Vista Internet Security please helpp..

so i had already got this thing before and i used Malwarebyte's anti malware and it had caught the thing and removed it. but not its back and the anti malware cant find it. i dunno what to do!! can someone please help me.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL.TXT

OTL logfile created on: 3/23/2010 7:08:45 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Boey\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.68 Gb Total Space | 17.01 Gb Free Space | 12.00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEN-PC
Current User Name: Boey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/23 17:34:01 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Boey\Desktop\OTL.exe
PRC - [2010/03/22 17:17:17 | 000,202,240 | -HS- | M] () -- C:\Users\Boey\AppData\Local\ave.exe
PRC - [2010/03/13 11:16:45 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/09 10:12:54 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/01/08 23:59:42 | 001,225,696 | ---- | M] (Otaku Software Pty Ltd) -- C:\Program Files\DeskSpace\deskspace.exe
PRC - [2009/12/08 15:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/06 18:10:11 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Boey\Program Files\DNA\btdna.exe
PRC - [2009/11/01 06:47:00 | 000,119,296 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2009/10/29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/09/04 13:16:54 | 000,158,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 14:48:48 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/04/23 08:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009/02/27 12:14:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/11/02 03:38:58 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/05 04:51:47 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\mcupdate.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (SafeList) ==========

MOD - [2010/03/23 17:34:01 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Boey\Desktop\OTL.exe
MOD - [2010/01/08 23:59:46 | 000,108,512 | ---- | M] () -- C:\Program Files\DeskSpace\deskspace1571.dll
MOD - [2009/12/08 14:12:24 | 000,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2008/01/19 02:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/12 20:33:00 | 003,477,452 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/12/08 15:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/09/16 11:23:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/09/04 13:17:00 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009/09/04 13:16:54 | 005,893,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 14:48:48 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/04/06 19:05:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/01/27 14:40:44 | 000,111,880 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\RcAppSvc.exe -- (CLEARWIRERcAppSvc)
SRV - [2009/01/27 14:40:10 | 000,124,168 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\ConAppsSvc.exe -- (CACLEARWIRE)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 12:32:26 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/06/10 09:52:48 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/01/27 14:28:24 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2009/01/20 17:08:32 | 000,233,472 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drxvi314.sys -- (bcm)
DRV - [2009/01/20 17:08:30 | 000,054,784 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BcmBusCtr.sys -- (bcmbusctr)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/02/12 17:59:45 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/02/12 17:59:45 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/02/12 17:59:45 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/18 23:25:05 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/06/26 09:53:36 | 001,776,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/06/02 14:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007/04/03 13:59:42 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV - [2007/04/03 13:59:42 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616obex.sys -- (s616obex)
DRV - [2007/04/03 13:59:42 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616nd5.sys -- (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS)
DRV - [2007/04/03 13:59:40 | 000,100,360 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 13:59:38 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdm.sys -- (s616mdm)
DRV - [2007/04/03 13:59:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdfl.sys -- (s616mdfl)
DRV - [2007/04/03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2007/03/20 01:21:18 | 000,046,848 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mr7910.sys -- (mr7910)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2006/11/02 02:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 02:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005/07/19 19:42:22 | 000,073,152 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cur_serd.sys -- (cur_serd) Curitel Packet Service Diagnostic Serial Port (WDM)
DRV - [2005/07/19 19:40:56 | 000,093,328 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cur_mdm.sys -- (cur_mdm)
DRV - [2005/07/19 19:40:52 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cur_mdfl.sys -- (cur_mdfl)
DRV - [2005/07/19 19:39:24 | 000,057,744 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cur_bus.sys -- (cur_bus) Curitel USB Composite Device driver (WDM)
DRV - [2000/11/10 02:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..extensions.enabledItems: CSLauncher@cyberstep.com:0.12
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.13
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {7102aba3-045c-4ec2-b921-46d87636d84b}:2.08
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.3
FF - prefs.js..extensions.enabledItems: {609B3485-CD64-4B01-AD1D-6D1C15D9E0BE}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/02/17 19:55:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/13 11:23:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/23 19:03:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/23 19:03:00 | 000,000,000 | ---D | M]

[2009/04/22 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Extensions
[2010/03/23 17:19:38 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions
[2010/02/10 18:17:03 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/10 18:16:56 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/09/07 20:38:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/08 09:58:22 | 000,000,000 | ---D | M] () -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{2B8EFF80-1240-11DB-BF6C-934CD2EFDFE8}
[2010/02/19 20:46:42 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010/02/11 08:45:20 | 000,000,000 | ---D | M] (Ad blocker) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}
[2010/02/04 18:11:49 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010/01/28 17:42:32 | 000,000,000 | ---D | M] (History Submenus) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{7102aba3-045c-4ec2-b921-46d87636d84b}
[2010/01/11 19:01:11 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2009/11/26 09:12:27 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010/01/23 12:33:31 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/10/28 19:51:46 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\anycolor.pavlos256@gmail.com
[2010/02/19 20:46:33 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\check4change-owner@mozdev.org
[2009/12/30 20:16:29 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\CSLauncher@cyberstep.com
[2010/01/23 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\extensions\personas@christopher.beard
[2010/02/20 09:35:29 | 000,001,192 | ---- | M] () -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\searchplugins\4shared.xml
[2010/01/25 18:21:02 | 000,001,606 | ---- | M] () -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\searchplugins\amazondotcom.xml
[2009/06/11 10:34:52 | 000,001,595 | ---- | M] () -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\searchplugins\ebay.xml
[2010/02/20 09:35:08 | 000,002,160 | ---- | M] () -- C:\Users\Boey\AppData\Roaming\Mozilla\Firefox\Profiles\7cdl461k.default\searchplugins\qrobeit.xml
[2009/08/30 19:16:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/19 19:06:45 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Program Files\Mozilla Firefox\extensions\{609B3485-CD64-4B01-AD1D-6D1C15D9E0BE}
[2010/02/09 10:12:54 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2009/05/03 19:26:10 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {4d02e7e6-5930-4b51-b9b0-9f21b3789400} - No CLSID value found.
O2 - BHO: (AddTask Class) - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\eREAD\eREAD\WebHook.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Boey\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe File not found
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe File not found
O4 - HKCU..\Run: [notepad] C:\Users\Boey\ntload.DLL File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Boey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskSpace.lnk = C:\Program Files\DeskSpace\deskspace.exe (Otaku Software Pty Ltd)
O4 - Startup: C:\Users\Boey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.96.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O22 - SharedTaskScheduler: {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - Ave's FolderBg - C:\Users\Jen\Desktop\AveFolderBg\32bits\VistaFolderBackground.dll (Andreas Verhoeven)
O24 - Desktop WallPaper: C:\Users\Boey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Boey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{05cb4068-bb24-11de-af52-001a801fb4e3}\Shell - "" = AutoRun
O33 - MountPoints2\{05cb4068-bb24-11de-af52-001a801fb4e3}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{0fd0acdc-d128-11de-a5fd-001a801fb4e3}\Shell\AutoRun\command - "" = G:\Setup.exe -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\start.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = secfile] -- "C:\Users\Boey\AppData\Local\ave.exe" /START "%1" %* ()

========== Files/Folders - Created Within 30 Days ==========

[2010/03/23 18:50:58 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/03/23 17:33:56 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Boey\Desktop\OTL.exe
[2010/03/21 20:44:37 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\_____ OST
[2010/03/21 20:44:34 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\I am Legend (Lollipop)
[2010/03/21 19:22:13 | 000,000,000 | ---D | C] -- C:\Users\Boey\AppData\Roaming\Move Networks
[2010/03/18 20:00:41 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\Puzzle
[2010/03/18 19:46:14 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\Brown Sugar Macchiato
[2010/03/17 17:52:59 | 000,000,000 | ---D | C] -- C:\Users\Boey\AppData\Roaming\dvdcss
[2010/03/16 21:09:36 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\gokusen.eng.sub
[2010/03/16 21:02:10 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\Kimi Ga Iru Kara
[2010/03/14 10:02:35 | 000,000,000 | ---D | C] -- C:\Users\Boey\Desktop\rmvb-to-dvd_files
[2010/03/13 11:22:45 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/03/13 11:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/03/13 11:17:14 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/10 18:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2010/03/10 18:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010/03/10 18:24:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/03/10 18:24:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/03/09 20:47:28 | 000,000,000 | ---D | C] -- C:\Users\Boey\AppData\Local\Yahoo!
[2010/02/28 21:02:28 | 000,000,000 | ---D | C] -- C:\Users\Boey\AppData\Roaming\vlc
[2010/02/28 21:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/02/27 10:34:43 | 000,000,000 | ---D | C] -- C:\Users\Boey\Office Genuine Advantage
[2010/02/23 20:38:00 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/23 20:37:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/23 20:36:38 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/23 20:36:38 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/23 20:36:37 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/23 20:36:37 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/23 20:36:37 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/23 20:36:37 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/23 20:36:34 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/23 20:36:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/23 20:36:34 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2009/02/16 20:22:19 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/23 19:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AD63BEE1-2568-4D60-891E-D7DE36545842}.job
[2010/03/23 19:08:58 | 004,194,304 | -HS- | M] () -- C:\Users\Boey\NTUSER.DAT
[2010/03/23 19:08:11 | 000,153,600 | ---- | M] () -- C:\Users\Boey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/23 19:07:51 | 000,011,585 | ---- | M] () -- C:\Users\Boey\Desktop\US History Semester Exam.docx
[2010/03/23 19:00:50 | 000,202,240 | -HS- | M] () -- C:\Users\Boey\AppData\Local\128822158.dll
[2010/03/23 19:00:50 | 000,012,616 | -HS- | M] () -- C:\Users\Boey\AppData\Local\Mh3jm32txN
[2010/03/23 19:00:50 | 000,012,616 | -HS- | M] () -- C:\ProgramData\Mh3jm32txN
[2010/03/23 19:00:27 | 000,000,818 | ---- | M] () -- C:\Users\Boey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskSpace.lnk
[2010/03/23 18:58:23 | 000,031,101 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010/03/23 18:57:11 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/03/23 18:56:53 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/23 18:56:53 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/23 18:56:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/23 18:56:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/23 18:49:16 | 000,524,288 | -HS- | M] () -- C:\Users\Boey\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
[2010/03/23 18:49:16 | 000,065,536 | -HS- | M] () -- C:\Users\Boey\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
[2010/03/23 18:49:11 | 006,291,456 | -H-- | M] () -- C:\Users\Boey\AppData\Local\IconCache.db
[2010/03/23 18:46:48 | 156,776,716 | ---- | M] () -- C:\Users\Boey\Desktop\hmmsgrl.part2.rar
[2010/03/23 18:04:08 | 000,068,309 | ---- | M] () -- C:\Users\Boey\Desktop\As_sure_as_fate.jpg
[2010/03/23 18:01:18 | 209,715,200 | ---- | M] () -- C:\Users\Boey\Desktop\hmmsgrl.part1.rar
[2010/03/23 17:34:01 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Boey\Desktop\OTL.exe
[2010/03/22 17:17:17 | 000,202,240 | -HS- | M] () -- C:\Users\Boey\AppData\Local\ave.exe
[2010/03/22 17:09:47 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/22 17:09:47 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/22 17:09:47 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/21 21:41:09 | 262,903,432 | ---- | M] () -- C:\Users\Boey\Desktop\Computerman-BC2-ep16.rmvb
[2010/03/18 20:43:48 | 271,227,222 | ---- | M] () -- C:\Users\Boey\Desktop\[TIME2SUB] 100306 Kwon Gain Cut - We Got Married Ep28.avi
[2010/03/15 17:37:22 | 287,175,064 | ---- | M] () -- C:\Users\Boey\Desktop\[TIME2SUB] 100227 Kwon Gain Cut - We Got Married Ep27.avi
[2010/03/14 13:07:02 | 184,051,712 | ---- | M] () -- C:\Users\Boey\Desktop\[a-e]_Get_Backers_34.avi
[2010/03/14 10:24:11 | 178,883,727 | ---- | M] () -- C:\Users\Boey\Desktop\The Vigilante in the Mask 01.rmvb
[2010/03/13 16:14:43 | 046,714,884 | ---- | M] () -- C:\Users\Boey\Desktop\Jason & Lara - Say U Love Me MV.mpg
[2010/03/13 11:22:45 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/03/13 11:21:41 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/03/13 11:21:41 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/03/13 11:17:14 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/09 21:34:36 | 000,000,162 | -H-- | M] () -- C:\Users\Boey\Desktop\~$troduction.docx
[2010/03/07 18:16:56 | 024,939,467 | ---- | M] () -- C:\Users\Boey\Desktop\plants_vs_zombies.7z
[2010/03/07 17:57:04 | 031,015,843 | ---- | M] () -- C:\Users\Boey\Desktop\Plants.vs.Zombies.senseman.rar
[2010/02/27 12:30:23 | 000,662,686 | ---- | M] () -- C:\Users\Boey\Desktop\5bvcsi.jpg
[2010/02/27 12:22:08 | 000,260,307 | ---- | M] () -- C:\Users\Boey\Desktop\WiLDBUNNY.jpg
[2010/02/27 10:23:23 | 002,713,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/27 10:23:06 | 000,203,888 | ---- | M] () -- C:\Users\Boey\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/23 19:00:22 | 000,000,818 | ---- | C] () -- C:\Users\Boey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskSpace.lnk
[2010/03/23 18:48:36 | 000,011,585 | ---- | C] () -- C:\Users\Boey\Desktop\US History Semester Exam.docx
[2010/03/23 18:26:02 | 156,776,716 | ---- | C] () -- C:\Users\Boey\Desktop\hmmsgrl.part2.rar
[2010/03/23 18:04:07 | 000,068,309 | ---- | C] () -- C:\Users\Boey\Desktop\As_sure_as_fate.jpg
[2010/03/23 17:33:54 | 209,715,200 | ---- | C] () -- C:\Users\Boey\Desktop\hmmsgrl.part1.rar
[2010/03/23 17:06:49 | 000,202,240 | -HS- | C] () -- C:\Users\Boey\AppData\Local\128822158.dll
[2010/03/22 17:17:17 | 000,202,240 | -HS- | C] () -- C:\Users\Boey\AppData\Local\ave.exe
[2010/03/22 17:17:17 | 000,012,616 | -HS- | C] () -- C:\Users\Boey\AppData\Local\Mh3jm32txN
[2010/03/22 17:17:17 | 000,012,616 | -HS- | C] () -- C:\ProgramData\Mh3jm32txN
[2010/03/21 21:20:47 | 262,903,432 | ---- | C] () -- C:\Users\Boey\Desktop\Computerman-BC2-ep16.rmvb
[2010/03/18 20:27:23 | 271,227,222 | ---- | C] () -- C:\Users\Boey\Desktop\[TIME2SUB] 100306 Kwon Gain Cut - We Got Married Ep28.avi
[2010/03/15 17:58:09 | 287,175,064 | ---- | C] () -- C:\Users\Boey\Desktop\[TIME2SUB] 100227 Kwon Gain Cut - We Got Married Ep27.avi
[2010/03/14 12:39:03 | 184,051,712 | ---- | C] () -- C:\Users\Boey\Desktop\[a-e]_Get_Backers_34.avi
[2010/03/14 10:06:45 | 178,883,727 | ---- | C] () -- C:\Users\Boey\Desktop\The Vigilante in the Mask 01.rmvb
[2010/03/13 15:35:36 | 046,714,884 | ---- | C] () -- C:\Users\Boey\Desktop\Jason & Lara - Say U Love Me MV.mpg
[2010/03/09 21:34:36 | 000,000,162 | -H-- | C] () -- C:\Users\Boey\Desktop\~$troduction.docx
[2010/03/09 19:43:44 | 024,939,467 | ---- | C] () -- C:\Users\Boey\Desktop\plants_vs_zombies.7z
[2010/03/09 19:43:42 | 031,015,843 | ---- | C] () -- C:\Users\Boey\Desktop\Plants.vs.Zombies.senseman.rar
[2010/02/27 12:30:13 | 000,662,686 | ---- | C] () -- C:\Users\Boey\Desktop\5bvcsi.jpg
[2010/02/27 12:22:01 | 000,260,307 | ---- | C] () -- C:\Users\Boey\Desktop\WiLDBUNNY.jpg
[2010/02/16 20:25:54 | 000,000,029 | ---- | C] () -- C:\Windows\Index.ini
[2010/02/12 15:49:58 | 000,008,996 | -HS- | C] () -- C:\Users\Boey\AppData\Local\GGru612642m
[2009/11/20 18:37:08 | 000,000,042 | ---- | C] () -- C:\Windows\AlchemyMindworksUpdateList.INI
[2009/11/14 17:23:11 | 000,000,432 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/11/01 09:46:28 | 000,012,208 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/04/21 18:05:11 | 000,000,680 | ---- | C] () -- C:\Users\Boey\AppData\Local\d3d9caps.dat
[2009/04/20 18:04:02 | 000,153,600 | ---- | C] () -- C:\Users\Boey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/18 21:52:25 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2009/04/18 21:52:25 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
[2009/03/15 19:12:16 | 000,077,824 | ---- | C] () -- C:\Windows\System32\nod.dll
[2009/01/16 08:56:46 | 001,015,808 | ---- | C] () -- C:\Windows\System32\MPEG4Evfw.dll
[2008/07/31 11:34:22 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/07/23 19:01:24 | 000,000,230 | ---- | C] () -- C:\Windows\System32\winset.ini
[2008/07/23 19:00:37 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/07/13 12:58:05 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2008/07/13 12:58:05 | 000,827,392 | ---- | C] () -- C:\Windows\System32\Mpeg4System.dll
[2008/07/13 12:58:05 | 000,241,664 | ---- | C] () -- C:\Windows\System32\AMR.dll
[2008/07/13 12:58:05 | 000,167,936 | ---- | C] () -- C:\Windows\System32\Mpeg4Tools.dll
[2008/07/13 12:58:05 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Mpeg4DSF.dll
[2008/07/13 12:58:05 | 000,057,344 | ---- | C] () -- C:\Windows\System32\EvrcDecDll.dll
[2008/07/13 12:58:05 | 000,057,344 | ---- | C] () -- C:\Windows\System32\AMRDSF.dll
[2008/07/07 18:35:31 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/07/22 17:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/06/26 10:20:42 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2007/06/26 09:51:10 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/06/26 08:55:00 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/06/25 20:34:26 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004/10/26 17:39:05 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll

========== Files - Unicode (All) ==========
[2010/03/21 20:19:00 | 001,410,160 | ---- | M] ()(C:\Users\Boey\Desktop\?????-??-???.mp3) -- C:\Users\Boey\Desktop\黑糖群俠傳-王子-對不起.mp3
[2010/03/21 20:18:59 | 001,410,160 | ---- | C] ()(C:\Users\Boey\Desktop\?????-??-???.mp3) -- C:\Users\Boey\Desktop\黑糖群俠傳-王子-對不起.mp3
[2010/03/16 20:14:24 | 045,885,070 | ---- | M] ()(C:\Users\Boey\Desktop\K. Will - ??.avi) -- C:\Users\Boey\Desktop\K. Will - 선물.avi
[2010/03/16 20:11:21 | 045,885,070 | ---- | C] ()(C:\Users\Boey\Desktop\K. Will - ??.avi) -- C:\Users\Boey\Desktop\K. Will - 선물.avi
[2010/02/14 20:09:08 | 436,569,883 | ---- | M] ()(C:\Users\Boey\Desktop\The Eagle Shooting Heroes - ????.mkv) -- C:\Users\Boey\Desktop\The Eagle Shooting Heroes - 东成西就.mkv
[2010/02/14 19:25:13 | 436,569,883 | ---- | C] ()(C:\Users\Boey\Desktop\The Eagle Shooting Heroes - ????.mkv) -- C:\Users\Boey\Desktop\The Eagle Shooting Heroes - 东成西就.mkv

========== Alternate Data Streams ==========

@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:BFE23423
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:73B1147D
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:54D4173A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A82AE908
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E91ADC66
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C56B041B
< End of report >

EXTRAS.TXT

OTL Extras logfile created on: 3/23/2010 7:08:45 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Boey\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.68 Gb Total Space | 17.01 Gb Free Space | 12.00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JEN-PC
Current User Name: Boey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.exe [@ = secfile] -- C:\Users\Boey\AppData\Local\ave.exe ()
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11188E93-1B78-40FF-A6C4-295DF30D6B72}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34C3A049-0155-40BC-9EAA-B56511188D45}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{5528EAD3-E27C-4E88-90D9-ACA3972DEA69}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F774070-FD25-4F91-863C-6FDC0978D6F8}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{85673B4C-2B38-4052-8928-8752C72D2BB3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{87693737-7B07-420F-99FB-2DC6B7BCE4E1}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{9F5C1C88-2B6B-4F05-9F42-DC71D3BAF485}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{BA82D223-84B3-4804-BB2A-1B3A14AFDF84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BDD406C1-D193-4B9A-AA5C-23ED02384CB4}" = lport=57382 | protocol=6 | dir=in | name=pando media booster |
"{C06F10EF-8A5E-4254-9416-593F6BF5F6BC}" = lport=57382 | protocol=17 | dir=in | name=pando media booster |
"{CA233302-5183-4854-A5DE-ACC2AB3259BE}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E0306FEE-4433-4AF7-A1BD-45D8129C173B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7DA9A45-68AA-41B9-A83F-CB6FEEFD0A75}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010BBD01-DFC2-4209-AFDD-783EA9A6D1EF}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{09BAE69B-C015-40C2-914A-FA903082C5AF}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{0A1B64D1-EFD9-423E-BDD1-BFE890C6BC4F}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{10614098-E9CB-4080-A466-11502C96AD4E}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{128627B6-E664-4DE0-8561-5484B8F1FD2B}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{14BFF9A6-2387-4F29-82EC-52B40CADDC19}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{18434001-AD82-487B-8608-16642C4CE896}" = protocol=6 | dir=in | app=c:\users\jen\appdata\local\temp\purplebean.exe |
"{18A0BD41-19B6-403D-9DD4-F015F0491350}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{230F6963-D1DB-462A-9C5B-9F25C47BEB62}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{268C76BC-1A84-4378-9E14-D740A746F34B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{34CE2146-2A82-444C-8502-D7B2E6B407C0}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{35CFC98B-5C92-48A4-97A5-1E8E87804E4B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{42BB6580-0869-4FE7-8EEA-2148009BF854}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{467A71D2-6556-4929-8415-07D724709D36}" = protocol=17 | dir=in | app=c:\users\jen\appdata\local\temp\purplebean.exe |
"{848CB766-BF5A-48BC-8623-2F9D018D0B96}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{89232544-35D2-4EE7-9619-9664A05A1686}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95A0DDDB-387D-40CB-8564-908DC74CD50E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9A8B08FB-9A0F-499F-BFB7-4C320A671D42}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A3184264-9A17-497A-AE0A-4406BC3589FB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A9024AE3-EAB2-4A5C-AAB1-DFA5E01C8DE3}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{ABE83D8B-AB2B-4EEF-9F7D-16B2C7BB5315}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{B513F7D6-D821-41B2-8B06-73D44C2CCBD4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{BD76786D-312C-4BF5-9806-B12135902F80}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{C10B5023-84EB-4323-82C9-2BFAD23437E0}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{C375329E-A3D9-4AFA-AFFA-561684D8C06A}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{CE59554E-34A8-4E62-840F-012A68C27141}" = protocol=6 | dir=out | app=system |
"{D2FE75E4-87C4-4864-8737-474D3BBBAFE1}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{DB56CC01-0790-4AF6-9FE5-60DA06BA2D33}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DEA8D4BB-62AB-49FC-82AC-673315BC1AB9}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{DF71DE53-3384-409F-8BCB-A029E381E41B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{F1DC8A81-121D-4922-B46C-229447E4525F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F9DD2930-5A0C-4669-9135-FCE636804D0B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FD199E01-6D38-442B-A68C-DD1DD559ADAB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{162DF599-7EF6-41D5-9CA3-B7EFB4312837}C:\windows\system32\clubbox.exe" = protocol=6 | dir=in | app=c:\windows\system32\clubbox.exe |
"TCP Query User{32AA3AB7-6AC8-43FF-A7A6-2046F0A0F512}C:\windows\system32\fscagent.exe" = protocol=6 | dir=in | app=c:\windows\system32\fscagent.exe |
"TCP Query User{59789C7C-7955-4FCE-A423-3AAEA8B37A9C}C:\program files\gretech\gomplayer\gom.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe |
"TCP Query User{736ED276-FC9A-4D31-8E49-9FC26C7ECB5B}C:\users\boey\appdata\local\temp\rarsfx0\haloce.exe" = protocol=6 | dir=in | app=c:\users\boey\appdata\local\temp\rarsfx0\haloce.exe |
"TCP Query User{74D84D3A-D8E6-44AE-A196-A5F4F9B1511C}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{786238B9-A185-4972-88F8-91E0E922FD17}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{7B4D5BE6-2D69-419B-842C-786E7A66E0D4}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B7012FF0-EA36-4B03-B89A-5C366E34A7B2}C:\users\boey\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\boey\program files\dna\btdna.exe |
"TCP Query User{CA49EEC2-4ED1-43A2-AE64-9E02606D371F}C:\windows\system32\grdmgr.exe" = protocol=6 | dir=in | app=c:\windows\system32\grdmgr.exe |
"TCP Query User{DB8ABFD2-4337-49F6-8147-272B8B8FDE5C}C:\users\jen\appdata\local\temp\low\plauncher.exe" = protocol=6 | dir=in | app=c:\users\jen\appdata\local\temp\low\plauncher.exe |
"TCP Query User{E64F8045-B64A-47E5-B238-9BC97DDC873A}C:\program files\njstar communicator\minismtp.exe" = protocol=6 | dir=in | app=c:\program files\njstar communicator\minismtp.exe |
"TCP Query User{EEA0E591-EC62-4CE8-9E03-4A3D7465694F}C:\users\boey\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\boey\program files\dna\btdna.exe |
"UDP Query User{0864036E-5BC3-47B5-BB64-065C10EA3FA2}C:\windows\system32\grdmgr.exe" = protocol=17 | dir=in | app=c:\windows\system32\grdmgr.exe |
"UDP Query User{08ED9152-C02E-4206-95CC-9DC987133006}C:\users\jen\appdata\local\temp\low\plauncher.exe" = protocol=17 | dir=in | app=c:\users\jen\appdata\local\temp\low\plauncher.exe |
"UDP Query User{37234A10-2FF4-432D-9627-1027DF766545}C:\windows\system32\fscagent.exe" = protocol=17 | dir=in | app=c:\windows\system32\fscagent.exe |
"UDP Query User{4B105D40-0943-4EED-8632-2F6A355303C2}C:\users\boey\appdata\local\temp\rarsfx0\haloce.exe" = protocol=17 | dir=in | app=c:\users\boey\appdata\local\temp\rarsfx0\haloce.exe |
"UDP Query User{4CBF8C61-5B7D-4807-A45E-41959E8B6437}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{539B29BA-4CA0-4A78-B47B-AB00C2CEDDF8}C:\program files\njstar communicator\minismtp.exe" = protocol=17 | dir=in | app=c:\program files\njstar communicator\minismtp.exe |
"UDP Query User{8625A111-EADF-4B93-A579-3DB5EA5C3B7D}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{89355408-DDF3-4B12-BC63-45B42099E193}C:\users\boey\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\boey\program files\dna\btdna.exe |
"UDP Query User{8F993635-1726-44D5-89E9-079D26E072CA}C:\program files\gretech\gomplayer\gom.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe |
"UDP Query User{9E945222-3433-4224-BCAF-B6F3DA0368A8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F4E74C71-DAB9-48BA-93C7-E0C4C284BA17}C:\windows\system32\clubbox.exe" = protocol=17 | dir=in | app=c:\windows\system32\clubbox.exe |
"UDP Query User{FDDADA6E-BFBD-46D9-954B-211EDD2AF8A9}C:\users\boey\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\boey\program files\dna\btdna.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe Extendscript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java(TM) SE Development Kit 6 Update 13
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7396F7C8-EDD8-4473-BF6A-2CE4996716E1}" = JavaFX(TM) 1.1 SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}" = GTOneCare
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe Photoshop Album Starter Edition 3.2
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_912" = Adobe Acrobat 9.1.2 - CPSID_49166
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}" = AGEIA PhysX v7.07.24
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe Extendscript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F972D81A-B484-4AA4-86E0-229AF810B6A1}" = Clear Connection Manager
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"4Tomorrow_screensaver_01" = 4Tomorrow_screensaver_01 Screensaver
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe Extendscript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Adobe Photoshop Album Starter Edition 3.2" = Adobe Photoshop Album Starter Edition 3.2
"Allok Video Joiner_is1" = Allok Video Joiner 2.2.0
"AVI ReComp" = AVI ReComp 1.4.5
"AviSynth" = AviSynth 2.5
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows Driver Package - Nokia Modem (03/05/2008 3.7)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CoreAAC" = CoreAAC
"Curitel Packet Service" = Curitel Packet Service Software
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Studio_is1" = Free Studio version 4.2
"Free Video Converter" = Free Video Converter
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.1
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"GoldWave v5.52" = GoldWave v5.52
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IconArt" = IconArt
"ImageSkill Background Remover 3" = ImageSkill Background Remover 3 (Remove only)
"IPP Run-Time 5.3" = IPP Run-Time 5.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"MPEG4E" = MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)
"MSC" = McAfee SecurityCenter
"OpenAL" = OpenAL
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"Rainmeter" = Rainmeter (remove only)
"RealPlayer 12.0" = RealPlayer
"RocketDock_is1" = RocketDock 1.3.5
"Subtitles Plugin for RealPlayer_is1" = Subtitles Plugin for RealPlayer 2005.03.21
"SubtitleWorkshop" = Subtitle Workshop 2.51
"The KMPlayer" = The KMPlayer (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"Videora iPod Converter" = Videora iPod Converter 4.08
"Videora iPod touch Converter" = Videora iPod touch Converter 5.04
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"DeskSpace" = DeskSpace 1.5.7.1
"Facebook Plug-In" = Facebook Plug-In
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/6/2010 9:47:04 AM | Computer Name = Jen-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Boey\Desktop\iTunes64Setup.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/6/2010 9:50:16 AM | Computer Name = Jen-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\iTunes64Setup.exe". Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/6/2010 10:42:35 AM | Computer Name = Jen-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\iTunes64Setup.exe". Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/6/2010 10:51:15 AM | Computer Name = Jen-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Users\Boey\Desktop\iTunes64Setup.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/9/2010 7:17:37 PM | Computer Name = Jen-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 12:17:39 PM | Computer Name = Jen-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.3667 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 964 Start Time: 01cac2c83cf672d5 Termination Time: 34

Error - 3/21/2010 8:22:26 PM | Computer Name = Jen-PC | Source = Perflib | ID = 1010
Description =

Error - 3/21/2010 8:22:29 PM | Computer Name = Jen-PC | Source = Perflib | ID = 1008
Description =

Error - 3/21/2010 8:22:29 PM | Computer Name = Jen-PC | Source = Perflib | ID = 1005
Description =

Error - 3/21/2010 8:22:29 PM | Computer Name = Jen-PC | Source = Perflib | ID = 1017
Description =

[ Media Center Events ]
Error - 6/9/2009 9:52:05 AM | Computer Name = Jen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 2/9/2009 8:27:39 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/10/2009 7:25:36 PM | Computer Name = Jen-PC | Source = HTTP | ID = 15016
Description =

Error - 2/10/2009 7:27:09 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/11/2009 7:08:33 PM | Computer Name = Jen-PC | Source = HTTP | ID = 15016
Description =

Error - 2/11/2009 7:09:34 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/12/2009 7:14:01 PM | Computer Name = Jen-PC | Source = HTTP | ID = 15016
Description =

Error - 2/12/2009 7:15:30 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/15/2009 9:53:12 PM | Computer Name = Jen-PC | Source = HTTP | ID = 15016
Description =

Error - 2/15/2009 9:53:21 PM | Computer Name = Jen-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 2/15/2009 9:53:34 PM | Computer Name = Jen-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Hello.

Please download SREng

• Extract it to Desktop and double click SREngLdr.EXE to run it
  
• Select System Repair from the left pane.
  
• Click on File Association
  
• Select all entries that has an Error status click [Repair]
  
• Refer to this image for an example:
  
  
• In your case, it would be .EXE
  
• Close SREng now.
  

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
  O2 - BHO: (no name) - {4d02e7e6-5930-4b51-b9b0-9f21b3789400} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKCU..\Run: [notepad] C:\Users\Boey\ntload.DLL File not found
  [2010/03/23 19:00:50 | 000,202,240 | -HS- | M] () -- C:\Users\Boey\AppData\Local\128822158.dll
  [2010/03/23 19:00:50 | 000,012,616 | -HS- | M] () -- C:\Users\Boey\AppData\Local\Mh3jm32txN
  [2010/03/23 19:00:50 | 000,012,616 | -HS- | M] () -- C:\ProgramData\Mh3jm32txN
  [2010/03/22 17:17:17 | 000,202,240 | -HS- | C] () -- C:\Users\Boey\AppData\Local\ave.exe
  
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d02e7e6-5930-4b51-b9b0-9f21b3789400}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d02e7e6-5930-4b51-b9b0-9f21b3789400}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\notepad deleted successfully.
C:\Users\Boey\AppData\Local\128822158.dll moved successfully.
File move failed. C:\Users\Boey\AppData\Local\Mh3jm32txN scheduled to be moved on reboot.
File move failed. C:\ProgramData\Mh3jm32txN scheduled to be moved on reboot.
C:\Users\Boey\AppData\Local\ave.exe moved successfully.

OTL by OldTimer - Version 3.1.37.3 log created on 03232010_193124

Files\Folders moved on Reboot...
C:\Users\Boey\AppData\Local\Mh3jm32txN moved successfully.
C:\ProgramData\Mh3jm32txN moved successfully.

Registry entries deleted on Reboot...

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.36
Database version: 2060
Windows 6.0.6001 Service Pack 1

3/24/2010 8:51:44 PM
mbam-log-2010-03-24 (20-51-44).txt

Scan type: Quick Scan
Objects scanned: 86221
Time elapsed: 14 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

^^^^^^^^^^^^^^^^^^^
that's a good thing right? XD

Hello.
In your case, no, the log appears clean but you are running an extremely old version of MBAM - 8 versions behind infact!!

Please run an update so you get the newest version and newest database, then run another scan.