Unable to install trend micro, 100% somthings going on

hey guys,

today i started my pc up and trend micro firewall was working perfectly. Few hours later i had to allow a program through the firewall. This began my problem, my desktop, all internet browsers and windows explorer all began to freeze up. i ran first a spybot scan, then a malware bytes scan. malware bytes picked up a worm in my fonts folder which was succsessfully removed.
I dowloaded the trend micro toolkit and uninstalled trend micro, only now when i try to install it it says that there is one file/program blocking it. I was hoping you guys could help me out

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:22, on 28/02/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internode\mum.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jack\Downloads\winlogon.scr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [InternodeUsage] C:\PROGRA~1\INTERN~2\mum.exe
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe /lock
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')
O4 - Startup: msmngr.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SteamWatch - CL - C:\Program Files\SteamWatch\SteamWatch.exe

--
End of file - 9636 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
  O4 - Startup: msmngr.exe
  O20 - AppInit_DLLs:
  
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.44
Database version: 3805
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

1/03/2010 16:04:38
mbam-log-2010-03-01 (16-04-38).txt

Scan type: Quick Scan
Objects scanned: 111407
Time elapsed: 3 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

no luck with trend micro still

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 2/03/2010 17:56:26 - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\jack\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 48.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): c:\pagefile.sys 4219 8438 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 414.34 Gb Free Space | 44.48% Space Free | Partition Type: NTFS
Drive D: | 156.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACK-PC
Current User Name: jack
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/02 17:55:55 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Downloads\OTL.exe
PRC - [2010/02/28 15:57:44 | 001,363,456 | ---- | M] (Angus Johnson) -- C:\Program Files\Internode\mum.exe
PRC - [2010/02/18 22:43:38 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/15 18:06:56 | 010,358,056 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2010/02/11 14:16:04 | 003,207,056 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2009/12/31 16:55:53 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/12/12 07:45:10 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/12/12 07:44:40 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/12/10 10:25:16 | 003,203,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2009/12/10 10:01:32 | 000,854,536 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
PRC - [2009/12/10 10:01:12 | 000,477,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
PRC - [2009/12/10 10:00:52 | 000,850,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
PRC - [2009/12/10 10:00:42 | 001,573,384 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2009/12/10 10:00:32 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009/12/10 10:00:22 | 000,523,784 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
PRC - [2009/12/10 10:00:12 | 000,676,360 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/09/11 02:21:05 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/08/20 13:44:38 | 000,615,688 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/22 17:38:50 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2009/04/22 17:37:16 | 000,065,536 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008/10/29 17:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/07/03 14:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/10 14:49:10 | 000,018,944 | ---- | M] (CL) -- C:\Program Files\SteamWatch\SteamWatch.exe
PRC - [2008/02/18 16:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2008/01/21 13:25:18 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
PRC - [2008/01/21 13:24:59 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2007/10/26 15:06:56 | 000,211,520 | ---- | M] () -- C:\Program Files\Gigabyte\ET5Pro\GUI.exe
PRC - [2007/10/15 15:59:14 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe
PRC - [2007/09/12 11:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
PRC - [2007/08/16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Lachesis\razerofa.exe


========== Modules (SafeList) ==========

MOD - [2010/03/02 17:55:55 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Users\jack\Downloads\OTL.exe
MOD - [2010/02/11 14:16:12 | 000,942,480 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_41445.dll
MOD - [2009/07/12 20:43:12 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
MOD - [2008/01/21 13:23:45 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2008/01/21 13:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/02 09:03:44 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/12/12 07:44:40 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/02 07:05:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/04/10 14:49:10 | 000,018,944 | ---- | M] (CL) [Auto | Running] -- C:\Program Files\SteamWatch\SteamWatch.exe -- (SteamWatch)
SRV - [2008/02/28 17:07:48 | 000,529,704 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008/02/18 16:29:12 | 000,877,864 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)
SRV - [2008/01/21 13:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 23:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)


========== Driver Services (SafeList) ==========

DRV - [2010/03/02 07:24:34 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2009/12/12 08:03:58 | 005,188,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/12/12 08:03:58 | 005,188,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2009/12/12 06:50:52 | 000,125,440 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/08/28 19:42:52 | 000,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/07/01 11:51:40 | 000,023,432 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV - [2009/05/27 20:25:36 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2009/02/09 23:31:45 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009/02/09 19:04:22 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009/01/09 16:18:02 | 000,027,136 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/09/26 09:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 09:53:00 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/09/26 09:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 09:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 09:52:00 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/09/26 09:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/03 20:03:48 | 002,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/18 14:19:54 | 000,147,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2008/05/02 16:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/22 08:53:36 | 000,027,672 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Entech.sys -- (ENTECH)
DRV - [2008/01/21 13:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2008/01/21 13:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 13:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 13:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 13:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 13:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 13:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 13:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 13:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 13:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 13:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 13:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 13:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 13:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 13:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 13:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 13:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 13:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 13:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 13:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 13:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 13:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 13:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 13:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 13:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 13:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/11 11:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ET5Drv.sys -- (ET5Drv)
DRV - [2007/08/21 11:49:28 | 000,017,912 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files\Gigabyte\ET5Pro\MARKFUN.W32 -- (MarkFun_NT)
DRV - [2007/08/08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2007/07/27 21:12:16 | 000,378,368 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
DRV - [2006/11/02 20:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 20:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 20:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 20:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 20:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 20:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 20:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 20:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 20:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 20:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 20:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 19:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 19:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 19:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 19:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 19:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 19:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 18:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 17:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/07/19 12:25:10 | 000,012,048 | R--- | M] (ATI Technologies Inc.) [Kernel | Disabled | Running] -- C:\Program Files\Gigabyte\ET5Pro\atidgllk.sys -- (atidgllk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5
FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.2.5
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031

FF - HKLM\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/18 22:43:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 22:43:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/31 16:57:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009/12/18 12:28:22 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Extensions
[2010/03/02 07:41:01 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions
[2009/12/18 12:30:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/08 11:19:04 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/12/22 10:37:10 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/12/22 10:39:23 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/01/14 18:30:36 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\battlefieldheroespatcher@ea.com
[2009/12/21 20:40:45 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\cfxe@Triton
[2009/12/22 10:37:03 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\foxyproxy@eric.h.jung
[2009/12/21 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\nasanightlaunch@example.com
[2009/12/22 10:34:57 | 000,000,000 | ---D | M] -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\extensions\personas@christopher.beard
[2009/12/03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\searchplugins\BearShareWebSearch.xml
[2010/01/14 17:16:01 | 000,001,741 | ---- | M] () -- C:\Users\jack\AppData\Roaming\Mozilla\Firefox\Profiles\q7d6l3m5.default\searchplugins\search-the-web.xml
[2010/03/02 07:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

O1 HOSTS File: ([2009/05/26 23:10:57 | 000,000,764 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe ()
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [InternodeUsage] C:\Program Files\Internode\mum.exe (Angus Johnson)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe File not found
O4 - HKCU..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe File not found
O4 - Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\jack\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\jack\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 08:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/01 16:07:58 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/28 17:55:23 | 000,000,000 | ---D | C] -- C:\Users\jack\Documents\JCreator Pro
[2010/02/28 17:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\JCreator
[2010/02/28 17:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Xinox Software
[2010/02/28 17:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/02/28 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\PRO_2010_Download
[2010/02/28 17:06:16 | 091,549,992 | ---- | C] (Trend Micro Inc.) -- C:\Users\jack\Desktop\PRO_2010_Download.exe
[2010/02/28 16:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/02/28 16:22:11 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\32bit
[2010/02/24 07:34:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/24 07:33:36 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/24 07:33:36 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/24 07:33:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/24 07:33:36 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/24 07:33:36 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/24 07:33:36 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/24 07:33:35 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/24 07:33:35 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/24 07:33:35 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/02/22 22:43:10 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\blackberry crap
[2010/02/17 21:51:38 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\picccccccie
[2010/02/17 16:45:47 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\art pics
[2010/02/17 07:11:25 | 000,000,000 | ---D | C] -- C:\Users\jack\AppData\Roaming\Roxio
[2010/02/16 23:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010/02/16 23:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/02/16 23:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2010/02/16 23:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/02/16 22:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2010/02/16 22:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/02/16 21:38:51 | 000,000,000 | ---D | C] -- C:\Users\jack\AppData\Roaming\Research In Motion
[2010/02/16 19:19:54 | 000,027,136 | ---- | C] (Research in Motion Ltd) -- C:\Windows\System32\drivers\RimSerial.sys
[2010/02/16 19:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010/02/16 19:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2010/02/10 18:42:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Trend Micro
[2010/02/10 18:30:28 | 000,000,000 | ---D | C] -- C:\Users\jack\AppData\Local\Trend Micro
[2010/02/10 18:17:25 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\TISPro_Download32bit
[2010/02/10 16:17:48 | 003,597,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 16:17:48 | 003,546,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 16:15:29 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/10 16:15:29 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 16:15:29 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/10 16:15:29 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 16:15:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/02/07 19:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/02/07 18:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/02/07 15:20:53 | 000,000,000 | ---D | C] -- C:\Users\jack\Documents\BFBC2Beta
[2010/02/07 15:08:31 | 000,000,000 | ---D | C] -- C:\Users\jack\Desktop\511270
[2009/02/09 23:30:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\jack\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/02 17:57:32 | 015,466,496 | -HS- | M] () -- C:\Users\jack\ntuser.dat
[2010/03/02 17:23:21 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 17:23:21 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 16:25:06 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/03/02 07:33:30 | 000,713,602 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/02 07:33:30 | 000,613,206 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/02 07:33:30 | 000,113,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/02 07:24:34 | 000,024,944 | ---- | M] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2010/03/02 07:24:34 | 000,000,004 | ---- | M] () -- C:\Windows\System32\GVTunner.ref
[2010/03/02 07:22:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/02 07:22:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/02 07:22:14 | 3488,079,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/01 23:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\jack\ntuser.dat{ea5da6df-f589-11de-994e-00241d855f00}.TMContainer00000000000000000001.regtrans-ms
[2010/03/01 23:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\jack\ntuser.dat{ea5da6df-f589-11de-994e-00241d855f00}.TM.blf
[2010/03/01 23:56:47 | 003,549,500 | -H-- | M] () -- C:\Users\jack\AppData\Local\IconCache.db
[2010/03/01 16:29:53 | 000,012,743 | ---- | M] () -- C:\Users\jack\Desktop\ADOBE_FLASH_CS4_PROFESSIONAL.5291697.TPB.torrent
[2010/03/01 16:14:14 | 001,172,914 | ---- | M] () -- C:\Users\jack\Desktop\scribble.swf
[2010/02/28 17:56:22 | 000,000,145 | ---- | M] () -- C:\Users\jack\.appletviewer
[2010/02/28 16:21:40 | 003,374,306 | ---- | M] () -- C:\Users\jack\Desktop\SupportTool_32-bit.exe
[2010/02/24 18:27:01 | 000,116,608 | ---- | M] () -- C:\Users\jack\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/24 18:23:17 | 002,350,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/22 22:50:36 | 000,013,312 | ---- | M] () -- C:\Users\jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/22 21:34:22 | 000,158,603 | ---- | M] () -- C:\Users\jack\Desktop\my pimp guy.jpg
[2010/02/19 21:54:34 | 000,000,256 | ---- | M] () -- C:\Windows\System32\pool.bin
[2010/02/19 16:40:28 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/02/19 16:40:15 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/02/19 16:40:15 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2010/02/18 20:47:53 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/02/18 07:56:24 | 000,012,004 | ---- | M] () -- C:\Users\jack\Desktop\Instalment art 700words.docx
[2010/02/17 21:34:32 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Media Sync.lnk
[2010/02/16 22:24:51 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/02/13 09:19:19 | 321,293,762 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/11 14:16:10 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010/02/08 17:32:52 | 000,013,222 | ---- | M] () -- C:\Users\jack\Desktop\jwilkinsonCV.docx
[2010/02/07 22:17:48 | 000,002,032 | ---- | M] () -- C:\Users\jack\AppData\Local\d3d9caps.dat
[2010/02/07 18:39:47 | 000,001,526 | ---- | M] () -- C:\Users\jack\Desktop\'Folding@Home'.lnk
[2010/02/07 15:11:54 | 000,138,056 | ---- | M] () -- C:\Users\jack\AppData\Roaming\PnkBstrK.sys
[2010/02/07 15:11:16 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/02/07 13:46:06 | 000,000,805 | ---- | M] () -- C:\Users\jack\Desktop\World of Warcraft.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/02 16:23:52 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/03/01 16:29:52 | 000,012,743 | ---- | C] () -- C:\Users\jack\Desktop\ADOBE_FLASH_CS4_PROFESSIONAL.5291697.TPB.torrent
[2010/03/01 16:14:13 | 001,172,914 | ---- | C] () -- C:\Users\jack\Desktop\scribble.swf
[2010/02/28 17:56:22 | 000,000,145 | ---- | C] () -- C:\Users\jack\.appletviewer
[2010/02/28 16:21:40 | 003,374,306 | ---- | C] () -- C:\Users\jack\Desktop\SupportTool_32-bit.exe
[2010/02/28 15:59:26 | 000,000,004 | ---- | C] () -- C:\Windows\System32\GVTunner.ref
[2010/02/22 21:34:18 | 000,158,603 | ---- | C] () -- C:\Users\jack\Desktop\my pimp guy.jpg
[2010/02/18 07:56:24 | 000,012,004 | ---- | C] () -- C:\Users\jack\Desktop\Instalment art 700words.docx
[2010/02/17 21:55:10 | 000,000,734 | ---- | C] () -- C:\Users\jack\AppData\Roaming\BBMS_EXCEPTION.txt
[2010/02/17 21:34:32 | 000,001,041 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Media Sync.lnk
[2010/02/16 22:24:50 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/02/16 21:38:52 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/02/11 14:16:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/02/08 17:32:52 | 000,013,222 | ---- | C] () -- C:\Users\jack\Desktop\jwilkinsonCV.docx
[2010/02/07 22:24:49 | 3488,079,872 | -HS- | C] () -- C:\hiberfil.sys
[2010/02/07 15:11:16 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/02/07 13:46:06 | 000,000,805 | ---- | C] () -- C:\Users\jack\Desktop\World of Warcraft.lnk
[2010/01/08 15:09:49 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/07 18:19:41 | 000,000,002 | -HS- | C] () -- C:\Users\jack\AppData\Roaming\.zreglib
[2010/01/06 19:01:32 | 000,076,407 | ---- | C] () -- C:\Users\jack\AppData\Roaming\Smiley.ico
[2009/12/12 06:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/08/16 08:22:03 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/11 10:26:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/07/02 17:59:00 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/05/26 23:11:02 | 000,000,035 | ---- | C] () -- C:\Users\jack\AppData\Roaming\SetValue.bat
[2009/05/26 23:11:01 | 000,000,691 | ---- | C] () -- C:\Users\jack\AppData\Roaming\GetValue.vbs
[2009/03/25 07:35:22 | 000,002,032 | ---- | C] () -- C:\Users\jack\AppData\Local\d3d9caps.dat
[2009/02/13 23:09:20 | 000,013,312 | ---- | C] () -- C:\Users\jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/12 07:28:37 | 000,001,648 | ---- | C] () -- C:\Users\jack\AppData\Local\d3d8caps.dat
[2009/02/11 20:27:33 | 000,000,092 | ---- | C] () -- C:\Users\jack\AppData\Local\fusioncache.dat
[2009/02/10 15:27:27 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/02/10 15:27:27 | 000,138,056 | ---- | C] () -- C:\Users\jack\AppData\Roaming\PnkBstrK.sys
[2009/02/10 15:27:01 | 000,000,316 | ---- | C] () -- C:\Windows\game.ini
[2009/02/10 10:47:35 | 000,000,042 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/02/10 10:40:23 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2009/02/09 23:31:02 | 000,000,034 | ---- | C] () -- C:\Users\jack\AppData\Roaming\pcouffin.log
[2009/02/09 23:30:16 | 000,081,920 | ---- | C] () -- C:\Users\jack\AppData\Roaming\ezpinst.exe
[2009/02/09 23:30:16 | 000,007,176 | ---- | C] () -- C:\Users\jack\AppData\Roaming\pcouffin.cat
[2009/02/09 23:30:16 | 000,001,144 | ---- | C] () -- C:\Users\jack\AppData\Roaming\pcouffin.inf
[2009/02/09 19:54:08 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2009/02/09 15:48:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2007/01/23 15:24:12 | 000,188,416 | ---- | C] () -- C:\Windows\System32\cogslan.dll
[2006/11/02 23:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/07 23:02:37 | 000,192,512 | -HS- | C] () -- C:\Windows\Fonts\ICSharpCode.SharpZipLib.dll
[2006/10/07 23:02:37 | 000,086,016 | -HS- | C] () -- C:\Windows\Fonts\DotMSN.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

OTL Extras logfile created on: 2/03/2010 17:56:26 - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\jack\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 48.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): c:\pagefile.sys 4219 8438 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 414.34 Gb Free Space | 44.48% Space Free | Partition Type: NTFS
Drive D: | 156.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JACK-PC
Current User Name: jack
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0x00000000
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0x00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BF5941A-21E7-4CB0-A7C0-30A86E09F823}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B478D50-CA95-48D8-88D3-D511503CDFEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{24C40594-5BF6-4564-9654-056D9F6BADCD}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F7ADD04-3F0F-4E7B-AC7C-2A42440DB8E0}" = lport=139 | protocol=6 | dir=in | app=system |
"{5012B9CF-A9B6-497F-B83C-058422FBDF42}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{65C8FDBB-D051-4B7A-BA4E-659473C63E24}" = lport=138 | protocol=17 | dir=in | app=system |
"{6947A9D8-08F9-4B4B-852B-BA5953D12B34}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{798D0DDF-3605-4FC3-A2B4-CA2FFC70F5AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8313FB20-4008-4657-BB39-1A37779ABF56}" = lport=445 | protocol=6 | dir=in | app=system |
"{90D93004-5C5C-467D-81DC-2828A98FFB8D}" = rport=137 | protocol=17 | dir=out | app=system |
"{B72B773F-9922-4CA1-92A9-598B5F32C22D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C6E41974-D5EA-4E63-BC4C-4F182C9C6820}" = rport=139 | protocol=6 | dir=out | app=system |
"{DF79DA4C-BEF2-4E7F-B39A-6C0E9F0024DB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EE678389-92A9-4CCF-95A4-99AADEA41990}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A3436D-F3AD-4E6A-A428-4A8D0F37306E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{04F5083D-3E34-4EBF-A2F2-5CCF70B5E364}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{077FDE39-BB82-4172-A955-E5C1C8BB018C}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{0C085515-7F21-432B-AE0C-2456E96264ED}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{14F0619C-B83A-4C69-8954-837EEF0D3342}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{15536F7E-B85A-4BB2-9627-CBB4293FB917}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{15A7D4F4-4D80-4509-8A01-C6B1B01C8AE2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{16CFCC2D-BB0D-4EA4-A2DD-ACB984666F59}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{218D2E6C-EDAC-41E1-9212-60AC6DA974DE}" = protocol=17 | dir=in | app=c:\program files\midway home entertainment\stranglehold demo\binaries\retail-stranglehold.exe |
"{258244E5-7E9A-4C7F-A167-06596AB4E8D4}" = protocol=6 | dir=in | app=c:\program files\midway home entertainment\stranglehold demo\binaries\retail-stranglehold.exe |
"{26444ED3-EC61-474B-AE03-B162777C886B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{280865C9-EDBD-46D5-9197-831514A45CDE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2DE90097-8065-4DDD-9F3E-2F3C425B3CF1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{3394D237-F99B-4D0A-B3DF-27080CDECDA1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{362BF167-9055-48CE-A7B0-84C6229E294A}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{3774D07F-FF30-45F4-96D8-5B017D899D8B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{380B72E9-BFF7-4E17-BEF1-17A7763BA152}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3965216C-4DF4-41CF-8233-C289513712EE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3E7D57B3-82F6-4036-8676-14BFE3B1D8F6}" = protocol=6 | dir=in | app=c:\program files\id software\enemy territory - quake wars\etqwded.exe |
"{3F58C2EC-32F2-4B5F-8582-0463C6FFBFEC}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{47732695-177A-485D-B90C-7E51D9C3B087}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{5354C48C-14EF-4826-B2A4-95B93CA8D3CE}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{58EAC43C-86B2-4FF4-9FAE-1609B0E4CFAF}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{5E77ABED-528A-444C-A405-E00C463F5B83}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{648AF9F6-D918-4F95-8753-FD73C1533BAE}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{68D9842D-0461-4AC5-9516-55A71E692E34}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6BEC4E16-A415-4E61-9166-40F2D38D79A0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6E77FCD8-199A-45C4-AFFE-F6B6FDC46C5F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{737F3EA8-00A6-4944-A917-68810119DF72}" = protocol=6 | dir=in | app=c:\users\jack\appdata\local\apps\2.0\9z3wtrt8.mhb\qwa8nkma.x4v\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\curseclient.exe |
"{7C1EBFB2-9890-47DB-B104-86AF31A82F9A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\rgsc\rgsclauncher.exe |
"{7E9441D3-6A54-41A3-A110-0F1A31312C79}" = protocol=17 | dir=in | app=c:\users\jack\appdata\local\apps\2.0\9z3wtrt8.mhb\qwa8nkma.x4v\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\curseclient.exe |
"{8383ADBC-59A0-4EE4-A350-BE94B3649A36}" = protocol=17 | dir=in | app=c:\program files\id software\enemy territory - quake wars\etqwded.exe |
"{86F16BE6-8556-4D4F-93A1-42781389994D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{878A8F78-BD01-4669-81F6-2070A9DE4107}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{8BBB5DA3-2CF7-4E3D-9CEC-26FE12BA9400}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8EEC85ED-7D83-42AE-9EEF-115059BBFDEC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8FE514C7-2F5A-43A4-9B55-68DC5D5DE743}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8FFA2E07-FE33-4F02-B608-D4F06D21C09D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{906787DE-07BB-495E-A1A4-567A782297E2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto iv\rgsc\rgsclauncher.exe |
"{90895C1A-489B-48D0-8B24-96A6401FA614}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{90CA0B50-585C-4BD5-82FF-551E3234E715}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\help.htm |
"{93A05446-87CE-441B-8E37-8E86C44C6AB9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{93F9EE5B-A104-4798-AA64-C46F375D012A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9578EAC0-45A7-48A3-894A-1D406D092EBB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{96986694-CC6D-47AD-A4D7-BBD993171D5B}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{A3F33D34-1303-4D48-9C95-67E12CDEE167}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{A597C430-0D41-4108-A599-6A88FC5308D8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A5F2DBF4-80BD-499F-8173-8399437982A0}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A84FE2C6-80C3-4177-B330-E0115F912556}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\help.htm |
"{AA2A2976-F838-4203-B523-74D0651B786D}" = protocol=6 | dir=in | app=c:\program files\id software\enemy territory - quake wars\etqw.exe |
"{AA63AD18-6C17-4110-B98A-3D6233E1B0D6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD381185-73DB-41FF-9BB0-5F184F8B0C92}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{AF565C0F-4EE1-461D-A44E-2C73C00E3248}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B00FACA5-DA51-4C83-8642-C4A639C0BF28}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{B620A9C0-AF88-40F1-9F64-CA4766BB7DA9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B6994359-8D39-4CCF-96A1-70DCEFCC0A92}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B8C4E80A-AE23-46BC-B3CF-1155408FCD76}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{B93FE343-F721-4DBA-9545-228322C3AE32}" = protocol=6 | dir=in | app=c:\program files\thq\frontlines-fuel of war\binaries\ffow.exe |
"{B99A40F4-B804-404B-A168-E469D5601E74}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{C0B4C8F0-3135-4243-940B-E377D1429293}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C305F6F1-BCA9-4419-A3A5-239AB8867067}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{C4310001-18DA-4720-BE83-E3F77C065D48}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{C804639E-3663-44A3-AE2E-BFB1D3A54D5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{CDDFD38A-BE33-442F-AAB2-5723DC046330}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{D670D7AB-317F-4C1D-94B6-9A8A99985056}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{DDA85C25-3E11-44FB-8DE5-7E20E71835C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\company of heroes\reliccoh.exe |
"{E2B5E570-F143-438A-BD3A-4E3C98EA7FB9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E4108487-ADC7-492C-8CEC-0AAA99267117}" = protocol=17 | dir=in | app=c:\program files\thq\frontlines-fuel of war\binaries\ffow.exe |
"{E4898A51-D11D-4643-B35F-846DA24BE89B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E5C6EE10-F3A4-415A-AE91-BA8CBCDCF93F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{E61AE4F1-7365-4D2A-8B59-203A906A8845}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EAA6ACC3-5571-4687-A2A4-D187BEC8F273}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{EBCAA5EF-A2DC-4D01-B9F1-46BA5B02E92D}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{F9AE4851-1B88-45B2-9498-604CE9C71A23}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA6C4D21-1669-4A49-88A0-EEF2696BD0F9}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{FB2DC0B3-D746-46F7-B1B9-725C780C1BF6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{FF5E1087-6B6E-4F43-BDEF-D942CBCE5AC9}" = protocol=17 | dir=in | app=c:\program files\id software\enemy territory - quake wars\etqw.exe |
"TCP Query User{4BD06CD7-73DE-48B1-BCDF-45FAF1245050}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{9ED610E0-0F6E-487F-808E-917C7406BF28}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{EE136510-F4BB-4F38-88BD-FF0BE2E86BC8}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{4AA0E05C-7109-4194-860E-0124B021ED14}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{5CBBF8BC-ACFC-4AF0-B0AA-E1172D086790}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{B464DE26-1C20-4726-BA43-D2F98D349D67}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1A573B3D-ECE2-F49B-F4D0-8CFA74236B66}" = Catalyst Control Center HydraVision Full
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2814A676-E972-460A-1EF7-5C4FE1BF3A5C}" = Catalyst Control Center Graphics Previews Common
"{28184E01-D57A-4933-A09B-F65403F16D82}" = i-Cool
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18
"{33BBE45C-6296-488A-B7D5-37E692E71B3F}" = TortoiseSVN 1.6.5.16974 (32 bit)
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{38C72397-4D19-47A1-881B-66A01EDB9D06}" = G19app
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B7.0108.01
"{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R)
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry Media Sync
"{43E506CC-6633-4F2A-8D8E-4A95D2384393}" = Crysis Wars(R) Patch
"{4835B10F-61D4-E60C-860D-DF71C93FDC37}" = ATI Catalyst Install Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55C09FC1-D2D8-495A-BD80-D6725F0DCA58}" = Logitech GamePanel Software 3.04.137
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{590B3F7B-C516-B2A0-0F9A-085FBD1D4432}" = Catalyst Control Center InstallProxy
"{5A447CFB-B64E-4D3C-9744-2EA44EFB8F97}" = BlackBerry Device Software Updater
"{5E35BD20-7C55-52D7-A462-BB98289E2D98}" = Catalyst Control Center InstallProxy
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher
"{611BD998-34B9-4DDA-00AE-0CB4632E86FA}" = SimCity 4
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C00981A-91B5-1837-1473-7AE639591CD2}" = ccc-core-static
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F62F54-9CF5-480A-9BB4-2087B90A7A6B}_is1" = SteamWatch
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{80E8BC6A-5061-0188-A628-6DD17A5ED0A2}" = Catalyst Control Center InstallProxy
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93A23419-6202-4685-8781-6B13D6CB88A5}" = Call of Juarez SP Demo (Brand New)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9F6AE5B6-B2ED-4157-8D28-1EC354F0D1B9}" = Stranglehold Demo
"{A0343AB9-5216-C416-B962-AB28A85F54E2}" = Catalyst Control Center Core Implementation
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AD4B3D50-EB7D-BF5F-2670-AEB01FE7A954}" = ccc-utility
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}" = Enemy Territory - Quake Wars(TM)
"{B8602676-42A2-4815-A556-C23750EF5A47}" = GameShadow
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims 3 World Adventures
"{BACF70EA-27E6-C3B5-5CDA-D9819B3FE0C6}" = CCC Help English
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.1.4.162
"{BB47D7EA-7EF1-475C-9C14-AF5B8FCA45E2}" = Condemned - Criminal Origins
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims 3
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D53A3D44-C983-4D21-ABF6-2AA2AB88FB28}" = Battlefield Bad Company 2 - BETA
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E2057895-F881-77FC-EA38-97D0DF73E1FA}" = Catalyst Control Center Graphics Light
"{E27622FF-C563-1915-E4C0-64A03A24CF77}" = Catalyst Control Center Graphics Previews Vista
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4A94926-7F57-E35A-0782-341BB6C91BD5}" = Catalyst Control Center Graphics Full New
"{E610E660-C0C1-4636-8980-1110C4081033}" = Nero 8 Essentials
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center
"{F5C521B6-1AF2-432C-A061-E79E2141A32F}" = Quake Live Mozilla Plugin
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe Extendscript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}" = Decadence 1.0.0
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FFD5DBA4-898F-1307-20C9-7A9156F57B60}" = Catalyst Control Center Graphics Full Existing
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis Wars(R)" = Crysis Wars(R)
"Crysis Wars(R) Patch" = Crysis Wars(R) Patch
"Dragonica(EU)" = Dragonica(EU)
"EADM" = EA Download Manager
"EasyTune5Pro" = EasyTune5Pro
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVE" = EVE-ONLINE (remove only)
"EVEMon" = EVEMon
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.9.14
"Francesco's leveled creatures-items mod_is1" = Francesco's leveled creatures-items mod 4.5b
"Francesco's optional new items/creatures_is1" = Francesco's optional new items/creatures 4.5
"Game Booster_is1" = Game Booster
"GameArena The Arena" = GameArena The Arena
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"Hamachi" = Hamachi 1.0.2.2
"HijackThis" = HijackThis 2.0.2
"hon" = Heroes of Newerth
"ImgBurn" = ImgBurn
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{93A23419-6202-4685-8781-6B13D6CB88A5}" = Call of Juarez SP Demo (Brand New)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Internode Monthly Usage Meter_is1" = Internode Monthly Usage Meter 7.1u
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"Picasa 3" = Picasa 3
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"SourceForts" = SourceForts
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12210" = Grand Theft Auto IV
"Steam App 15100" = Assassin's Creed
"Steam App 17700" = Insurgency
"Steam App 18110" = Shattered Horizon
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 26800" = Braid
"Steam App 300" = Day of Defeat: Source
"Steam App 34200" = Aliens vs Predator Demo
"Steam App 440" = Team Fortress 2
"Steam App 4560" = Company of Heroes
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 9340" = Company of Heroes: Opposing Fronts
"SystemRequirementsLab" = System Requirements Lab
"Tales of Pirates Online_is1" = Tales of Pirates Online
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Unofficial Oblivion Patch_is1" = Unofficial Oblivion Patch v3.2.0
"Unofficial Shivering Isles Patch_is1" = Unofficial Shivering Isles Patch v1.3.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EarthsimChannel" = Earthsim
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/09/2009 03:04:54 | Computer Name = jack-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x470c11ae,
faulting module client.dll, version 0.0.0.0, time stamp 0x4aa90ee5, exception code
0xc0000005, fault offset 0x0027853f, process id 0x748, application start time 0x01ca39adee14644e.

Error - 20/09/2009 18:42:12 | Computer Name = jack-PC | Source = WinMgmt | ID = 10
Description =

Error - 22/09/2009 01:58:35 | Computer Name = jack-PC | Source = WinMgmt | ID = 10
Description =

Error - 22/09/2009 01:59:14 | Computer Name = jack-PC | Source = Application Error | ID = 1000
Description = Faulting application GUI.exe, version 1.0.0.1, time stamp 0x47215ca0,
faulting module markfundrv.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,
exception code 0xc0000142, fault offset 0x00009cac, process id 0xd20, application
start time 0x01ca3b49ae574407.

Error - 22/09/2009 17:20:01 | Computer Name = jack-PC | Source = WinMgmt | ID = 10
Description =

Error - 24/09/2009 02:00:20 | Computer Name = jack-PC | Source = WinMgmt | ID = 10
Description =

Error - 24/09/2009 05:44:11 | Computer Name = jack-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x470c11ae,
faulting module client.dll, version 0.0.0.0, time stamp 0x4aa90ee5, exception code
0xc0000005, fault offset 0x0027853f, process id 0x1594, application start time 0x01ca3cee056532ac.

Error - 24/09/2009 07:11:22 | Computer Name = jack-PC | Source = Application Error | ID = 1000
Description = Faulting application iTunes.exe, version 8.2.1.6, time stamp 0x4a5b9bfc,
faulting module QuickTime.qts, version 7.62.14.0, time stamp 0x4a1c704f, exception
code 0xc0000005, fault offset 0x00164d10, process id 0x1080, application start time
0x01ca3d0083301060.

Error - 24/09/2009 07:59:35 | Computer Name = jack-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x470c11ae,
faulting module client.dll, version 0.0.0.0, time stamp 0x4aa90ee5, exception code
0xc0000005, fault offset 0x0027853f, process id 0x188c, application start time 0x01ca3d08fef740d0.

Error - 24/09/2009 17:15:47 | Computer Name = jack-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 10/06/2009 02:43:05 | Computer Name = jack-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/10/2009 19:14:23 | Computer Name = jack-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/02/2010 18:30:18 | Computer Name = jack-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Hello.

I see traces of a possible crack, a torrent for CS4, and blocked Adobe website in the host file.

If you want my help, remove these now.

done, removed photoshop and illustrator

Hello.

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  O4 - HKLM..\Run: [] File not found
  O4 - HKCU..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe File not found
  O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  [2010/03/01 16:29:52 | 000,012,743 | ---- | C] () -- C:\Users\jack\Desktop\ADOBE_FLASH_CS4_PROFESSIONAL.5291697.TPB.torrent
  
  :commands
  [resethosts]
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TrendSecure Remote File Lock deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Users\jack\Desktop\ADOBE_FLASH_CS4_PROFESSIONAL.5291697.TPB.torrent moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.1.32.0 log created on 03032010_183248

Hello.

I see that you are running µTorrent.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

µTorrent

Can you install Trend Micro now?

still cant

Hmm, would you prefer a different AV, I'm unsure why this is happening, it's not worth the trouble of wondering around the registry till we find the answer when we can just use a different antivirus.

ive installed avg free for the time being

Okay, let me know how you get on.