Thanks deltalima for your reply and advice.
I have removed Vuze from my computer and I have also installed avast! Free Antivirus. Did a full system scanned and detected no infected objects.
Here are my OTL Logs:
OTL logfile created on: 26/6/2011 1:31:52 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Trevor\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: d/M/yyyy
8.00 Gb Total Physical Memory | 5.84 Gb Available Physical Memory | 72.95% Memory free
15.99 Gb Paging File | 13.22 Gb Available in Paging File | 82.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 752.76 Gb Free Space | 80.82% Space Free | Partition Type: NTFS
Computer Name: TREVOR-PC | User Name: Trevor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - File not found
PRC - C:\Users\Trevor\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Users\Trevor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\ASUS\GPU Boost Driver\GpuBoostServer.exe (
ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\EPU\EPU.exe (
ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()
PRC - C:\Windows\DAODx.exe ()
========== Modules (SafeList) ========== MOD - C:\Users\Trevor\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV:
64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:
64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.)
SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:
64bit: - (LVPrcS64) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:
64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV:
64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:
64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:
64bit: - (LVUVC64) Logitech Webcam 600(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:
64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:
64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (SafeNet Inc.)
DRV:
64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (SafeNet Inc.)
DRV:
64bit: - (akshasp) -- C:\Windows\SysNative\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV:
64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV:
64bit: - (aksusb) -- C:\Windows\SysNative\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV:
64bit: - (akshhl) -- C:\Windows\SysNative\drivers\akshhl.sys (Aladdin Knowledge Systems Ltd.)
DRV:
64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:
64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:
64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:
64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:
64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:
64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:
64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:
64bit: - (pfmfs_321) -- C:\Windows\SysNative\drivers\pfmfs_321.sys (Pismo Technic Inc.)
DRV:
64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:
64bit: - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\SysNative\drivers\s116bus.sys (MCCI Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {1e82937c-f660-4a34-b6f0-b185c8729ea5} - C:\Program Files (x86)\Messenger_Plus_AU\prxtbMess.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.ninemsn.com.au/IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D B0 7B D5 9B 13 CC 01 [binary data]
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\URLSearchHook: {1e82937c-f660-4a34-b6f0-b185c8729ea5} - C:\Program Files (x86)\Messenger_Plus_AU\prxtbMess.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-72271713-2498381011-346594757-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/firefox"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:3.3.3.2
FF - prefs.js..extensions.enabledItems:
DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems:
web2pdfextension@web2pdf.adobedotcom:1.0
FF - prefs.js..extensions.enabledItems: {1e82937c-f660-4a34-b6f0-b185c8729ea5}:3.3.5.1
FF - prefs.js..extensions.enabledItems:
wrc@avast.com:20110101
FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/05/29 13:09:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/25 16:32:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/23 13:26:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/23 13:26:49 | 000,000,000 | ---D | M]
[2010/12/04 11:46:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Extensions
[2011/06/25 19:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions
[2011/06/25 17:58:18 | 000,000,000 | ---D | M] (Messenger Plus AU Community Toolbar) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions\{1e82937c-f660-4a34-b6f0-b185c8729ea5}
[2011/04/20 17:55:19 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/05/08 19:03:14 | 000,000,000 | ---D | M] (Anti-Aliasing Tuner) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions\aatuner@hotmint.com
[2011/04/30 12:12:03 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions\DTToolbar@toolbarnet.com
[2011/04/20 17:55:21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\extensions\engine@conduit.com
[2011/04/30 12:12:00 | 000,002,055 | ---- | M] () -- C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\searchplugins\daemon-search.xml
[2011/05/08 19:17:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/01/06 13:13:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/29 13:09:53 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2011/06/25 16:32:05 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/01/06 13:13:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/06/22 17:23:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:
64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Messenger Plus AU Toolbar) - {1e82937c-f660-4a34-b6f0-b185c8729ea5} - C:\Program Files (x86)\Messenger_Plus_AU\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:
64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:
64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Messenger Plus AU Toolbar) - {1e82937c-f660-4a34-b6f0-b185c8729ea5} - C:\Program Files (x86)\Messenger_Plus_AU\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\Toolbar\WebBrowser: (Messenger Plus AU Toolbar) - {1E82937C-F660-4A34-B6F0-B185C8729EA5} - C:\Program Files (x86)\Messenger_Plus_AU\prxtbMess.dll (Conduit Ltd.)
O3:
64bit: - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU\EPU.exe (
ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-21-72271713-2498381011-346594757-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-72271713-2498381011-346594757-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-72271713-2498381011-346594757-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Trevor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My_AutoWarkey_Script.lnk = C:\Program Files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-72271713-2498381011-346594757-1000..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-72271713-2498381011-346594757-1000\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/06/26 01:30:08 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Trevor\Desktop\OTL.exe
[2011/06/25 17:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2011/06/25 17:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger_Plus_AU
[2011/06/25 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Local\Google
[2011/06/25 16:32:31 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/06/25 16:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/06/25 16:32:30 | 000,287,576 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/06/25 16:32:27 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/06/25 16:32:25 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/06/25 16:32:23 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/06/25 16:32:20 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/06/25 16:32:20 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/06/25 16:32:01 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/06/25 16:32:01 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/06/25 16:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/06/25 16:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/22 18:05:53 | 000,607,310 | R--- | C] (Swearware) -- C:\Users\Trevor\Desktop\dds.scr
[2011/06/22 17:31:57 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Roaming\Malwarebytes
[2011/06/22 17:31:53 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/22 17:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/22 17:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/22 17:31:50 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/22 17:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/22 17:23:55 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/06/22 17:16:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/22 17:16:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/22 17:16:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/22 17:16:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/22 17:15:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/22 17:11:31 | 004,133,689 | R--- | C] (Swearware) -- C:\Users\Trevor\Desktop\ComboFix.exe
[2011/06/15 22:41:12 | 000,000,000 | R--D | C] -- C:\Users\Trevor\Dropbox
[2011/06/15 22:39:59 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011/06/15 22:39:41 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Roaming\Dropbox
[2011/06/15 15:08:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 15:08:00 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 15:08:00 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 15:08:00 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 15:08:00 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 15:08:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 15:08:00 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 15:08:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 15:08:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 15:08:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 15:08:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 15:08:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 15:08:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 15:08:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 15:07:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/15 15:07:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/15 15:07:39 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/07 16:41:12 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Local\Nero_AG
[2011/06/07 16:41:02 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Local\Nero
[2011/06/03 13:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2011/06/03 13:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/06/03 13:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011/06/03 13:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/06/03 13:32:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/06/03 13:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2011/05/29 20:50:45 | 000,000,000 | ---D | C] -- C:\Users\Trevor\AppData\Roaming\go
[2011/05/29 20:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011/05/29 17:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/05/29 13:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/05/29 13:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/05/29 13:06:49 | 000,000,000 | ---D | C] -- C:\Users\Trevor\Desktop\Adobe Acrobat X
[2011/05/29 00:34:04 | 000,000,000 | ---D | C] -- C:\Users\Trevor\Desktop\Joyce assignment
[2011/05/29 00:01:02 | 000,000,000 | ---D | C] -- C:\Users\Trevor\Documents\Vuze Downloads
[2011/02/24 22:11:18 | 1237,480,240 | ---- | C] (Nexon) -- C:\Program Files (x86)\CombatArmsSetupV56.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/06/26 01:30:12 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Trevor\Desktop\OTL.exe
[2011/06/26 01:18:40 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/06/25 18:40:31 | 000,778,750 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/25 18:40:31 | 000,660,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/25 18:40:31 | 000,120,960 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/25 17:58:21 | 000,002,109 | ---- | M] () -- C:\Users\Trevor\Desktop\Plus World.lnk
[2011/06/25 16:32:31 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/25 16:32:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/25 15:46:07 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 15:46:07 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 15:39:38 | 000,000,244 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2011/06/25 15:39:31 | 000,000,244 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2011/06/25 15:39:19 | 000,151,552 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2011/06/25 15:38:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/25 15:38:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011/06/25 15:38:25 | 2146,050,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 18:05:58 | 000,607,310 | R--- | M] (Swearware) -- C:\Users\Trevor\Desktop\dds.scr
[2011/06/22 17:31:54 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/22 17:23:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/06/22 17:14:56 | 000,012,576 | -HS- | M] () -- C:\Users\Trevor\AppData\Local\3iw61u30458aphqy87m2p35p65t5u8vy102628mb
[2011/06/22 17:11:20 | 004,133,689 | R--- | M] (Swearware) -- C:\Users\Trevor\Desktop\ComboFix.exe
[2011/06/22 16:58:40 | 000,012,584 | -HS- | M] () -- C:\ProgramData\3iw61u30458aphqy87m2p35p65t5u8vy102628mb
[2011/06/18 11:07:03 | 000,172,296 | ---- | M] () -- C:\Users\Trevor\Desktop\1.jpg
[2011/06/18 11:06:26 | 000,276,933 | ---- | M] () -- C:\Users\Trevor\Desktop\2.jpg
[2011/06/18 11:05:49 | 000,280,331 | ---- | M] () -- C:\Users\Trevor\Desktop\3.jpg
[2011/06/18 11:05:10 | 000,372,627 | ---- | M] () -- C:\Users\Trevor\Desktop\4.jpg
[2011/06/18 11:04:33 | 000,226,885 | ---- | M] () -- C:\Users\Trevor\Desktop\5.jpg
[2011/06/18 11:03:54 | 000,288,828 | ---- | M] () -- C:\Users\Trevor\Desktop\6.jpg
[2011/06/18 11:03:07 | 000,240,734 | ---- | M] () -- C:\Users\Trevor\Desktop\7.jpg
[2011/06/18 11:02:19 | 000,220,008 | ---- | M] () -- C:\Users\Trevor\Desktop\8.jpg
[2011/06/18 11:01:35 | 000,244,462 | ---- | M] () -- C:\Users\Trevor\Desktop\9.jpg
[2011/06/18 10:59:21 | 000,216,013 | ---- | M] () -- C:\Users\Trevor\Desktop\10.jpg
[2011/06/18 10:58:39 | 000,208,576 | ---- | M] () -- C:\Users\Trevor\Desktop\11.jpg
[2011/06/18 10:57:25 | 000,231,952 | ---- | M] () -- C:\Users\Trevor\Desktop\12.jpg
[2011/06/18 10:56:19 | 000,261,584 | ---- | M] () -- C:\Users\Trevor\Desktop\13.jpg
[2011/06/18 10:55:21 | 000,254,461 | ---- | M] () -- C:\Users\Trevor\Desktop\14.jpg
[2011/06/16 15:43:24 | 130,056,192 | ---- | M] () -- C:\Users\Trevor\Desktop\archi - 3.rvt
[2011/06/16 05:02:38 | 000,028,523 | ---- | M] () -- C:\Users\Trevor\Desktop\medium STAIRS.jpg
[2011/06/16 03:36:14 | 000,421,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/16 01:55:19 | 000,045,103 | ---- | M] () -- C:\Users\Trevor\Desktop\medium BATHROOM ENTRANCE.jpg
[2011/06/16 01:37:43 | 000,048,221 | ---- | M] () -- C:\Users\Trevor\Desktop\medium BAR.jpg
[2011/06/16 01:21:18 | 000,017,486 | ---- | M] () -- C:\Users\Trevor\Desktop\draft BAR.jpg
[2011/06/16 00:51:06 | 000,038,101 | ---- | M] () -- C:\Users\Trevor\Desktop\medium KITCHEN STORAGE.jpg
[2011/06/16 00:22:20 | 000,045,268 | ---- | M] () -- C:\Users\Trevor\Desktop\medium KITCHEN.jpg
[2011/06/16 00:18:14 | 000,057,269 | ---- | M] () -- C:\Users\Trevor\Desktop\medium HALLWAY 2.jpg
[2011/06/16 00:11:33 | 000,054,538 | ---- | M] () -- C:\Users\Trevor\Desktop\medium HALLWAY 1.jpg
[2011/06/15 22:41:12 | 000,001,041 | ---- | M] () -- C:\Users\Trevor\Desktop\Dropbox.lnk
[2011/06/15 22:40:05 | 000,001,021 | ---- | M] () -- C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/06/15 21:59:36 | 130,056,192 | ---- | M] () -- C:\Users\Trevor\Desktop\archi - 3.0001.rvt
[2011/06/12 17:41:51 | 001,300,464 | ---- | M] () -- C:\Users\Trevor\Desktop\Equilibrium excercise 2.rar
[2011/06/03 13:36:08 | 000,002,713 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2011/06/03 13:35:46 | 000,002,901 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2011/06/03 13:34:57 | 000,002,655 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2011/06/03 13:34:14 | 000,002,829 | ---- | M] () -- C:\Users\Public\Desktop\Nero Kwik Media.lnk
[2011/06/03 13:34:02 | 000,002,843 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011/06/03 13:32:12 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2011/06/02 16:30:29 | 003,494,064 | ---- | M] () -- C:\Users\Trevor\Desktop\passport.jpg
[2011/05/31 16:18:13 | 000,236,964 | ---- | M] () -- C:\Users\Trevor\Desktop\Project 3 - presentation 1-1.pdf
[2011/05/29 13:16:22 | 000,000,932 | ---- | M] () -- C:\Users\Trevor\Desktop\Concrete_2960.pat
[2011/05/29 13:10:33 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/06/25 17:58:21 | 000,002,109 | ---- | C] () -- C:\Users\Trevor\Desktop\Plus World.lnk
[2011/06/25 16:32:31 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/25 16:32:20 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/06/22 17:31:54 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/22 17:16:05 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/22 17:16:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/22 17:16:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/22 17:16:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/22 17:16:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/22 15:55:47 | 000,012,584 | -HS- | C] () -- C:\ProgramData\3iw61u30458aphqy87m2p35p65t5u8vy102628mb
[2011/06/22 15:55:47 | 000,012,576 | -HS- | C] () -- C:\Users\Trevor\AppData\Local\3iw61u30458aphqy87m2p35p65t5u8vy102628mb
[2011/06/18 11:07:03 | 000,172,296 | ---- | C] () -- C:\Users\Trevor\Desktop\1.jpg
[2011/06/18 11:06:25 | 000,276,933 | ---- | C] () -- C:\Users\Trevor\Desktop\2.jpg
[2011/06/18 11:05:49 | 000,280,331 | ---- | C] () -- C:\Users\Trevor\Desktop\3.jpg
[2011/06/18 11:05:10 | 000,372,627 | ---- | C] () -- C:\Users\Trevor\Desktop\4.jpg
[2011/06/18 11:04:33 | 000,226,885 | ---- | C] () -- C:\Users\Trevor\Desktop\5.jpg
[2011/06/18 11:03:54 | 000,288,828 | ---- | C] () -- C:\Users\Trevor\Desktop\6.jpg
[2011/06/18 11:03:07 | 000,240,734 | ---- | C] () -- C:\Users\Trevor\Desktop\7.jpg
[2011/06/18 11:02:19 | 000,220,008 | ---- | C] () -- C:\Users\Trevor\Desktop\8.jpg
[2011/06/18 11:01:35 | 000,244,462 | ---- | C] () -- C:\Users\Trevor\Desktop\9.jpg
[2011/06/18 10:59:20 | 000,216,013 | ---- | C] () -- C:\Users\Trevor\Desktop\10.jpg
[2011/06/18 10:58:39 | 000,208,576 | ---- | C] () -- C:\Users\Trevor\Desktop\11.jpg
[2011/06/18 10:57:25 | 000,231,952 | ---- | C] () -- C:\Users\Trevor\Desktop\12.jpg
[2011/06/18 10:56:18 | 000,261,584 | ---- | C] () -- C:\Users\Trevor\Desktop\13.jpg
[2011/06/18 10:55:21 | 000,254,461 | ---- | C] () -- C:\Users\Trevor\Desktop\14.jpg
[2011/06/16 05:02:38 | 000,028,523 | ---- | C] () -- C:\Users\Trevor\Desktop\medium STAIRS.jpg
[2011/06/16 01:55:18 | 000,045,103 | ---- | C] () -- C:\Users\Trevor\Desktop\medium BATHROOM ENTRANCE.jpg
[2011/06/16 01:37:43 | 000,048,221 | ---- | C] () -- C:\Users\Trevor\Desktop\medium BAR.jpg
[2011/06/16 01:21:18 | 000,017,486 | ---- | C] () -- C:\Users\Trevor\Desktop\draft BAR.jpg
[2011/06/16 00:51:05 | 000,038,101 | ---- | C] () -- C:\Users\Trevor\Desktop\medium KITCHEN STORAGE.jpg
[2011/06/16 00:24:39 | 130,056,192 | ---- | C] () -- C:\Users\Trevor\Desktop\archi - 3.rvt
[2011/06/16 00:24:39 | 130,056,192 | ---- | C] () -- C:\Users\Trevor\Desktop\archi - 3.0001.rvt
[2011/06/16 00:22:20 | 000,045,268 | ---- | C] () -- C:\Users\Trevor\Desktop\medium KITCHEN.jpg
[2011/06/16 00:18:14 | 000,057,269 | ---- | C] () -- C:\Users\Trevor\Desktop\medium HALLWAY 2.jpg
[2011/06/16 00:11:33 | 000,054,538 | ---- | C] () -- C:\Users\Trevor\Desktop\medium HALLWAY 1.jpg
[2011/06/15 22:41:12 | 000,001,041 | ---- | C] () -- C:\Users\Trevor\Desktop\Dropbox.lnk
[2011/06/15 22:40:05 | 000,001,021 | ---- | C] () -- C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/06/12 17:41:51 | 001,300,464 | ---- | C] () -- C:\Users\Trevor\Desktop\Equilibrium excercise 2.rar
[2011/06/03 13:36:08 | 000,002,713 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2011/06/03 13:35:46 | 000,002,901 | ---- | C] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2011/06/03 13:34:57 | 000,002,655 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2011/06/03 13:34:14 | 000,002,829 | ---- | C] () -- C:\Users\Public\Desktop\Nero Kwik Media.lnk
[2011/06/03 13:34:02 | 000,002,843 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011/06/03 13:32:12 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2011/06/02 16:30:29 | 003,494,064 | ---- | C] () -- C:\Users\Trevor\Desktop\passport.jpg
[2011/05/31 16:18:13 | 000,236,964 | ---- | C] () -- C:\Users\Trevor\Desktop\Project 3 - presentation 1-1.pdf
[2011/05/29 20:50:45 | 000,001,686 | ---- | C] () -- C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (EasyBits GO).lnk
[2011/05/29 13:16:20 | 000,000,932 | ---- | C] () -- C:\Users\Trevor\Desktop\Concrete_2960.pat
[2011/05/29 13:10:33 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/05/29 13:10:33 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/05/29 13:10:33 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/05/17 20:32:31 | 000,003,584 | ---- | C] () -- C:\Users\Trevor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/30 20:45:20 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulaor.exe
[2011/04/30 12:18:55 | 000,765,406 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/21 20:34:04 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
[2011/01/06 15:31:59 | 000,004,976 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2011/01/06 15:20:24 | 000,061,208 | ---- | C] () -- C:\Windows\SysWow64\MPEG4E-uninstall.exe
[2011/01/04 15:32:40 | 000,000,025 | ---- | C] () -- C:\Windows\CDER210E.ini
[2010/12/06 12:30:10 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/12/05 19:15:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/12/03 13:52:54 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/03 13:48:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/03 13:40:19 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/12/03 13:40:19 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/12/03 13:40:16 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/12/03 13:40:16 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/12/03 13:28:48 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/12/03 13:28:44 | 000,031,303 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/11/10 02:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010/11/10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/11/10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 22:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/03/30 16:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe
[2008/12/01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/28 20:32:40 | 000,950,272 | ---- | C] () -- C:\Windows\SysWow64\MPEG4Evfw.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 176 bytes -> C:\Users\Trevor\Desktop\passport.jpg:3or4kl4x13tuuug3Byamue2s4b
< End of report >
OTL Extras logfile created on: 26/6/2011 1:31:52 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Trevor\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: d/M/yyyy
8.00 Gb Total Physical Memory | 5.84 Gb Available Physical Memory | 72.95% Memory free
15.99 Gb Paging File | 13.22 Gb Available in Paging File | 82.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 752.76 Gb Free Space | 80.82% Space Free | Partition Type: NTFS
Computer Name: TREVOR-PC | User Name: Trevor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802" = CanoScan LiDE 600F
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{2016B2AD-0051-05C7-9CCB-CE9F05659CB7}" = ccc-utility64
"{25D04DBB-FE9D-E3BA-C2F3-F1BE9B8C0709}" = ATI Catalyst Install Manager
"{2BF35D84-6377-4F70-9F39-97CF67E67FFF}" = Microsoft IntelliPoint 8.0
"{55B44B84-A758-EAF7-0906-E397B384FCDF}" = ATI AVIVO64 Codecs
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{C6C08B1E-8A45-7571-727E-E28DD15AD556}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PismoFileMountAuditPackage" = Pismo File Mount Audit Package
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0CA1005F-B640-0354-EC82-F8F7447A8E8A}" = CCC Help Hungarian
"{0FC472C3-6A2A-969F-10E7-E8F61B18117C}" = Catalyst Control Center Localization All
"{12076C90-4A78-7241-F633-4D2B019D5611}" = CCC Help Thai
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17E11EC2-3736-10A1-330C-CC7EB6CAC6B3}" = CCC Help Turkish
"{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B59B9F-C360-11D7-875B-0090CC005647}" = PIF DESIGNER2.1
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{31405CA2-F009-D91B-FEFF-35924343CB14}" = Catalyst Control Center InstallProxy
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31B75145-DF24-C759-E735-9C129956961E}" = CCC Help Spanish
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{59F5C54C-ED39-58B4-42DA-3F20AB440E49}" = CCC Help Czech
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{641C1B16-FD4C-0F97-47AE-76637FC64225}" = CCC Help English
"{64B157C9-C291-2535-8177-237BC2D37EBF}" = CCC Help Korean
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79C2D7F9-3BF8-52C1-6A7A-84C9296171F8}" = CCC Help German
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B29E627-71A5-6824-3F85-DBEF19624BD0}" = ccc-core-static
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{88B2BB7B-A684-E8E3-65C6-DDC5DC152C2A}" = CCC Help French
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CB77076-DB66-5D92-7886-807226C9CE4B}" = CCC Help Italian
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{94F4B1D4-0BCC-E5C6-4EAE-F1A287383D5B}" = CCC Help Finnish
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98838C21-AD83-77AA-3B09-F437C6F24F8F}" = CCC Help Dutch
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU
"{9C416D62-6939-44AB-BFDE-0F14AD744DB1}" = Movavi Video Converter 10
"{9C6F56DA-7051-6677-4E5A-9DC6C573F2B5}" = CCC Help Portuguese
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FE051B0-39BC-F5DD-C99B-0D4793184C2A}" = CCC Help Chinese Standard
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Kwik Themes 4
"{AA6B96C4-7AF5-3F6A-E630-4096508A9C47}" = CCC Help Danish
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B48E87FE-A8D9-EE14-B607-3FA1ACEF218E}" = CCC Help Norwegian
"{B4FA8E67-D299-485A-407B-05A2681BAF47}" = CCC Help Japanese
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8887E02-C910-4498-A7C0-186ABFDCD110}" = GPU Boost Driver
"{BB05BC7D-BEF8-7A7B-C62E-F1BE381E70BB}" = CCC Help Swedish
"{C3FA3CCE-2A88-0976-B875-4B3E9D41204D}" = Catalyst Control Center Graphics Previews Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D34F0251-1C96-09B3-EE29-2A9148413252}" = CCC Help Chinese Traditional
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D54A0D86-35B0-BFC8-174B-D991EDF903B8}" = Catalyst Control Center Graphics Previews Vista
"{D5610369-AF78-386F-4985-9822654973A3}" = CCC Help Polish
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E937F8DA-8C7F-ADFE-7EA5-7C1CAAB23C05}" = HydraVision
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{ECD129A4-5A21-1977-0849-6913BA6BA29C}" = CCC Help Russian
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F77D44EB-2A6E-E2EE-7C30-40A5409B2650}" = CCC Help Greek
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"Combat Arms" = Combat Arms
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ESPR210 Reference Guide" = ESPR210 Reference Guide
"ESPR210 Software Guide" = ESPR210 Software Guide
"HASP Device Drivers" = HASP Device Drivers
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Messenger Plus!" = Messenger Plus! 5
"Messenger_Plus_AU Toolbar" = Messenger Plus AU Toolbar
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MPEG4E" = MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Warkeys" = Warkeys 1.16.0.0b
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-72271713-2498381011-346594757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 18/6/2011 11:14:09 PM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 19/6/2011 2:56:27 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 20/6/2011 5:25:04 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 20/6/2011 9:30:09 PM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 22/6/2011 2:36:39 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 22/6/2011 3:13:42 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 22/6/2011 4:04:42 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 22/6/2011 5:10:26 AM | Computer Name = Trevor-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.3.0.111, time stamp:
0x4dac4a84 Faulting module name: Skype.exe, version: 5.3.0.111, time stamp: 0x4dac4a84
Exception
code: 0xc0000005 Fault offset: 0x005dd938 Faulting process id: 0xcb8 Faulting application
start time: 0x01cc30b2f462aa40 Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Faulting
module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 776f122d-9caf-11e0-b45a-485b39162c07
Error - 22/6/2011 9:59:10 PM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
Error - 25/6/2011 1:39:24 AM | Computer Name = Trevor-PC | Source = BackItUp5 | ID = 5225
Description =
[ System Events ]
Error - 2/4/2011 9:26:51 PM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 3/4/2011 4:32:43 AM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 3/4/2011 5:55:43 PM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 4/4/2011 3:33:47 AM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 4/4/2011 9:01:39 PM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 5/4/2011 6:00:05 PM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 6/4/2011 3:10:10 AM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 7/4/2011 6:04:25 PM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 8/4/2011 3:51:47 AM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
Error - 9/4/2011 2:00:23 AM | Computer Name = Trevor-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TPkd
< End of report >
And my ComboFix log from before:
ComboFix 11-06-21.06 - Trevor 22/06/2011 17:17:55.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8190.6587 [GMT 10:00]
Running from: c:\users\Trevor\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Trevor\AppData\Local\pgr.exe
c:\users\Trevor\AppData\Local\wrr.exe
c:\windows\SysWow64\UNWISE.EXE
c:\windows\system32\arp.exe . . . . Failed to delete
c:\windows\system32\ksuser.dll . . . . Failed to delete
c:\windows\system32\msconfig.exe . . . . Failed to delete
c:\windows\system32\systemcpl.dll . . . . Failed to delete
.
.
((((((((((((((((((((((((( Files Created from 2011-05-22 to 2011-06-22 )))))))))))))))))))))))))))))))
.
.
2011-06-22 07:22 . 2011-06-22 07:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-21 05:43 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7DA18825-A4D5-4C79-BF72-040F59E26E47}\mpengine.dll
2011-06-15 17:16 . 2011-06-15 17:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-15 12:41 . 2011-06-22 07:24 -------- d-----r- c:\users\Trevor\Dropbox
2011-06-15 12:39 . 2011-06-22 07:24 -------- d-----w- c:\users\Trevor\AppData\Roaming\Dropbox
2011-06-15 05:07 . 2011-05-28 03:25 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 05:07 . 2011-05-28 03:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-06-15 05:07 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 05:07 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-06-15 05:07 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 05:07 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 05:07 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 05:07 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 05:07 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-15 05:07 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 05:07 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-07 06:41 . 2011-06-07 06:41 -------- d-----w- c:\users\Trevor\AppData\Local\Nero
2011-06-03 03:42 . 2011-06-03 03:42 -------- d-----w- c:\programdata\LightScribe
2011-06-03 03:33 . 2011-06-03 03:34 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-06-03 03:33 . 2011-06-03 03:38 -------- d-----w- c:\program files (x86)\Nero
2011-06-03 03:32 . 2011-06-03 03:32 -------- d-----w- c:\program files (x86)\Common Files\LightScribe
2011-05-29 10:50 . 2011-06-05 11:54 -------- d-----w- c:\users\Trevor\AppData\Roaming\go
2011-05-29 10:50 . 2011-06-05 11:54 -------- d-----w- c:\programdata\Easybits GO
2011-05-29 07:47 . 2011-05-29 07:47 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-05-29 03:08 . 2011-05-29 03:10 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-05-25 08:44 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-25 08:44 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-25 08:44 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-23 11:48 . 2011-05-23 11:48 -------- d-----w- c:\users\Trevor\AppData\Roaming\ooVoo Details
2011-05-23 11:48 . 2011-05-23 11:48 -------- d-----w- c:\program files (x86)\ooVoo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-22 07:23 . 2011-04-30 10:45 151552 ----a-w- c:\windows\KMSEmulaor.exe
2011-05-24 09:14 . 2010-12-03 11:56 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-04-30 02:12 . 2011-04-30 02:12 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-09 06:45 . 2011-05-11 06:44 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 06:44 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 06:44 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-06 06:26 . 2011-04-06 06:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 06:26 . 2011-04-06 06:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 06:26 . 2011-04-06 06:26 237856 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 06:26 . 2011-04-06 06:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 06:20 . 2011-04-06 06:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 06:20 . 2011-04-06 06:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-04-06 06:20 . 2011-04-06 06:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-04-06 06:20 . 2011-04-06 06:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-02-24 12:45 . 2011-02-24 12:11 1237480240 ----a-w- c:\program files (x86)\CombatArmsSetupV56.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 06:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-17 06:54 175912 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2009-08-19 01:46 150872 ----a-w- c:\windows\SysWOW64\pfmshx_321.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-12-05 1242448]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 15146376]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2010-01-19 9900672]
"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-01-24 5297072]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-12-24 36864]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
.
c:\users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Trevor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-26 24176560]
My_AutoWarkey_Script.lnk - c:\program files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe [2009-9-26 245248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-30 1431888]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 pfmfs_321;pfmfs_321;c:\windows\system32\Drivers\pfmfs_321.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam 600(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 02:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-22 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-04-30 10:44]
.
2011-06-22 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-04-30 10:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Trevor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
@="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"
[HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]
2009-08-19 01:46 170328 ----a-w- c:\windows\System32\pfmshx_321.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
hxxp://www.ninemsn.com.au/mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\qglda95o.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com.au/firefoxFF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar:
DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Conduit Engine :
engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Adobe Acrobat - Create PDF:
web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
AddRemove-HASP Device Drivers - c:\windows\system32\UNWISE.EXE
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-72271713-2498381011-346594757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-72271713-2498381011-346594757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\DAODx.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\ASUS\GPU Boost Driver\GpuBoostServer.exe
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
.
**************************************************************************
.
Completion time: 2011-06-22 17:27:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-22 07:27
.
Pre-Run: 798,021,017,600 bytes free
Post-Run: 801,747,316,736 bytes free
.
- - End Of File - - AED734D68185692973E768156F8205B5
Once again, thank-you for your help.