Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unsure if infected & what do I do now


  • Please log in to reply

#1
Cunjurongkid

Cunjurongkid

    Member

  • Member
  • PipPip
  • 28 posts
Hi team,

I have currently been working with rshaffer61 in the XP forum

I have been getting random BSOD for the past month now. Avast doesn't pick-up anything, AVG did pick-up a rootkit but I didn't get it's name. It all started happening one day out of the blue while picking up gifts on Facebook for Farmville.
This is what rshaffer61 & I have gotten up to with diagnosing the problem.

http://www.geekstogo...what-to-do-now/

I was unsure what else to do (other then to take my laptop to a shop to be repaired or to upgrade my OS to Windows7, thought that I might aswell run OTL to make sure there's nothing "simple" there.

Thanks in advance for your help, here's the OTL file

OTL logfile created on: 5/05/2011 7:32:24 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jodie\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 181.19 Gb Free Space | 77.81% Space Free | Partition Type: NTFS

Computer Name: CAPTAINSEAWEED | User Name: Jodie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/05 07:12:44 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodie\Desktop\OTL.exe
PRC - [2011/04/19 03:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/07/03 10:40:30 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/01 15:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008/02/01 14:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008/01/23 15:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008/01/23 10:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008/01/11 22:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007/12/04 10:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007/11/04 19:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007/07/30 18:36:14 | 000,122,975 | ---- | M] () -- C:\Program Files\Cyberlink\PowerCinema\Kernel\TV\CLSched.exe
PRC - [2007/07/30 18:36:12 | 000,278,611 | ---- | M] () -- C:\Program Files\Cyberlink\PowerCinema\Kernel\TV\CLCapSvc.exe
PRC - [2007/07/30 18:35:40 | 000,159,744 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Cyberlink\PowerCinema\PCMService.exe
PRC - [2007/02/28 22:32:30 | 000,140,832 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IfxPsdSv.exe
PRC - [2007/02/07 01:30:00 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
PRC - [2007/01/29 20:15:14 | 000,181,792 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2007/01/29 20:00:34 | 000,661,024 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe


========== Modules (SafeList) ==========

MOD - [2011/05/05 07:12:44 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodie\Desktop\OTL.exe
MOD - [2011/04/19 03:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/24 02:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/12/04 09:31:00 | 000,090,112 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
MOD - [2006/07/12 16:55:00 | 000,056,832 | ---- | M] (Cognizance Corporation) -- C:\WINDOWS\system32\APSHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (TOSHIBA Bluetooth Service)
SRV - [2011/04/19 03:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/07/03 10:40:30 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007/07/30 18:36:14 | 000,122,975 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/07/30 18:36:12 | 000,278,611 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/02/28 22:32:30 | 000,140,832 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\WINDOWS\system32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2007/02/07 01:30:00 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006/06/21 18:14:00 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)


========== Driver Services (SafeList) ==========

DRV - [2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/07/06 02:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/10/14 10:19:24 | 000,148,992 | R--- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV - [2009/10/14 10:19:06 | 000,197,504 | R--- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV - [2009/10/08 17:16:56 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2009/10/06 17:25:38 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2009/06/29 17:00:50 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/06/29 17:00:50 | 000,102,656 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009/04/09 12:38:30 | 000,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/29 00:27:00 | 004,733,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/14 04:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/01 15:13:58 | 001,807,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/03/27 08:56:46 | 000,153,600 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/03/13 03:25:36 | 002,530,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2008/03/04 16:06:22 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/08/28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007/08/23 15:58:06 | 000,467,968 | ---- | M] (DiBcom) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2007/06/16 21:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/06/11 14:25:28 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/04/24 13:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2007/03/01 16:53:10 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/01/29 20:07:30 | 000,039,080 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2007/01/29 19:13:26 | 000,036,608 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006/10/05 16:20:42 | 000,043,904 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006/03/21 16:04:24 | 000,889,472 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/02/07 19:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003/03/02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.telstra.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2004/08/04 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TSToolbarBHO) - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - File not found
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Transaction Protector) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MsgTranAgt] C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1217469968593 (MUWebControl Class)
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} http://www.trendsecu...asyInstallX.CAB (TSEasyInstallX Control)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 211.29.152.116 198.142.0.51 211.29.132.12
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jodie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jodie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/30 16:53:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{596f758c-3ebb-11df-8cda-001f3b4dd22b}\Shell - "" = AutoRun
O33 - MountPoints2\{596f758c-3ebb-11df-8cda-001f3b4dd22b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{596f758c-3ebb-11df-8cda-001f3b4dd22b}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{596f758d-3ebb-11df-8cda-001f3b4dd22b}\Shell - "" = AutoRun
O33 - MountPoints2\{596f758d-3ebb-11df-8cda-001f3b4dd22b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{596f758d-3ebb-11df-8cda-001f3b4dd22b}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{901b93a4-7868-11df-8d2a-001f3b4dd22b}\Shell - "" = AutoRun
O33 - MountPoints2\{901b93a4-7868-11df-8d2a-001f3b4dd22b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{901b93a4-7868-11df-8d2a-001f3b4dd22b}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/05 07:12:32 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jodie\Desktop\OTL.exe
[2011/05/04 22:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Shiver - Vanishing Hitchhiker
[2011/05/04 15:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/05/04 13:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2011/05/04 07:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2011/05/03 17:17:37 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/05/03 16:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\XP Registry Cleaner
[2011/04/26 16:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodie\Application Data\AVG10
[2011/04/26 16:51:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/26 16:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/04/26 16:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/04/23 10:36:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jodie\Desktop\TV downloads
[2011/04/20 23:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodie\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/19 07:19:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/04/18 22:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Hallowed Legends - Samhain
[2011/04/18 22:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Our Worst Fears - Stained Skin
[2011/04/09 12:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/06 22:10:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2011/04/06 22:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jodie\Local Settings\Application Data\Microsoft Corporation
[2011/04/05 17:20:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/05 07:12:44 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodie\Desktop\OTL.exe
[2011/05/05 06:34:17 | 000,176,225 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/05/05 06:34:13 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/05 06:33:41 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\Security Platform Backup Schedule.job
[2011/05/05 06:33:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/04 11:57:15 | 000,000,424 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2011/05/04 11:55:32 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\Jodie\Application Data\mainhst.zgh
[2011/05/04 07:48:32 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Jodie\Desktop\WhoCrashed.lnk
[2011/05/02 14:41:24 | 000,074,752 | ---- | M] () -- C:\Documents and Settings\Jodie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/02 14:41:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/04/29 12:18:44 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc0613c3cdd5b6.job
[2011/04/28 17:27:32 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011/04/28 14:21:04 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Jodie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/21 16:20:14 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/20 22:16:13 | 000,485,452 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/20 22:16:13 | 000,081,362 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/20 21:54:52 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/04/19 03:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/04/19 03:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/04/19 03:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/04/19 03:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/04/19 03:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/04/19 03:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/04/19 03:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/04/19 03:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/04/19 03:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/04/19 03:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/04/17 20:27:21 | 000,134,370 | ---- | M] () -- C:\Documents and Settings\Jodie\My Documents\Sofee facebook.jpg
[2011/04/17 20:07:45 | 000,131,230 | ---- | M] () -- C:\Documents and Settings\Jodie\My Documents\Jodie facebook.jpg
[2011/04/17 20:04:22 | 000,179,980 | ---- | M] () -- C:\Documents and Settings\Jodie\My Documents\Mum facebook.jpg
[2011/04/15 19:51:26 | 000,530,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/08 20:17:12 | 000,056,346 | ---- | M] () -- C:\Documents and Settings\Jodie\My Documents\080803_tftd_Toot.jpg
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/04 07:48:32 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Jodie\Desktop\WhoCrashed.lnk
[2011/04/29 12:18:44 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc0613c3cdd5b6.job
[2011/04/20 23:39:45 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 8.lnk
[2011/04/17 20:27:21 | 000,134,370 | ---- | C] () -- C:\Documents and Settings\Jodie\My Documents\Sofee facebook.jpg
[2011/04/17 20:07:45 | 000,131,230 | ---- | C] () -- C:\Documents and Settings\Jodie\My Documents\Jodie facebook.jpg
[2011/04/17 20:04:22 | 000,179,980 | ---- | C] () -- C:\Documents and Settings\Jodie\My Documents\Mum facebook.jpg
[2011/04/08 20:18:35 | 000,056,346 | ---- | C] () -- C:\Documents and Settings\Jodie\My Documents\080803_tftd_Toot.jpg
[2010/12/13 14:12:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/10 15:57:05 | 000,162,952 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/02/13 11:33:43 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\Jodie\Application Data\mainhst.zgh
[2009/11/23 14:45:33 | 000,000,459 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/10/08 17:16:56 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/06/16 12:25:02 | 000,121,512 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2009/02/16 17:56:08 | 000,012,140 | ---- | C] () -- C:\Documents and Settings\Jodie\Local Settings\Application Data\slot1.mm1
[2008/12/31 16:04:42 | 000,691,560 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/12/31 16:04:42 | 000,528,744 | ---- | C] () -- C:\WINDOWS\System32\OGAVerify.exe
[2008/11/17 19:09:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/08/13 15:27:48 | 000,000,032 | ---- | C] () -- C:\WINDOWS\RBuilder.ini
[2008/08/07 03:38:36 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/08/06 18:47:24 | 000,000,147 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2008/08/06 18:47:24 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/08/06 18:47:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2008/08/06 18:47:12 | 000,014,441 | ---- | C] () -- C:\WINDOWS\HL-5250DN.INI
[2008/08/06 18:47:06 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/08/06 18:47:06 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD5250DN.DAT
[2008/08/06 18:46:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\PtrcENG.dll
[2008/08/01 21:55:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/08/01 21:55:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008/08/01 21:54:54 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2008/08/01 21:54:54 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2008/07/31 22:46:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2008/07/31 17:01:36 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/07/31 14:46:05 | 000,025,117 | ---- | C] () -- C:\Documents and Settings\Jodie\Application Data\Comma Separated Values (Windows).ADR
[2008/07/31 12:02:17 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/31 11:46:32 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Jodie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/31 11:46:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/07/31 02:38:47 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/31 02:37:28 | 000,530,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/07/30 22:45:51 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2008/07/30 18:29:50 | 005,386,240 | ---- | C] () -- C:\WINDOWS\System32\RTS5121icon.dll
[2008/07/30 18:01:09 | 001,807,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2008/07/30 18:01:09 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2008/07/30 17:18:00 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/07/30 17:12:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/07/30 16:58:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/30 16:50:50 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/30 13:58:46 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/07/30 13:58:46 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/07/30 13:58:46 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/07/30 13:58:46 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/07/30 13:58:45 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/07/30 13:58:45 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/07/30 13:58:44 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/08/28 05:58:00 | 000,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2005/04/03 07:30:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\scardsyn.dll
[2004/08/04 22:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 22:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 22:00:00 | 000,485,452 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 22:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 22:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 22:00:00 | 000,081,362 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 22:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 22:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 22:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 22:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 22:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/05/06 12:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== LOP Check ==========

[2010/02/09 20:25:48 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Jodie\Application Data\.#
[2008/09/16 17:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Ace
[2010/06/18 10:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Aisle 5 Games, Inc
[2010/10/20 12:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Anarchy
[2010/10/04 12:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Artifex Mundi
[2011/04/26 16:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\AVG10
[2010/08/03 10:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Awem
[2009/12/17 17:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Big Fish Games
[2011/01/07 19:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\BlamGames
[2010/06/30 10:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\BloodTies
[2011/03/06 07:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\calibre
[2010/12/27 10:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Casual Arts
[2010/06/29 09:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\cerasus.media
[2011/04/20 23:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/03/10 11:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Coyotes Tale
[2010/03/22 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Datalayer
[2011/01/07 13:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Dekovir
[2009/02/27 18:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Dragon Altar Games
[2010/08/29 18:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Elephant Games
[2010/05/28 20:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\ERS G-Studio
[2010/10/29 14:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\ERS Game Studios
[2008/12/11 20:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\FirstColony
[2010/06/19 17:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Flood Light Games
[2010/10/13 10:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Floodlight Games
[2010/10/13 09:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Freeze Tag
[2010/08/20 11:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\GameMill Entertainment
[2010/06/24 10:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Gamers Digital
[2009/07/23 13:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Games
[2010/10/19 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Ghost Ship Studios
[2009/02/26 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Gogii Games
[2010/06/24 12:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Gold Casual Games
[2010/06/26 17:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\HSA
[2008/07/30 17:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Infineon
[2010/06/23 17:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\IOMediaSupport6SZZ001s
[2010/06/25 11:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Island
[2009/02/26 18:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\JoyBits
[2010/10/19 16:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\KingArthur
[2009/03/24 22:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Lost in the City
[2010/06/29 09:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Meridian93
[2010/11/10 16:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Merscom
[2008/12/13 19:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Mushroom Age
[2010/06/16 21:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\My Games
[2010/10/19 17:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\MysteryStudio
[2010/03/22 17:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Nokia
[2009/03/13 18:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\OfficeUpdate12
[2010/06/23 17:07:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\panoramik
[2010/03/22 18:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\PC Suite
[2009/05/11 12:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Pi Eye Games
[2010/06/25 16:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\PlayFirst
[2010/10/25 16:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\PlayPond
[2008/08/25 17:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Playrix Entertainment
[2010/06/24 12:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\PoBros
[2008/12/13 20:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Pogo Games
[2010/03/18 07:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\QB9
[2008/08/25 15:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Righteous Kill
[2010/10/13 09:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Scholastic
[2010/06/24 12:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\SecretIslandEng
[2010/06/24 11:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\SerpentOfIsis
[2010/06/30 08:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Shape games
[2010/06/19 17:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\she_is_a_shadow
[2010/02/09 19:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Sierra Wireless
[2010/03/18 07:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Silverback Productions
[2010/06/23 17:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Spinapse
[2011/02/05 12:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Striped Arts
[2010/06/18 16:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\SulusGames
[2010/06/23 17:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Suspects and Clues Players
[2010/06/23 17:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Suspects and Clues Prefs
[2010/06/24 11:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\TMInc
[2009/02/25 22:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Tropical Dream Underwater Odyssey
[2010/06/26 16:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Ubisoft
[2011/05/02 07:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\uTorrent
[2010/06/18 13:41:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\VampireSaga
[2010/04/03 10:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Vodafone
[2010/08/11 11:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Vogat Interactive
[2008/07/31 12:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Windows Home Server
[2008/08/06 18:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\Windows Search
[2010/02/13 11:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jodie\Application Data\ZipGenius
[2009/06/25 18:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/10/25 13:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/05/27 23:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/04/28 17:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/05 20:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2009/05/05 15:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blg
[2010/12/27 10:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Casual Arts
[2011/04/26 16:51:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/06/16 21:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2010/10/18 12:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elephant Games
[2009/02/09 10:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Enkord
[2008/12/13 19:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ERS G-Studio
[2009/05/01 16:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills
[2010/06/19 17:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2010/10/13 10:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2010/10/14 16:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2009/09/08 18:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FuzzyBug
[2010/06/24 10:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamers Digital
[2010/08/11 13:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2009/02/26 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games
[2010/06/24 12:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2008/11/25 15:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/05/01 20:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HoverBee Studios
[2009/03/26 17:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/03/26 17:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2008/07/30 17:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon
[2010/03/22 19:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/05/05 14:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2008/07/30 20:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/11/10 16:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2011/04/28 17:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/06/20 17:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/06/26 19:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MysteryChronicles
[2010/06/24 06:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeptunesAdve
[2009/02/19 14:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nick Chase A Detective Story
[2010/03/22 18:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2008/09/14 17:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PBGsavesDirectory
[2009/09/06 10:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/08/23 15:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PearlDiv_full
[2010/06/25 16:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010/06/18 19:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond
[2010/10/20 13:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010/06/24 12:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2008/11/02 16:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2008/08/13 16:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Slapdash Games
[2010/08/11 13:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/06/18 16:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2011/05/04 22:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/04/03 10:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2008/08/21 21:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Home Server
[2010/08/09 12:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/09 12:23:08 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\OGADaily.job
[2010/08/09 12:23:08 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/05/05 06:33:41 | 000,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\Security Platform Backup Schedule.job
[2011/04/28 17:27:32 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E91ADC66
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1381B34
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C282BEA
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:28CDD861
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A5207FA
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:17C48B08
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E41267F2
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43982D5E
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D36932D
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAE3649B
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B904C348
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:561B1D2B
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:50DD4118
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DDEB08FD
@Alternate Data Stream - 245 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:661DC753
@Alternate Data Stream - 239 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1E17A249
@Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BAC4211
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97C4F81F
@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:627153F1
@Alternate Data Stream - 226 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:409A775B
@Alternate Data Stream - 225 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43C9D140
@Alternate Data Stream - 224 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C9CDDE5E
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 223 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07241935
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B9B0020
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61F0C8FB
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08D8BB20
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F38F234
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E51234A9
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A02025CE
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C5ABDC7
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:067F588D
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC3B090
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F141B68
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EF1AD34
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F1175E1D
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:598E0FFA
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B285B76
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:260575F1
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5F85065
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DA71AE7
@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2C0CB844
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADBB571A
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0696EC8E
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E9A3410
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71612023
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:14A1BBE3
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C72A744C
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5DC2B0C
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:19474103
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F5B51004
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DE875C30
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A819A132
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CC32B31
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0893153
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A167A0BB
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:397D67BA
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3969ACF7
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7FCB9D0D
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1023D41
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B7447D4
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9720EBEF
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5B6B9C5
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EBCF5924
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD020DC3
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A032A04
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BF6A2C54
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94B46CA2
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0BBF232A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F84B8DB5
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53B8C5D2
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CA557DB
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D3A89E47
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CFA8C6E3
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48977386
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BC498A4
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2AE74FF9
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BBCB4421
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B190BE3A
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4FA837B4
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:100E92DA
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A5A2814C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADB695A
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5FFC2819
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EE95FE7
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F1DEA771
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C30487EE
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AAA06E15
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A5241382
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E783B8E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7DC5D762
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57176330
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5080697C
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:041C0562
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D890DD02
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59465B40
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52C24010
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1E7308B6
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D6AB0F79
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A5FC8FA1
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:848CC150
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7547DA5B
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:620EC79A
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3539CD43
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9398DBB4
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:268BA8AB
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E684AC9
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:072F1F69
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9FD757A9
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:927EC486
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8944C195
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:834DD57E
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:436AFF0E
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:32A82570
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:315B4A13
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1C201DEB
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2CFA9CD
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF61CE5A
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C928F3BE
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:918B7566
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8999FD56
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D10C56A
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E66A88
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:523B97A0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:386B39C3
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F6462DF
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2DF54B62
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00D5EBC2
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF5B3572
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD66B3E
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2871B698
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1B927722
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02BC319B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90865A6D
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2151AD3
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A58B27C9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:68EF6203
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38C4D9C2
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FDDD8917
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD95E6D9
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C039C6AC
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6401C7FF
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F0007D6
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2865730
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:708BB0FA
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6425A235
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3196E8D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B2CD146E
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:54D5DB8A
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E80802C7
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7F08EA3
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C76CFF82
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AFB24B00
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A6D89509
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A4F63AED
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:96C9689F
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:842B0AED
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7AA6FC81
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:73AFBB96
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BF0805F
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A8F8A0C
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D6B18F1
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D48500F8
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CEF2A14E
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CD9109D4
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CAC06C34
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B8EB1B99
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7A0FEE87
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:774A0E14
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CB96B16
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC8FFA4E
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8E82994
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2342AE46
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C36B1175
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B1FBBD09
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3251D01
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3313A48D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40D8F125
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:164FA86E
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6E97B83A
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9E10A82
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB16385F
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C6EBC69
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F14D1F80
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:614F17D3
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4FE42FFC
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A2A70FC
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1316EAD4
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D278FB5
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BB71BBA2
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9DF07E8F
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF76F21
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:09064307
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEB25EAE
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E266F325
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:92A815D8
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4FE30352
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:177313FB
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB97DB91
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D0668210
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5E9B629B
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:31106FCB
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27D1368B

< End of report >


The extras log incase you need it too

OTL Extras logfile created on: 5/05/2011 7:32:24 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jodie\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 181.19 Gb Free Space | 77.81% Space Free | Partition Type: NTFS

Computer Name: CAPTAINSEAWEED | User Name: Jodie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F2F77E4-4053-4108-B153-81F0B42EDCF4}" = WebIQ Technology Engine
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{14DBE104-420D-4422-B390-4B10061F6BD2}" = Brother HL-5250DN
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2D911CA4-D8A8-468E-8141-3BEEB9010901}" = SimHID Setup
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}" = Beyond Good & Evil
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{7FF90D04-A60F-42A0-8F78-88623F99DCAC}" = KB Dual Express
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9223CE17-3922-41AD-98D3-9A390D941033}" = Nero 8 Essentials
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0
"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar WALL-E
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D104C1CF-7C12-4D32-9850-DDC99060DE5B}" = Infineon TPM Professional Package
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = Realtek Card Reader
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.3.0.2400)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast" = avast! Free Antivirus
"BFG-Animal Agents" = Animal Agents
"BFG-Awakening - Moonfell Wood" = Awakening: Moonfell Wood
"BFG-Ballville - The Beginning" = Ballville: The Beginning
"BFG-Blood Ties" = Blood Ties
"BFG-Bloodline of the Fallen - Anna's Sacrifice" = Bloodline of the Fallen: Anna's Sacrifice
"BFG-Brain Challenge" = Brain Challenge
"BFGC" = Big Fish Games: Game Manager
"BFG-Can You See What I See" = Can You See What I See?
"BFG-Can You See What I See - Dream Machine" = Can You See What I See? Dream Machine
"BFG-Curse of the Ghost Ship" = Curse of the Ghost Ship
"BFG-DragonStone" = DragonStone
"BFG-Dying_for_Daylight" = Charlaine Harris: Dying for Daylight
"BFG-Enchanted Fairy Friends" = Enchanted Fairy Friends: Secret of the Fairy Queen
"BFG-Fear For Sale - Mystery of McInroy Manor" = Fear For Sale: Mystery of McInroy Manor
"BFG-Fear for Sale - The Mystery of McInroy Manor Collector's Edition" = Fear for Sale: The Mystery of McInroy Manor Collector's Edition
"BFG-Fiction Fixers - The Curse of OZ" = Fiction Fixers: The Curse of OZ
"BFG-Fishdom" = Fishdom
"BFG-Fishdom - Seasons Under the Sea" = Fishdom: Seasons Under the Sea
"BFG-Fishdom 2" = Fishdom 2
"BFG-Fishdom H2O - Hidden Odyssey" = Fishdom H2O: Hidden Odyssey
"BFG-Hallowed Legends - Samhain" = Hallowed Legends: Samhain
"BFG-Haunted Legends - The Queen of Spades" = Haunted Legends: The Queen of Spades
"BFG-Hidden Expedition - Amazon" = Hidden Expedition: Amazon ™
"BFG-Hidden Expedition - Devils Triangle" = Hidden Expedition &reg; - Devil's Triangle
"BFG-Hidden Expedition - Titanic" = Hidden Expedition: Titanic™
"BFG-Hidden Object Crosswords" = Hidden Object Crosswords
"BFG-Hidden Secrets - The Nightmare" = Hidden Secrets: The Nightmare
"BFG-Hodgepodge Hollow" = Hodgepodge Hollow
"BFG-Lost Chronicles - Salem" = Lost Chronicles: Salem
"BFG-Lost in the City" = Lost in the City
"BFG-Lost in Time - The Clockwork Tower" = Lost in Time: The Clockwork Tower
"BFG-Margrave Manor 2 - The Lost Ship" = Margrave Manor 2: The Lost Ship
"BFG-Mishap - An Accidental Haunting" = Mishap: An Accidental Haunting ™
"BFG-Mishap 2 - An Intentional Haunting" = Mishap 2: An Intentional Haunting
"BFG-Murder Island - Secret of Tantalus" = Murder Island: Secret of Tantalus
"BFG-Mystery Age - The Dark Priests" = Mystery Age: The Dark Priests
"BFG-Mystery Case Files - 13th Skull" = Mystery Case Files &reg;: 13th Skull ™
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files&reg;: Dire Grove™
"BFG-Mystery Case Files - Madame Fate" = Mystery Case Files: Madame Fate&trade;
"BFG-Mystery Case Files - Prime Suspects" = Mystery Case Files: Prime Suspects ™
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst ™
"BFG-Mystery Case Files - Return to Ravenhearst" = Mystery Case Files: Return to Ravenhearst ™
"BFG-Mystery of Mortlake Mansion" = Mystery of Mortlake Mansion
"BFG-Mystery P.I. - Lost in Los Angeles" = Mystery P.I.: Lost in Los Angeles
"BFG-Mystery P.I. - Stolen in San Francisco" = Mystery P.I.: Stolen in San Francisco
"BFG-Mystery P.I. - The London Caper" = Mystery P.I.: The London Caper
"BFG-Mystery P.I. - The Lottery Ticket" = Mystery P.I. - The Lottery Ticket
"BFG-Mystery P.I. - The Vegas Heist" = Mystery P.I.: The Vegas Heist
"BFG-Mystery PI - The New York Fortune" = Mystery P.I.: The New York Fortune
"BFG-Mystery Stories - Island of Hope" = Mystery Stories: Island of Hope
"BFG-Mystery Trackers - The Void Collector's Edition" = Mystery Trackers: The Void Collector's Edition
"BFG-Mystery Valley" = Mystery Valley
"BFG-Nightmare on the Pacific" = Nightmare on the Pacific
"BFG-Our Worst Fears - Stained Skin" = Our Worst Fears: Stained Skin
"BFG-Phantasmat" = Phantasmat
"BFG-Phantasmat Collector's Edition" = Phantasmat Collector's Edition
"BFG-Reading the Dead" = Reading the Dead
"BFG-Shadow Wolf Mysteries - Curse of the Full Moon Survey" = Shadow Wolf Mysteries: Curse of the Full Moon Survey
"BFG-Sherlock Holmes and the Hound of the Baskervilles Collector's Edition" = Sherlock Holmes and the Hound of the Baskervilles Collector's Edition
"BFG-Shiver - Vanishing Hitchhiker" = Shiver: Vanishing Hitchhiker
"BFG-Soul Journey" = Soul Journey
"BFG-Spirit Seasons - Little Ghost Story" = Spirit Seasons: Little Ghost Story
"BFG-Stray Souls - Dollhouse Story" = Stray Souls: Dollhouse Story
"BFG-Tasty Planet - Back for Seconds" = Tasty Planet: Back for Seconds
"BFG-The Amazing Brain Train" = The Amazing Brain Train
"BFG-The Bloobles" = The Bloobles and the Quest for Chocolate
"BFG-The Nightshift Code" = The Nightshift Code
"BFG-The Secret of Margrave Manor" = The Secret of Margrave Manor
"BFG-Twisted - A Haunted Carol" = Twisted: A Haunted Carol
"BFG-Twisted Lands - Shadow Town" = Twisted Lands: Shadow Town
"BFG-Vacation Quest - The Hawaiian Islands" = Vacation Quest: The Hawaiian Islands
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"InstallShield_{4E074808-1B86-4230-A9EB-0904942EC4AE}" = LEGO Star Wars II
"InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}" = LEGO® Indiana Jones™
"Keeper" = Dungeon Keeper Gold
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"ProInst" = Intel® PROSet/Wireless Software
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WhoCrashed_is1" = WhoCrashed 3.01
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Zanzarah" = Zanzarah - The Hidden Portal

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/05/2011 12:02:37 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 12:07:45 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 12:28:14 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 12:40:41 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 1:03:05 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 7:22:18 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 7:40:20 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 7:52:31 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 8:00:10 AM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 4/05/2011 4:33:49 PM | Computer Name = CAPTAINSEAWEED | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

[ ASUS Security Protect Manager Events ]
Error - 29/09/2008 3:29:17 AM | Computer Name = CAPTAINSEAWEED | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Jodie@CAPTAINSEAWEED
Credentials:
Fingerprints Error: (0xC5160419) The system has terminated the current operation
due to a long period of user inactivity. The operation must be restarted.

[ System Events ]
Error - 4/05/2011 12:07:45 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 12:28:14 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 12:40:40 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 1:03:05 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 7:22:18 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 7:40:20 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 7:52:31 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 8:00:10 AM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 4:33:49 PM | Computer Name = CAPTAINSEAWEED | Source = Service Control Manager | ID = 7000
Description = The TOSHIBA Bluetooth Service service failed to start due to the following
error: %%2

Error - 4/05/2011 4:34:20 PM | Computer Name = CAPTAINSEAWEED | Source = DCOM | ID = 10010
Description = The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register
with DCOM within the required timeout.


< End of report >

Edited by Cunjurongkid, 04 May 2011 - 03:42 PM.

  • 0

Advertisements


#2
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi Cunjurongkid,

My name is Salagubang and Welcome to GeekstoGo. :)

Sorry for the delay, do you still need assistance?
  • 0

#3
Cunjurongkid

Cunjurongkid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Hi Salagubang,

I am not sure if I still need assistance.

I haven't had any more BSOD but I haven't been on my computer as much the past few days.

Could you see anything in the attached report to show any problems?
  • 0

#4
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts

Could you see anything in the attached report to show any problems?


Just a bunch of temp files and a failing Bluetooth service and should be alright if you reinstall the software.

Glad that everything is fine at your end. Do let us know if you run into anymore troubles.

Be safe out there. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP