:17:35 | 00,001,716 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/09/30 14:37:04 | 00,748,160 | ---- | C] () -- C:\Windows\System32\Co2c40en.dll
[2009/09/17 22:37:59 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/11 08:56:33 | 00,000,000 | ---- | C] () -- C:\Windows\iireport49.INI
[2009/08/11 08:56:33 | 00,000,000 | ---- | C] () -- C:\Windows\iireport45.INI
[2009/04/12 15:00:35 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/04/03 12:16:25 | 00,000,000 | ---- | C] () -- C:\Windows\IIREPO~4.INI
[2009/04/03 12:15:58 | 00,001,453 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2009/02/05 14:30:11 | 00,000,094 | ---- | C] () -- C:\Users\Butler\AppData\Local\fusioncache.dat
[2009/01/19 13:33:44 | 00,099,840 | ---- | C] () -- C:\Users\Butler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 13:26:33 | 00,000,680 | ---- | C] () -- C:\Users\Butler\AppData\Local\d3d9caps.dat
[2009/01/13 16:29:47 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/13 16:29:35 | 00,000,131 | ---- | C] () -- C:\Windows\PidList.ini
[2009/01/13 16:29:34 | 01,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/01/13 16:29:34 | 00,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009/01/13 16:29:32 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/12/27 15:21:09 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/12/27 15:21:08 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008/10/25 10:20:06 | 00,000,084 | ---- | C] () -- C:\Windows\EPSPRX680.ini
[2008/09/19 14:57:34 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/09/19 14:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/09/19 14:55:10 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/09/19 14:54:18 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/09/17 11:39:27 | 00,000,023 | ---- | C] () -- C:\Windows\Transwin.ini
[2008/08/18 11:41:55 | 00,000,008 | ---- | C] () -- C:\Windows\System32\PROTOCOL.INI
[2008/08/18 11:35:23 | 00,000,029 | ---- | C] () -- C:\Windows\MLI.INI
[2008/08/17 23:50:18 | 00,086,016 | ---- | C] () -- C:\Users\Butler\AppData\Roaming\ewsPlugin.dll
[2008/08/17 23:50:18 | 00,081,920 | ---- | C] () -- C:\Users\Butler\AppData\Roaming\eselleratePlugin.dll
[2008/08/17 23:50:17 | 00,030,720 | ---- | C] () -- C:\Users\Butler\AppData\Roaming\RBInternetEncodings600.0ll
[2008/08/11 09:52:28 | 00,626,688 | ---- | C] () -- C:\Windows\System32\MFCDIB.dll
[2008/08/11 09:52:28 | 00,094,208 | ---- | C] () -- C:\Windows\System32\MFCExt.dll
[2008/08/11 09:52:27 | 00,045,056 | ---- | C] () -- C:\Windows\System32\PDDIB.dll
[2008/08/11 09:48:05 | 00,003,168 | ---- | C] () -- C:\Windows\slac.ini
[2008/08/11 09:37:59 | 00,000,000 | ---- | C] () -- C:\Windows\iireport46.INI
[2008/08/11 09:33:20 | 00,000,000 | ---- | C] () -- C:\Windows\IIREPO~2.INI
[2008/08/11 09:33:08 | 00,149,504 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2008/08/11 09:32:39 | 00,022,776 | ---- | C] () -- C:\Windows\System32\FDPTOOLS.DLL
[2008/08/11 09:32:30 | 00,000,091 | ---- | C] () -- C:\Windows\fdpxld.ini
[2008/08/11 09:31:24 | 00,000,026 | ---- | C] () -- C:\Windows\efgtemp.ini
[2008/08/11 09:14:49 | 00,001,236 | ---- | C] () -- C:\Windows\Wininit.ini
[2008/08/09 10:13:51 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/08/09 10:12:51 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/08/09 10:05:27 | 00,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/08/09 10:04:41 | 01,769,984 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2008/08/09 10:04:40 | 00,028,160 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2008/08/09 10:04:40 | 00,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2008/03/29 23:41:02 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/29 20:28:06 | 00,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008/03/29 20:28:06 | 00,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008/03/29 20:28:05 | 00,000,040 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2008/03/29 19:51:04 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/01/20 19:23:41 | 00,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007/09/05 10:46:24 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/01/30 18:31:46 | 00,002,346 | ---- | C] () -- C:\Windows\EaseAudioConverter.ini
[2006/11/02 05:34:20 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/04/14 09:37:26 | 00,000,031 | ---- | C] () -- C:\Windows\aceg.ini
[2004/10/19 15:40:44 | 00,000,000 | ---- | C] () -- C:\Windows\UL.ini
[2004/10/19 13:30:18 | 00,000,160 | ---- | C] () -- C:\Windows\Maritimelife.ini
[2004/06/17 23:20:38 | 00,517,120 | ---- | C] () -- C:\Windows\System32\olexlsf.dll
[2004/01/30 14:07:46 | 00,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll
[2002/02/27 08:41:28 | 00,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2002/02/27 08:41:26 | 00,139,264 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2002/02/27 08:41:26 | 00,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2001/12/26 15:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/10/19 09:27:55 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\7Wonders
[2009/01/13 16:02:23 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Acer
[2009/11/17 13:47:12 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Auslogics
[2009/08/26 02:08:59 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Azureus
[2009/10/16 12:58:56 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Canon
[2009/09/30 21:25:56 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\DNA
[2009/04/14 21:21:10 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\EPSON
[2009/01/13 16:02:24 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\F-Secure
[2009/10/15 13:51:40 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Free Audio Editor
[2009/01/13 16:02:25 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\HotSync
[2009/10/22 10:46:59 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Image Zone Express
[2009/01/13 16:02:25 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Leadertech
[2009/08/12 13:04:45 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\LimeWire
[2009/09/29 14:16:57 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\OnlineArmor
[2009/11/08 17:00:14 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\OpenOffice.org
[2009/08/07 23:08:42 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Opera
[2009/10/22 10:42:14 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Printer Info Cache
[2009/01/13 16:02:39 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\RBC Illustrations
[2009/12/01 22:18:49 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Research In Motion
[2009/01/13 16:02:39 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Thunderbird
[2009/10/21 14:54:59 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\Total Immersion
[2009/09/30 21:30:50 | 00,000,000 | ---D | M] -- C:\Users\Butler\AppData\Roaming\WinPatrol
[2009/12/06 01:57:02 | 00,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/20 19:21:09 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 19:21:09 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 19:21:09 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 19:21:09 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 19:21:09 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 02:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 19:21:09 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 19:21:09 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 02:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 02:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/20 19:23:23 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\$INPLACE.~TR\Machine\DATA\Windows\System32\drivers\iaStorV.sys
[2008/01/20 19:21:31 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 19:21:31 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 19:21:31 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 19:22:13 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 19:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 19:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 19:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 19:22:59 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Butler\Documents\MLINTRA.DAT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Butler\Documents\AIWVTRA.DAT:Roxio EMC Stream
@Alternate Data Stream - 24 bytes -> C:\Windows:69D6E838C162D06E
< End of report >

Extras

OTL Extras logfile created on: 07/12/2009 3:43:21 PM - Run 1
OTL by OldTimer - Version 3.1.11.9 Folder = C:\GTG Tools
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 81.04% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 29.36 Gb Free Space | 26.32% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 57.02 Gb Free Space | 51.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3.69 Gb Total Space | 3.27 Gb Free Space | 88.74% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BUTLER-PC
Current User Name: Butler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"D:\BitTorrent\bittorrent.exe" = D:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13D1532D-B96A-4300-8754-F63EACCE6EAC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2E58F241-0E34-47ED-B75F-81E220BD0721}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4557A3C1-F148-499D-BA2B-758D2E24A63B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{593228F9-B2EF-442B-9A5B-3F4768257177}" = rport=139 | protocol=6 | dir=out | app=system |
"{718A3505-3EE0-4EDF-8B74-C39000428BEB}" = rport=137 | protocol=17 | dir=out | app=system |
"{7748A3A2-DE8D-43B2-A2A9-66205A138A07}" = lport=139 | protocol=6 | dir=in | app=system |
"{7A6B5208-83D7-446A-A777-38C7B5CB6ECD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7CF83F73-5112-4317-8B1B-0FC38BA6AA69}" = rport=445 | protocol=6 | dir=out | app=system |
"{DD3C7AD5-067A-4E6F-A1F4-9C2D55AF8A70}" = rport=138 | protocol=17 | dir=out | app=system |
"{EB7D4252-F841-4A9F-A720-C5DA1E6F23CE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F32E418A-03AF-462C-8C4F-AA991684C78D}" = lport=137 | protocol=17 | dir=in | app=system |
"{F87A5FDB-955D-46AF-85B1-EF89E85F8158}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FF107C39-827C-4C64-A7B2-9BFCD5E08198}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19461ADF-2F9A-4783-94AF-477EC704C239}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2A281C37-1873-4655-A068-D38F24128FBE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CCF48B5-47F4-437D-B6F9-F3AAE41D9983}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{33341640-858E-48F4-B251-BF34007B9075}" = protocol=58 | dir=out | [email protected],-28546 |
"{51E9CE1C-FA84-43E9-8B2C-0196D4D1BF8F}" = protocol=1 | dir=in | [email protected],-28543 |
"{544910F8-A28B-4CAC-8966-F2F6971A146F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{569CB108-441E-4C16-9F97-C827CD391DE4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5D5D1CA8-942B-451E-944A-BE85B8D9C357}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{6C5E0895-D773-4847-9349-2B709E30CE04}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{6CB68E85-B0AD-4F29-BB8D-67D52D19C384}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{71C685A1-6C6B-42EB-9239-340FE8CB9D03}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{743DADC6-FB7A-4320-AA8D-8EC26DC53F8A}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{8841B175-52BE-419B-A49D-FADC3ECFFE1D}" = protocol=6 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{9ECC4BE4-1114-48C7-8882-E568215063B6}" = protocol=17 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{9FCC704D-F434-4193-B783-2F171217C199}" = protocol=17 | dir=in | app=d:\itunes.exe |
"{ABE1E98A-5DB7-4F42-AA35-3A26BCAADF1B}" = protocol=6 | dir=in | app=d:\itunes.exe |
"{AF15A90A-3784-44A0-BD5D-FC0D15FD3B1C}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{B64DA3B4-ADE0-4622-9D3F-861ADE141465}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{C3463FF9-DC92-49B9-A1C0-2101248F8CCB}" = protocol=58 | dir=in | [email protected],-28545 |
"{C802AD6C-3A53-43F2-BE76-E1FE2861C3A5}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{CBAD2904-D4A9-4520-A56E-94C9DE19C7C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D6029AAD-598A-46C4-BFD6-1164019F5A3B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DDBB124E-0E08-4595-8C25-D1CB89C69E9B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EE6B4C0E-D617-4178-9FB3-499F994AE344}" = protocol=1 | dir=out | [email protected],-28544 |
"{F4E86D31-8EFD-4D4D-93FF-8AA7B7DD6FD0}" = protocol=17 | dir=in | app=d:\itunes.exe |
"TCP Query User{2959BB78-6C22-476A-B0D2-3E58BF984C97}C:\users\butler\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\butler\program files\dna\btdna.exe |
"TCP Query User{5D923E89-9916-431F-B511-861609A2A990}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{8555BE31-2723-432B-B9A6-0184E57A3A5F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{E83B2BD6-695D-4985-A00B-672EB0CD9EB9}C:\users\butler\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\butler\program files\dna\btdna.exe |
"UDP Query User{21A1D328-364F-4113-A6D7-911A9AC75E83}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{790AD83A-8BAC-4F08-83FB-72EC4FC13DE8}C:\users\butler\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\butler\program files\dna\btdna.exe |
"UDP Query User{B8EF867F-C8D5-4E98-9C76-1C1B25F27FC0}C:\users\butler\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\butler\program files\dna\btdna.exe |
"UDP Query User{D41A7F87-4903-4B8D-93C0-720297040031}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C2FCEF-4BF3-4AFF-A840-E4E0982EEBB6}" = Manulife - Concept slideshows
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{05224574-45E6-529E-D28F-58517A0D014D}" = Catalyst Control Center Localization Thai
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0867AFE1-3469-11D7-8193-0010B5BCE08C}" = ABF / FNA
"{08B31070-171E-11D6-BECF-000629F77048}" = MenuFusion
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{09064D50-FF4A-407C-9B13-15B9D231EBA2}" = RegimeRetraiteIndividuel
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0AE17B00-31FA-11D6-BED9-000629F77048}" = Avantage d'Or / Golden Edge
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{10895847-3460-11D7-8193-0010B5BCE08C}" = Zone retraite / Retirement zone
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{16F3EF00-887C-0DEC-2C94-A3469A48DE68}" = Catalyst Control Center Localization Danish
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192BFB6B-7E9C-4346-8ECB-2A42DABFF4DB}" = Manulife - Insure Right / Manuvie - Bien s'assurer
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}" = EPSON Stylus Photo RX680 Series Scanner Driver Update
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F8077B0-587A-4C78-9A12-A022E1519B4D}" = RepartitionActif
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{209255AF-E7F3-4FF3-86EE-575C35BA716D}" = Living Benefits 4.80
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{251629BE-4EC9-DA91-E793-20AF9C28E63C}" = ATI Catalyst Install Manager
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 17
"{27916B81-FEDB-43A0-B724-923784B3DAE7}" = ENVISION - Illustrations
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28751D09-32C3-F547-7984-1B6631FE4A2B}" = Catalyst Control Center Localization Korean
"{2B85EE0A-C326-4E77-5086-C532D7C2AB87}" = Catalyst Control Center Core Implementation
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32D3C724-3E32-11D9-8211-00B0D075DF5C}" = Diamond View Update
"{3594EE90-B157-4519-9E82-8B6F4711A0A1}" = Catalyst Control Center - Branding
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42A30805-0210-8A51-2B37-8FB44F056190}" = Catalyst Control Center Localization Hungarian
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{46EE4F34-8C50-29A1-392F-86FCDA197789}" = Catalyst Control Center Localization Finnish
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AC23178-EEBC-4BAF-8CC0-AB15C8897AC9}" = Log Parser 2.2
"{4ACB654F-68D7-4003-8C59-AF1996D27AB0}" = Manulife - Living Benefits
"{4BB32041-2D06-4AED-AF2A-6BE6BF157391}" = Manulife - Personal Accident - Invalidité Accidents
"{4F937EE8-09DA-40D7-BDE2-1AC842160809}" = Lanceur d'installsheild
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5DD3B1AB-67FE-46E0-A3E4-C0224022D3C0}" = Sonata
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{62E056C9-E8AC-6956-C6D9-98A82E3CE0CB}" = Catalyst Control Center Graphics Light
"{645DEF6F-B828-915C-F655-84D733124870}" = Catalyst Control Center Localization Japanese
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698C92A9-66A7-11D6-8178-0010B5BCE08C}" = Presentations
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BFAE410-1130-23D8-C42B-B46AF9B8559D}" = Catalyst Control Center Localization Italian
"{6D58431E-731C-437C-9089-7B51034C2CA1}" = Manulife - LifeWise/Manuvie - Accent-Vie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{71B2C49D-2ECC-8C4C-0DF8-76FBFD7804A1}" = Catalyst Control Center Localization German
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73AB6BF4-C06D-8395-6F72-87F2481DE614}" = Catalyst Control Center Localization Swedish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{781E64C7-FC5B-2F60-9882-1EF78D586819}" = Catalyst Control Center Localization Chinese Traditional
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CF6604E-BCB8-4B5F-A1CC-1E6DA0C60151}" = MSXML
"{7F1BFB08-C09E-47A3-AE12-A02D5DF9593F}" = FastPictureViewer
"{805F40F4-BF12-9054-4348-5ADA0CF77F3D}" = ccc-utility
"{80F24F31-F641-4349-83F3-59E335976D16}" = PC SpeedScan Pro
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8737AC54-25D5-496F-AD8B-B2EA63195E80}" = Inforce - En vigueur
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B510F99-7B01-CFAE-E38A-EE8EE39DB797}" = Catalyst Control Center Localization Greek
"{8B705ED7-A86B-4895-9955-BA80E0B3F40B}" = Calculatrice Financière / Invest
"{8C8D257C-7B0B-43F0-B63F-58FF7635B9DA}" = Wealthcare 28.00
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8D82A6EA-9C27-4184-B8E7-9597903E6653}" = Transamerica - Five-for-Life
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{949E2475-CFD7-402F-95C1-62423DE0AF75}" = Manulife Financial - Health and Dental
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C3D831F-B8C6-47CF-AE70-435CAB57C90F}" = Canada Life Reference Material 10.4
"{9EFAD767-D3F0-BB77-3E9B-A5B309413A57}" = Catalyst Control Center Localization Russian
"{A101FC46-E7C0-5C41-1410-5248E02CAAE9}" = Catalyst Control Center Localization Polish
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A52FD2D4-9AB2-43B1-8DC7-49A26724F3AF}" = Manulife - Concepts
"{A5538FEC-BC6E-497F-80BE-C36BA0AD8131}" = Manulife - Universal Life
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2162D37-2496-458B-86F5-ACD0B4A20FDE}" = Manulife - Limited Pay UL / Manuvie - Vu à prime temporaire
"{B28759B8-5FC6-4F56-9C6C-6EDAD36455A9}" = Roxio Media Manager
"{B2A2514E-AC03-92AA-A1E1-F3A9F057AFB9}" = Catalyst Control Center Localization Dutch
"{B2E60EBE-35BC-41CA-BED6-EDBB9329C037}" = Concepts
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9308129-4971-BCF4-A826-987AD611A5ED}" = Catalyst Control Center Localization Turkish
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEC8D5C2-F0A0-43D8-977C-F638635AE16E}" = Manulife - Performax Gold - Performax Or
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C45C544E-5047-11D9-8216-00B0D075DF5C}" = Diamond View Launcher
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C7309F41-B01A-E8C9-6BBE-7AEC25D3FA13}" = Catalyst Control Center Localization Chinese Standard
"{C85C2248-CF17-441F-972B-428F8AC37087}" = PC SpeedScan Pro
"{CAA2EEB2-BE79-4FA6-3D77-7147E25A0DE9}" = ccc-core-static
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CF09D056-3FFA-11D6-8171-0010B5BCE08C}" = Solo
"{D03B4662-6EC5-98D3-CEE9-FC6D149F17EC}" = Catalyst Control Center Localization Spanish
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D6521078-106E-5583-5BF3-031FD2CF4FC4}" = Catalyst Control Center Localization Norwegian
"{D79C4B34-8BA4-4B86-A6C8-E53A8E8D7193}" = CL Sales Strategies 9.0
"{DA9294A5-0A4E-11D9-81F5-00B0D075DF5C}" = DVXP
"{DE723887-712F-499D-8B82-5A1EC8F46062}" = SetupCrystalReports
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E148ABC2-5199-CB3D-04EF-533CFEFFD4B9}" = Catalyst Control Center Localization Czech
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EBA93A9F-2977-4538-8BA5-E44AF580D723}" = ZoomExpressKeyview 10.4
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDB8C9DB-9ED2-489A-8438-B00D30813ADF}" = Manulife - Term
"{EED3CC4B-40BD-11D6-8171-0010B5BCE08C}" = Sommum / Pace / Traditionnel
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F574616C-4C15-49CE-9C98-E998CD80264A}" = BlackBerry Device Software Updater
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E679F5-F8FC-4165-BDE6-BB3C10478181}" = Manulife - Launcher
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FC24097F-F9CF-A7A5-27F5-67DF0E9E27DF}" = Catalyst Control Center Localization Portuguese
"{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"{FFE34BB9-02CD-0328-D578-200ABBFAF746}" = Catalyst Control Center Localization French
"3Planesoft Screensaver Manager_is1" = 3Planesoft Screensaver Manager 1.2
"7-Zip" = 7-Zip 4.57
"Acer Registration" = Acer Registration
"ADDCALC2000 32-bit (Empire)" = ADDCALC/2000 32-bit (Empire)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Afaria Client" = Afaria Client
"AIR MILES TOOLBAR" = AIR MILES TOOLBAR 1.432
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion Web Plugin
"Discovery 3D Screensaver_is1" = Discovery 3D Screensaver 1.1
"Ease Audio Converter_is1" = Ease Audio Converter 4.80
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free Audio Editor" = Free Audio Editor
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Inforce Illustration 1.3" = Inforce Illustration 1.3
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{9DA03FFD-4592-4C64-BAB6-5104567B737D}" = CL Zoom_Zoom (C.-V)
"Investment Illustrator (8.10)" = Investment Illustrator (8.10)
"KeyNote_is1" = KeyNote 1.6.5
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.4 (Standard)
"LifeView - VisionVie 6.2" = LifeView - VisionVie 6.2
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"OnlineArmor_is1" = Online Armor 3.5
"Optimax 6.9" = Optimax 6.9
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"RBC Illustrations System" = RBC Illustrations System
"Revo Uninstaller" = Revo Uninstaller 1.83
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The One Ring 3D Screensaver_is1" = The One Ring 3D Screensaver 1.0
"Ultimate_farmville Toolbar" = Ultimate_farmville Toolbar
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winmail Opener" = Winmail Opener 1.4
"Winmail Reader_is1" = Winmail Reader 1.1.12
"WinPatrol" = WinPatrol 2009
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/12/2009 10:47:54 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:54 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/12/2009 10:47:59 PM | Computer Name = Butler-PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 12/08/2008 12:13:22 PM | Computer Name = Butler-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 28/08/2008 11:37:08 PM | Computer Name = Butler-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ OSession Events ]
Error - 08/07/2009 6:53:39 PM | Computer Name = Butler-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 475
seconds with 300 seconds of active time. This session ended with a crash.

Error - 02/11/2009 4:35:14 PM | Computer Name = Butler-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2465
seconds with 240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 07/12/2009 6:16:33 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 07/12/2009 6:16:34 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 07/12/2009 6:16:34 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 07/12/2009 6:16:34 PM | Computer Name = Butler-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >

Attached Files


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP