[EmoExecutioner]

Hey guys,

Having an issue with system updating, installing virus scanners etc, basically anything that could remove a virus, Malware won't work even after renaming the setup.exe to something else, a particular game won't load up but I think its cause I have the expansion on the main drive and the other part in the partition drive (Whoops lol.) Um.. Windows won't update, Avira won't help.

Any thoughts?

Oh scrap that about the game, cause I was able to run it for a long time before it became an issue, so I think it might be virus related also.

Edited by EmoExecutioner, 11 October 2010 - 04:22 AM.

[Advertisements]

Hello ,
And My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

• The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
• Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
• The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
• Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:

• Please download OTL from one of the following mirrors:
  • This is THE Mirror
• Save it to your desktop.
• Double click on the icon on your desktop.
• Click the "Scan All Users" checkbox.
• Push the Quick Scan button.
• Two reports will open, copy and paste them in a reply here:
  • OTListIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Please download Rootkit Unhooker and save it to your Desktop

• Double-click on RKUnhookerLE to run it
• Click the Report tab, then click Scan
• Check Drivers, Stealth and uncheck the rest
• Click OK
• Wait until it's finished and then go to File > Save Report
• Save the report to your Desktop

Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply

• A detailed description of your problems
• A new OTL log (don't forget extra.txt)
• RKU log

Thanks and again sorry for the delay.

[Elise]

Hello ,
And My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

• The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
• Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
• The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
• Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:

• Please download OTL from one of the following mirrors:
  • This is THE Mirror
• Save it to your desktop.
• Double click on the icon on your desktop.
• Click the "Scan All Users" checkbox.
• Push the Quick Scan button.
• Two reports will open, copy and paste them in a reply here:
  • OTListIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Please download Rootkit Unhooker and save it to your Desktop

• Double-click on RKUnhookerLE to run it
• Click the Report tab, then click Scan
• Check Drivers, Stealth and uncheck the rest
• Click OK
• Wait until it's finished and then go to File > Save Report
• Save the report to your Desktop

Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply

• A detailed description of your problems
• A new OTL log (don't forget extra.txt)
• RKU log

Thanks and again sorry for the delay.

[EmoExecutioner]

http://i96.photobuck...oner/screen.jpg

[Elise]

Please try this:

Download and run Win32kDiag:

• Download Win32kDiag from any of the following locations and save it to your Desktop.
  • Download Win32kDiag (Win32kDiag.exe) - #1
  • Download Win32kDiag (Win32kDiag.exe) - #2
  • Download Win32kDiag (Win32kDiag.exe) - #3
• Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
• When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
• Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.

[EmoExecutioner]

Turned online armor back on, now all is installing.

Edited by EmoExecutioner, 11 October 2010 - 05:29 AM.

[Elise]

In that case, please post me the logs.

What other problems do you have?

[EmoExecutioner]

Malwarebytes' Anti-Malware 1.44
Database version: 3862
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/10/2010 7:00:50 p.m.
mbam-log-2010-10-11 (19-00-50).txt

Scan type: Quick Scan
Objects scanned: 205
Time elapsed: 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
OTL logfile created on: 13/10/2010 11:35:15 a.m. - Run 1
OTL by OldTimer - Version 3.2.15.0 Folder = C:\Documents and Settings\Shaun\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1,022.00 Mb Total Physical Memory | 569.00 Mb Available Physical Memory | 56.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.49 Gb Total Space | 16.79 Gb Free Space | 48.67% Space Free | Partition Type: NTFS
Drive D: | 423.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive O: | 110.00 Gb Total Space | 5.20 Gb Free Space | 4.73% Space Free | Partition Type: NTFS
Drive P: | 61.44 Gb Total Space | 53.22 Gb Free Space | 86.63% Space Free | Partition Type: NTFS
Drive Q: | 61.44 Gb Total Space | 21.76 Gb Free Space | 35.42% Space Free | Partition Type: NTFS

Computer Name: AWESOMENESS | User Name: Shaun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/11 22:51:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\My Documents\Downloads\OTL.exe
PRC - [2010/01/13 04:21:50 | 004,994,856 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2009/09/02 10:44:22 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2009/09/02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009/09/02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/11 06:58:18 | 000,362,184 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2009/07/11 06:58:14 | 003,142,344 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2009/07/11 06:58:10 | 001,033,416 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2009/07/11 06:58:02 | 002,121,416 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2009/05/24 20:04:38 | 000,316,416 | ---- | M] (Outertech) -- C:\Program Files\CachemanXP\CachemanXP.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2010/10/11 22:51:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\My Documents\Downloads\OTL.exe
MOD - [2010/01/13 04:43:56 | 000,103,720 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TV.dll
MOD - [2009/07/11 06:59:16 | 000,860,360 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/14 06:42:12 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/14 06:42:12 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 06:42:10 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/14 06:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 05:50:41 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009/09/02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/11 06:58:18 | 000,362,184 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/07/11 06:58:14 | 003,142,344 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/05/24 20:04:38 | 000,316,416 | ---- | M] (Outertech) [Auto | Running] -- C:\Program Files\CachemanXP\CachemanXP.exe -- (CachemanXPService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/10 09:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/01/17 04:25:43 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/23 12:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/12/03 02:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/07/24 16:05:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2009/07/11 06:59:08 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009/07/11 06:17:14 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/07/11 06:17:00 | 000,200,784 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2009/07/08 11:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2009/06/17 15:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009/06/17 15:02:16 | 000,027,528 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2009/06/17 15:02:08 | 000,033,800 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2009/06/17 15:01:50 | 000,014,088 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2009/06/17 15:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009/06/17 15:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009/06/17 15:01:18 | 000,017,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VHIDMini.sys -- (VHidMinidrv)
DRV - [2009/06/17 15:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009/06/17 15:01:04 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/03/06 12:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2006/05/04 05:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/08/15 12:59:00 | 000,148,338 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gwausb.sys -- (wanusb)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\..\URLSearchHook: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010/09/21 11:11:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins

[2009/09/08 21:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Extensions
[2009/09/08 21:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Extensions\[email protected]
[2010/09/20 08:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions
[2010/04/28 14:33:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/24 12:01:54 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/23 21:17:37 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2009/09/07 13:29:37 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2010/04/15 10:11:21 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010/06/14 14:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\[email protected]
[2010/09/08 05:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\[email protected]

O1 HOSTS File: ([2003/04/01 01:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Messenger Plus Live Toolbar) - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Toolbar) - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo!Xtra Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Toolbar) - {9B339F6E-DDCD-401B-8764-230ADBD01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Shaun\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1252225386750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Shaun\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shaun\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/06 21:10:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/09/01 12:01:11 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2003/09/01 12:01:28 | 001,101,824 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003/08/31 16:15:46 | 000,000,027 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003/08/31 16:15:25 | 000,001,214 | R--- | M] () - D:\autorun.str -- [ CDFS ]
O32 - AutoRun File - [2005/11/10 19:49:50 | 000,000,044 | ---- | M] () - P:\AutoRun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 20:27:24 | 020,225,045 | ---- | M] () - Q:\Auto-Tune_Evo_TDM_v6.0.9.2.zip -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 06:33:55 | 000,389,912 | ---- | M] (AnalogX, LLC) - Q:\autoi.exe -- [ NTFS ]
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell - "" = AutoRun
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (15213203659161600)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/12 09:43:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\IMVU
[2010/10/12 09:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\IMVUClient
[2010/10/12 01:12:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/11 22:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Desktop\Erunt
[2010/10/11 18:11:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaun\Recent
[2010/10/11 18:03:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/10/11 18:03:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/10/11 18:03:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/10/11 17:45:39 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaun\Desktop\TFC.exe
[2010/10/11 16:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\My Recordings
[2010/10/11 16:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\SynthMaker
[2010/10/11 16:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\Acoustica
[2010/10/11 16:22:02 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\WINDOWS\System32\Wnaspint.dll
[2010/10/11 16:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/10/11 16:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2010/10/11 16:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\Antares
[2010/10/11 16:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2010/10/02 08:49:56 | 000,328,056 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Shaun\My Documents\uTorrent.exe
[2010/10/02 08:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\uTorrent
[2010/09/21 11:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/09/21 11:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6
[2010/09/21 11:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/08/31 19:24:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\Downloads
[2010/07/24 12:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

========== Files - Modified Within 90 Days ==========

[2010/10/13 11:42:26 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Shaun\NTUSER.DAT
[2010/10/13 11:30:19 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/13 11:30:10 | 000,000,389 | ---- | M] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2010/10/13 11:30:09 | 000,000,103 | ---- | M] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2010/10/13 11:29:16 | 000,005,063 | ---- | M] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2010/10/13 11:29:16 | 000,001,000 | ---- | M] () -- C:\WINDOWS\System32\bscs.ini
[2010/10/13 11:27:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/13 11:27:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/13 07:53:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/13 07:51:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Shaun\ntuser.ini
[2010/10/13 07:47:41 | 012,901,060 | -H-- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\IconCache.db
[2010/10/13 05:54:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/10/13 05:07:50 | 000,496,750 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/13 05:07:50 | 000,085,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/13 05:07:49 | 000,572,992 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/10/13 00:04:41 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/10/13 00:04:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/10/13 00:04:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/10/12 09:42:26 | 000,001,963 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\IMVU.lnk
[2010/10/12 01:15:07 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/12 00:52:01 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\gws updater.lnk
[2010/10/12 00:33:02 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Guild Wars.lnk
[2010/10/11 19:27:33 | 000,001,078 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010/10/11 18:42:00 | 000,000,578 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/11 18:42:00 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/10/11 18:41:59 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/11 18:06:46 | 000,091,648 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/10 22:38:39 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/08 16:20:39 | 000,017,201 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Tattoo 2.png
[2010/10/08 05:54:05 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2010/10/08 05:54:05 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/10/05 17:58:43 | 000,064,414 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\10-04-10952350.jpg
[2010/10/03 22:06:25 | 000,009,061 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Lizzie.rtf
[2010/10/02 20:47:30 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/02 08:49:56 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Shaun\My Documents\uTorrent.exe
[2010/10/02 08:49:56 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/02 08:49:56 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/09/27 02:39:04 | 000,003,120 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\To Lizzie.rtf
[2010/09/21 11:11:40 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 11:11:40 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 10:50:48 | 000,217,677 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\bookmarks.html
[2010/09/21 10:44:46 | 000,007,822 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Tasha.doc
[2010/09/19 20:01:21 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\CCleaner.lnk
[2010/09/18 18:34:20 | 000,048,187 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Lizzie.jpg
[2010/09/14 13:31:02 | 000,045,990 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\58776_155026001182413_100000250426892_426810_5253894_n.jpg
[2010/09/14 13:30:31 | 000,049,559 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\47182_155025491182464_100000250426892_426808_2293738_n.jpg
[2010/09/12 15:35:17 | 000,005,994 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Rae&Demi.doc
[2010/09/11 03:52:55 | 000,054,692 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\shirt.jpg
[2010/09/07 09:54:20 | 000,099,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/05 21:14:21 | 000,010,207 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\4463548731_93011720e8_m.jpg
[2010/09/05 06:58:30 | 000,029,585 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\34259_110469249004929_100001255644326_67514_5498529_n.jpg
[2010/08/31 19:24:59 | 000,169,905 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\star-wars-personalities.jpg
[2010/08/29 14:08:10 | 000,035,697 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Theivery.m3u
[2010/08/28 17:28:20 | 000,015,504 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/15 18:14:22 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2010/08/06 03:09:01 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/08/06 03:07:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/06 03:07:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/24 11:59:11 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/24 11:59:11 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/07/17 04:55:04 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\Desktop\TFC.exe

========== Files Created - No Company Name ==========

[2010/10/13 00:04:41 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/10/12 09:42:26 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\IMVU.lnk
[2010/10/12 00:50:53 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\gws updater.lnk
[2010/10/12 00:33:02 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Guild Wars.lnk
[2010/10/08 16:20:32 | 000,017,201 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Tattoo 2.png
[2010/10/06 23:52:15 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2010/10/06 23:52:15 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/10/05 17:58:32 | 000,064,414 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\10-04-10952350.jpg
[2010/10/03 22:05:59 | 000,009,061 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Lizzie.rtf
[2010/10/02 16:05:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/02 08:49:56 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/02 08:49:56 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/09/29 23:44:02 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/09/27 02:17:47 | 000,003,120 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\To Lizzie.rtf
[2010/09/21 11:11:40 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 11:11:40 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 10:50:48 | 000,217,677 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\bookmarks.html
[2010/09/18 18:34:19 | 000,048,187 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Lizzie.jpg
[2010/09/15 04:01:58 | 000,007,822 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Tasha.doc
[2010/09/14 13:31:00 | 000,045,990 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\58776_155026001182413_100000250426892_426810_5253894_n.jpg
[2010/09/14 13:30:27 | 000,049,559 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\47182_155025491182464_100000250426892_426808_2293738_n.jpg
[2010/09/12 15:34:35 | 000,005,994 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Rae&Demi.doc
[2010/09/11 03:52:52 | 000,054,692 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\shirt.jpg
[2010/09/05 21:14:20 | 000,010,207 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\4463548731_93011720e8_m.jpg
[2010/09/05 06:58:24 | 000,029,585 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\34259_110469249004929_100001255644326_67514_5498529_n.jpg
[2010/08/31 19:24:57 | 000,169,905 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\star-wars-personalities.jpg
[2010/08/29 14:08:10 | 000,035,697 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Theivery.m3u
[2010/07/24 11:59:11 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/24 11:59:11 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/07/24 03:15:19 | 000,230,424 | ---- | C] () -- C:\img2-001.raw
[2010/04/19 18:58:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/04/08 15:47:02 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\SHORTCUT.INI
[2010/04/08 15:34:35 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2010/04/08 15:33:23 | 000,005,063 | ---- | C] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2010/04/08 15:33:04 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2010/04/08 15:27:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\BSPRINT.INI
[2010/03/15 02:09:18 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/03/13 21:31:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/11 16:35:20 | 001,355,906 | ---- | C] () -- C:\WINDOWS\UnInstallDynalinkADSL.dll
[2009/12/02 15:08:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/10/17 00:37:55 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/09/09 02:51:07 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2009/09/07 21:05:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CoInst.dll
[2009/09/07 21:05:28 | 000,017,868 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2009/09/07 18:37:41 | 000,091,648 | ---- | C] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/07 16:42:42 | 000,001,000 | ---- | C] () -- C:\WINDOWS\System32\bscs.ini
[2009/09/07 00:23:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\fusioncache.dat
[2009/09/07 00:04:12 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/09/06 23:05:27 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009/09/06 21:20:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2009/09/02 10:39:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\BsMobileCSps.dll
[2009/06/17 15:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== LOP Check ==========

[2010/10/11 16:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2009/09/06 21:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/05/30 20:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/10/09 18:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2009/09/09 02:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/01/16 05:28:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/10/11 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Acoustica
[2010/10/11 16:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Antares
[2010/07/06 00:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/10/02 08:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Free Download Manager
[2009/09/09 02:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\GetRightToGo
[2010/10/13 10:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVU
[2010/04/09 21:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVU-Products
[2010/10/12 09:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVUClient
[2010/06/16 17:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IObit
[2009/09/07 00:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\OnlineArmor
[2009/09/21 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\SecondLife
[2010/10/11 16:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\SynthMaker
[2010/02/02 17:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\TeamViewer
[2010/10/11 16:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\uTorrent
[2009/12/22 14:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Vivox
[2009/09/06 23:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Windows Desktop Search
[2009/09/07 15:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Windows Search
[2010/10/13 05:54:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/10/13 00:04:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/10/13 00:04:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/10/13 00:04:41 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/10/10 22:38:39 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/13 11:26:51 | 000,020,516 | ---- | M] () -- C:\aaw7boot.log
[2009/09/06 21:10:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/10/11 18:42:00 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/09/06 21:10:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/15 18:14:22 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2009/09/06 21:10:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/09/06 21:10:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/09/06 21:56:19 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/06 21:56:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/13 11:27:01 | 536,870,912 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/09/07 08:52:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/09/07 08:52:16 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/09/07 08:52:16 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-12 16:10:06

< End of report >
OTL Extras logfile created on: 13/10/2010 11:35:16 a.m. - Run 1
OTL by OldTimer - Version 3.2.15.0 Folder = C:\Documents and Settings\Shaun\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1,022.00 Mb Total Physical Memory | 569.00 Mb Available Physical Memory | 56.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.49 Gb Total Space | 16.79 Gb Free Space | 48.67% Space Free | Partition Type: NTFS
Drive D: | 423.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive O: | 110.00 Gb Total Space | 5.20 Gb Free Space | 4.73% Space Free | Partition Type: NTFS
Drive P: | 61.44 Gb Total Space | 53.22 Gb Free Space | 86.63% Space Free | Partition Type: NTFS
Drive Q: | 61.44 Gb Total Space | 21.76 Gb Free Space | 35.42% Space Free | Partition Type: NTFS

Computer Name: AWESOMENESS | User Name: Shaun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"P:\Program Files\Messenger\YahooMessenger.exe" = P:\Program Files\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Free Download Manager\fdm.exe" = C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager -- File not found
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game -- ()
"P:\generals.exe" = P:\generals.exe:*:Enabled:Command & Conquer Generals -- ()
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS -- (IVT Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Documents and Settings\Shaun\My Documents\uTorrent.exe" = C:\Documents and Settings\Shaun\My Documents\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe:*:Enabled:Command and ConquerTM Generals Zero Hour -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{25887983-54F3-4F55-A7C5-91229AD67C16}" = Bluesoleil 5.4.277.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3638411A-C5DB-4916-BA1A-9C2A6AD1BBBB}" = Dynalink ADSL Router USB Driver
"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E43E5F45-E924-4D83-9DB9-8D74BCF7A9DD}" = Antares Auto-Tune Evo TDM
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Belarc Advisor" = Belarc Advisor 8.1
"CachemanXP 2.0 (Windows 2000,2003,XP)" = CachemanXP 2.0 (Windows 2000,2003,XP)
"CCleaner" = CCleaner
"ClassicPro" = ClassicPro© v1.13
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Dynalink ADSL Modem" = Dynalink ADSL Modem
"Guild Wars" = Guild Wars
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live Toolbar" = Messenger_Plus_Live Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0b6 (x86 en-US)" = Mozilla Firefox 4.0b6 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OnlineArmor_is1" = Online Armor 3.5
"PCI Audio Driver" = PCI Audio Driver
"PROSet" = Intel® PRO Network Adapters and Drivers
"Smart Defrag_is1" = Smart Defrag
"TeamViewer 5" = TeamViewer 5
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo!Xtra Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2010 12:39:01 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2418241,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 11/10/2010 12:40:52 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb983583,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 11/10/2010 12:42:14 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 11/10/2010 12:52:42 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976569,
P2 1033, P3 1642, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 11/10/2010 8:24:53 a.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.

Error - 11/10/2010 10:13:53 a.m. | Computer Name = AWESOMENESS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\CONFIG.MSI\5D767B.RBS> in the hash map cannot be updated.

Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 12/10/2010 12:54:19 p.m. | Computer Name = AWESOMENESS | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 12/10/2010 2:54:43 p.m. | Computer Name = AWESOMENESS | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 12/10/2010 2:59:08 p.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.

Error - 12/10/2010 6:31:40 p.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.

[ System Events ]
Error - 11/10/2010 8:22:13 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7022
Description = The MSCamSvc service hung on starting.

Error - 12/10/2010 12:33:12 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 12:35:58 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 12:38:05 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).

Error - 12/10/2010 2:56:39 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 2:56:51 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 2:57:03 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).

Error - 12/10/2010 6:28:30 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 6:29:01 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 12/10/2010 6:29:37 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).


< End of report >

I think Online Armor is keeping my computer from updating windows normally. I don't know how to work around that. Other than that i can't think of anything.

[Elise]

Try to disable online armor and see if windows updates works after that. This helps you confirm it is indeed OA causing the problem.

Please post me also the Rootkit Unhooker log.