Malwarebytes' Anti-Malware 1.44
Database version: 3862
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/10/2010 7:00:50 p.m.
mbam-log-2010-10-11 (19-00-50).txt
Scan type: Quick Scan
Objects scanned: 205
Time elapsed: 17 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 13/10/2010 11:35:15 a.m. - Run 1
OTL by OldTimer - Version 3.2.15.0 Folder = C:\Documents and Settings\Shaun\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
1,022.00 Mb Total Physical Memory | 569.00 Mb Available Physical Memory | 56.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.49 Gb Total Space | 16.79 Gb Free Space | 48.67% Space Free | Partition Type: NTFS
Drive D: | 423.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive O: | 110.00 Gb Total Space | 5.20 Gb Free Space | 4.73% Space Free | Partition Type: NTFS
Drive P: | 61.44 Gb Total Space | 53.22 Gb Free Space | 86.63% Space Free | Partition Type: NTFS
Drive Q: | 61.44 Gb Total Space | 21.76 Gb Free Space | 35.42% Space Free | Partition Type: NTFS
Computer Name: AWESOMENESS | User Name: Shaun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2010/10/11 22:51:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\My Documents\Downloads\OTL.exe
PRC - [2010/01/13 04:21:50 | 004,994,856 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2009/09/02 10:44:22 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2009/09/02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009/09/02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/11 06:58:18 | 000,362,184 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2009/07/11 06:58:14 | 003,142,344 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2009/07/11 06:58:10 | 001,033,416 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2009/07/11 06:58:02 | 002,121,416 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2009/05/24 20:04:38 | 000,316,416 | ---- | M] (Outertech) -- C:\Program Files\CachemanXP\CachemanXP.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002/10/15 19:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
========== Modules (SafeList) ========== MOD - [2010/10/11 22:51:35 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\My Documents\Downloads\OTL.exe
MOD - [2010/01/13 04:43:56 | 000,103,720 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TV.dll
MOD - [2009/07/11 06:59:16 | 000,860,360 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/14 06:42:12 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/14 06:42:12 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/14 06:42:10 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/14 06:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/05 05:50:41 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/02 10:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009/09/02 10:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/11 06:58:18 | 000,362,184 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/07/11 06:58:14 | 003,142,344 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/05/24 20:04:38 | 000,316,416 | ---- | M] (Outertech) [Auto | Running] -- C:\Program Files\CachemanXP\CachemanXP.exe -- (CachemanXPService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/10 09:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ========== DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/01/17 04:25:43 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/23 12:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/12/03 02:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/07/24 16:05:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2009/07/11 06:59:08 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009/07/11 06:17:14 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/07/11 06:17:00 | 000,200,784 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2009/07/08 11:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2009/06/17 15:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009/06/17 15:02:16 | 000,027,528 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2009/06/17 15:02:08 | 000,033,800 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2009/06/17 15:01:50 | 000,014,088 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2009/06/17 15:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009/06/17 15:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009/06/17 15:01:18 | 000,017,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VHIDMini.sys -- (VHidMinidrv)
DRV - [2009/06/17 15:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2009/06/17 15:01:04 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/03/06 12:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2006/05/04 05:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/08/15 12:59:00 | 000,148,338 | ---- | M] (GlobespanVirata Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gwausb.sys -- (wanusb)
DRV - [2002/11/18 16:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\..\URLSearchHook: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems:
[email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.5.2
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems:
[email protected]:1.2.0
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: P:\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: P:\plugins [2010/09/21 11:02:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010/09/21 11:11:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins
[2009/09/08 21:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Extensions
[2009/09/08 21:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Extensions\
[email protected][2010/09/20 08:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions
[2010/04/28 14:33:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/24 12:01:54 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/23 21:17:37 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2009/09/07 13:29:37 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2010/04/15 10:11:21 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010/06/14 14:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\
[email protected][2010/09/08 05:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Mozilla\Firefox\Profiles\55bahunx.default\extensions\
[email protected] O1 HOSTS File: ([2003/04/01 01:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Messenger Plus Live Toolbar) - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Toolbar) - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo!Xtra Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Toolbar) - {9B339F6E-DDCD-401B-8764-230ADBD01761} - C:\Program Files\Messenger_Plus_Live\tbMes1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Shaun\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1252225386750 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Shaun\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shaun\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/06 21:10:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/09/01 12:01:11 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2003/09/01 12:01:28 | 001,101,824 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003/08/31 16:15:46 | 000,000,027 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003/08/31 16:15:25 | 000,001,214 | R--- | M] () - D:\autorun.str -- [ CDFS ]
O32 - AutoRun File - [2005/11/10 19:49:50 | 000,000,044 | ---- | M] () - P:\AutoRun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 20:27:24 | 020,225,045 | ---- | M] () - Q:\Auto-Tune_Evo_TDM_v6.0.9.2.zip -- [ NTFS ]
O32 - AutoRun File - [2010/08/09 06:33:55 | 000,389,912 | ---- | M] (AnalogX, LLC) - Q:\autoi.exe -- [ NTFS ]
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell - "" = AutoRun
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f100cec1-f176-11de-8c98-000df0300101}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (15213203659161600)
========== Files/Folders - Created Within 90 Days ========== [2010/10/12 09:43:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\IMVU
[2010/10/12 09:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\IMVUClient
[2010/10/12 01:12:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/11 22:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Desktop\Erunt
[2010/10/11 18:11:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Shaun\Recent
[2010/10/11 18:03:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010/10/11 18:03:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010/10/11 18:03:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010/10/11 17:45:39 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shaun\Desktop\TFC.exe
[2010/10/11 16:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\My Recordings
[2010/10/11 16:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\SynthMaker
[2010/10/11 16:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\Acoustica
[2010/10/11 16:22:02 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\WINDOWS\System32\Wnaspint.dll
[2010/10/11 16:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2010/10/11 16:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2010/10/11 16:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\Antares
[2010/10/11 16:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2010/10/02 08:49:56 | 000,328,056 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Shaun\My Documents\uTorrent.exe
[2010/10/02 08:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\Application Data\uTorrent
[2010/09/21 11:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/09/21 11:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6
[2010/09/21 11:04:22 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/08/31 19:24:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shaun\My Documents\Downloads
[2010/07/24 12:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
========== Files - Modified Within 90 Days ========== [2010/10/13 11:42:26 | 005,505,024 | -H-- | M] () -- C:\Documents and Settings\Shaun\NTUSER.DAT
[2010/10/13 11:30:19 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/13 11:30:10 | 000,000,389 | ---- | M] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2010/10/13 11:30:09 | 000,000,103 | ---- | M] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2010/10/13 11:29:16 | 000,005,063 | ---- | M] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2010/10/13 11:29:16 | 000,001,000 | ---- | M] () -- C:\WINDOWS\System32\bscs.ini
[2010/10/13 11:27:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/13 11:27:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/13 07:53:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/13 07:51:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Shaun\ntuser.ini
[2010/10/13 07:47:41 | 012,901,060 | -H-- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\IconCache.db
[2010/10/13 05:54:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/10/13 05:07:50 | 000,496,750 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/13 05:07:50 | 000,085,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/13 05:07:49 | 000,572,992 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/10/13 00:04:41 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/10/13 00:04:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/10/13 00:04:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/10/12 09:42:26 | 000,001,963 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\IMVU.lnk
[2010/10/12 01:15:07 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/12 00:52:01 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\gws updater.lnk
[2010/10/12 00:33:02 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Guild Wars.lnk
[2010/10/11 19:27:33 | 000,001,078 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010/10/11 18:42:00 | 000,000,578 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/11 18:42:00 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/10/11 18:41:59 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/11 18:06:46 | 000,091,648 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/10 22:38:39 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/08 16:20:39 | 000,017,201 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Tattoo 2.png
[2010/10/08 05:54:05 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2010/10/08 05:54:05 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/10/05 17:58:43 | 000,064,414 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\10-04-10952350.jpg
[2010/10/03 22:06:25 | 000,009,061 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Lizzie.rtf
[2010/10/02 20:47:30 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/02 08:49:56 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Shaun\My Documents\uTorrent.exe
[2010/10/02 08:49:56 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/02 08:49:56 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/09/27 02:39:04 | 000,003,120 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\To Lizzie.rtf
[2010/09/21 11:11:40 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 11:11:40 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 10:50:48 | 000,217,677 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\bookmarks.html
[2010/09/21 10:44:46 | 000,007,822 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Tasha.doc
[2010/09/19 20:01:21 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\CCleaner.lnk
[2010/09/18 18:34:20 | 000,048,187 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Lizzie.jpg
[2010/09/14 13:31:02 | 000,045,990 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\58776_155026001182413_100000250426892_426810_5253894_n.jpg
[2010/09/14 13:30:31 | 000,049,559 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\47182_155025491182464_100000250426892_426808_2293738_n.jpg
[2010/09/12 15:35:17 | 000,005,994 | ---- | M] () -- C:\Documents and Settings\Shaun\Desktop\Rae&Demi.doc
[2010/09/11 03:52:55 | 000,054,692 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\shirt.jpg
[2010/09/07 09:54:20 | 000,099,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/05 21:14:21 | 000,010,207 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\4463548731_93011720e8_m.jpg
[2010/09/05 06:58:30 | 000,029,585 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\34259_110469249004929_100001255644326_67514_5498529_n.jpg
[2010/08/31 19:24:59 | 000,169,905 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\star-wars-personalities.jpg
[2010/08/29 14:08:10 | 000,035,697 | ---- | M] () -- C:\Documents and Settings\Shaun\My Documents\Theivery.m3u
[2010/08/28 17:28:20 | 000,015,504 | ---- | M] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/15 18:14:22 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2010/08/06 03:09:01 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/08/06 03:07:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/08/06 03:07:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/24 11:59:11 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/24 11:59:11 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/07/17 04:55:04 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shaun\Desktop\TFC.exe
========== Files Created - No Company Name ========== [2010/10/13 00:04:41 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/10/12 09:42:26 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\IMVU.lnk
[2010/10/12 00:50:53 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\gws updater.lnk
[2010/10/12 00:33:02 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Guild Wars.lnk
[2010/10/08 16:20:32 | 000,017,201 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Tattoo 2.png
[2010/10/06 23:52:15 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2010/10/06 23:52:15 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/10/05 17:58:32 | 000,064,414 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\10-04-10952350.jpg
[2010/10/03 22:05:59 | 000,009,061 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Lizzie.rtf
[2010/10/02 16:05:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010/10/02 08:49:56 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/02 08:49:56 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/09/29 23:44:02 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/09/27 02:17:47 | 000,003,120 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\To Lizzie.rtf
[2010/09/21 11:11:40 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 11:11:40 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010/09/21 10:50:48 | 000,217,677 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\bookmarks.html
[2010/09/18 18:34:19 | 000,048,187 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Lizzie.jpg
[2010/09/15 04:01:58 | 000,007,822 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Tasha.doc
[2010/09/14 13:31:00 | 000,045,990 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\58776_155026001182413_100000250426892_426810_5253894_n.jpg
[2010/09/14 13:30:27 | 000,049,559 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\47182_155025491182464_100000250426892_426808_2293738_n.jpg
[2010/09/12 15:34:35 | 000,005,994 | ---- | C] () -- C:\Documents and Settings\Shaun\Desktop\Rae&Demi.doc
[2010/09/11 03:52:52 | 000,054,692 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\shirt.jpg
[2010/09/05 21:14:20 | 000,010,207 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\4463548731_93011720e8_m.jpg
[2010/09/05 06:58:24 | 000,029,585 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\34259_110469249004929_100001255644326_67514_5498529_n.jpg
[2010/08/31 19:24:57 | 000,169,905 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\star-wars-personalities.jpg
[2010/08/29 14:08:10 | 000,035,697 | ---- | C] () -- C:\Documents and Settings\Shaun\My Documents\Theivery.m3u
[2010/07/24 11:59:11 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\Shaun\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/07/24 11:59:11 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2010/07/24 03:15:19 | 000,230,424 | ---- | C] () -- C:\img2-001.raw
[2010/04/19 18:58:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/04/08 15:47:02 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\SHORTCUT.INI
[2010/04/08 15:34:35 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2010/04/08 15:33:23 | 000,005,063 | ---- | C] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2010/04/08 15:33:04 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2010/04/08 15:27:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\BSPRINT.INI
[2010/03/15 02:09:18 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/03/13 21:31:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/11 16:35:20 | 001,355,906 | ---- | C] () -- C:\WINDOWS\UnInstallDynalinkADSL.dll
[2009/12/02 15:08:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/10/17 00:37:55 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/09/09 02:51:07 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX3000.ini
[2009/09/07 21:05:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CoInst.dll
[2009/09/07 21:05:28 | 000,017,868 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2009/09/07 18:37:41 | 000,091,648 | ---- | C] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/07 16:42:42 | 000,001,000 | ---- | C] () -- C:\WINDOWS\System32\bscs.ini
[2009/09/07 00:23:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Shaun\Local Settings\Application Data\fusioncache.dat
[2009/09/07 00:04:12 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/09/06 23:05:27 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009/09/06 21:20:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2009/09/02 10:39:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\BsMobileCSps.dll
[2009/06/17 15:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
========== LOP Check ========== [2010/10/11 16:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2009/09/06 21:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/05/30 20:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/10/09 18:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OnlineArmor
[2009/09/09 02:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/01/16 05:28:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010/10/11 16:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Acoustica
[2010/10/11 16:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Antares
[2010/07/06 00:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/10/02 08:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Free Download Manager
[2009/09/09 02:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\GetRightToGo
[2010/10/13 10:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVU
[2010/04/09 21:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVU-Products
[2010/10/12 09:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IMVUClient
[2010/06/16 17:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\IObit
[2009/09/07 00:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\OnlineArmor
[2009/09/21 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\SecondLife
[2010/10/11 16:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\SynthMaker
[2010/02/02 17:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\TeamViewer
[2010/10/11 16:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\uTorrent
[2009/12/22 14:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Vivox
[2009/09/06 23:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Windows Desktop Search
[2009/09/07 15:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shaun\Application Data\Windows Search
[2010/10/13 05:54:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/10/13 00:04:14 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/10/13 00:04:15 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/10/13 00:04:40 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/10/13 00:04:41 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/10/10 22:38:39 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/10/13 11:26:51 | 000,020,516 | ---- | M] () -- C:\aaw7boot.log
[2009/09/06 21:10:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/10/11 18:42:00 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/09/06 21:10:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/15 18:14:22 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2009/09/06 21:10:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/09/06 21:10:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/09/06 21:56:19 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/09/06 21:56:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/13 11:27:01 | 536,870,912 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2009/09/07 08:52:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/09/07 08:52:16 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/09/07 08:52:16 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-12 16:10:06
< End of report >
OTL Extras logfile created on: 13/10/2010 11:35:16 a.m. - Run 1
OTL by OldTimer - Version 3.2.15.0 Folder = C:\Documents and Settings\Shaun\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
1,022.00 Mb Total Physical Memory | 569.00 Mb Available Physical Memory | 56.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 512 512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.49 Gb Total Space | 16.79 Gb Free Space | 48.67% Space Free | Partition Type: NTFS
Drive D: | 423.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive O: | 110.00 Gb Total Space | 5.20 Gb Free Space | 4.73% Space Free | Partition Type: NTFS
Drive P: | 61.44 Gb Total Space | 53.22 Gb Free Space | 86.63% Space Free | Partition Type: NTFS
Drive Q: | 61.44 Gb Total Space | 21.76 Gb Free Space | 35.42% Space Free | Partition Type: NTFS
Computer Name: AWESOMENESS | User Name: Shaun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | File Age = 90 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"P:\Program Files\Messenger\YahooMessenger.exe" = P:\Program Files\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Free Download Manager\fdm.exe" = C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager -- File not found
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game -- ()
"P:\generals.exe" = P:\generals.exe:*:Enabled:Command & Conquer Generals -- ()
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS -- (IVT Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Documents and Settings\Shaun\My Documents\uTorrent.exe" = C:\Documents and Settings\Shaun\My Documents\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe" = C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe:*:Enabled:Command and ConquerTM Generals Zero Hour -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{25887983-54F3-4F55-A7C5-91229AD67C16}" = Bluesoleil 5.4.277.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3638411A-C5DB-4916-BA1A-9C2A6AD1BBBB}" = Dynalink ADSL Router USB Driver
"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E43E5F45-E924-4D83-9DB9-8D74BCF7A9DD}" = Antares Auto-Tune Evo TDM
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Belarc Advisor" = Belarc Advisor 8.1
"CachemanXP 2.0 (Windows 2000,2003,XP)" = CachemanXP 2.0 (Windows 2000,2003,XP)
"CCleaner" = CCleaner
"ClassicPro" = ClassicPro© v1.13
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Dynalink ADSL Modem" = Dynalink ADSL Modem
"Guild Wars" = Guild Wars
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live Toolbar" = Messenger_Plus_Live Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0b6 (x86 en-US)" = Mozilla Firefox 4.0b6 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OnlineArmor_is1" = Online Armor 3.5
"PCI Audio Driver" = PCI Audio Driver
"PROSet" = Intel® PRO Network Adapters and Drivers
"Smart Defrag_is1" = Smart Defrag
"TeamViewer 5" = TeamViewer 5
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo!Xtra Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 11/10/2010 12:39:01 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2418241,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 11/10/2010 12:40:52 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb983583,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 11/10/2010 12:42:14 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 11/10/2010 12:52:42 a.m. | Computer Name = AWESOMENESS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976569,
P2 1033, P3 1642, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 11/10/2010 8:24:53 a.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.
Error - 11/10/2010 10:13:53 a.m. | Computer Name = AWESOMENESS | Source = Windows Search Service | ID = 3013
Description = The entry <C:\CONFIG.MSI\5D767B.RBS> in the hash map cannot be updated.
Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 12/10/2010 12:54:19 p.m. | Computer Name = AWESOMENESS | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 12/10/2010 2:54:43 p.m. | Computer Name = AWESOMENESS | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 12/10/2010 2:59:08 p.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.
Error - 12/10/2010 6:31:40 p.m. | Computer Name = AWESOMENESS | Source = Application Error | ID = 1000
Description = Faulting application bluesoleil voip plugin.exe, version 6.4.0.0,
faulting module bluesoleil voip plugin.exe, version 6.4.0.0, fault address 0x000052ba.
[ System Events ]
Error - 11/10/2010 8:22:13 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7022
Description = The MSCamSvc service hung on starting.
Error - 12/10/2010 12:33:12 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 12:35:58 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 12:38:05 a.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).
Error - 12/10/2010 2:56:39 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 2:56:51 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 2:57:03 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).
Error - 12/10/2010 6:28:30 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 6:29:01 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 12/10/2010 6:29:37 p.m. | Computer Name = AWESOMENESS | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).
< End of report >
I think Online Armor is keeping my computer from updating windows normally. I don't know how to work around that. Other than that i can't think of anything.