Possible Virus,no longer have access to Internet

Downloaded both of those systemlook files and could not get either of them to run,double clicking or right clicking and running as administrator. Got error saying 'systemlook.exe is not a valid Win32 application'

OTL Log Report

OTL logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
PRC - [2011/05/28 10:52:14 | 001,290,240 | ---- | M] (Dexpot GbR) -- C:\Program Files\Dexpot\dexpot.exe
PRC - [2011/05/23 04:15:08 | 000,103,424 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/19 18:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/21 00:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/21 00:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/10/07 08:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/03/12 11:00:23 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/11/16 08:59:11 | 000,158,752 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2009/11/09 13:56:38 | 000,643,592 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\System32\M-AudioTaskBarIcon.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/28 11:53:00 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/06/29 09:29:48 | 001,830,912 | ---- | M] (NetComm Limited) -- C:\Program Files\NetComm\Common\RaUI.exe
PRC - [2009/03/09 12:50:50 | 001,563,360 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager Free\AnVir.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
MOD - [2011/05/11 00:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/11/20 23:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (RE)
SRV - File not found [On_Demand | Stopped] -- -- (HCH)
SRV - File not found [On_Demand | Stopped] -- -- (GTLJ)
SRV - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/02 14:08:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/05 06:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 13:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/05/11 00:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/11 00:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/11 00:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 23:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 23:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 23:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/01 05:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 200(UVC)
DRV - [2011/04/01 05:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/11/20 22:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/09/01 20:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/04 06:31:28 | 000,112,136 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MAudioOxygen.sys -- (OXYGEN)
DRV - [2009/12/02 12:56:16 | 000,092,792 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/11/09 13:56:10 | 000,158,600 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
DRV - [2009/04/28 17:23:52 | 000,724,992 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/01/21 02:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/03/29 01:11:00 | 000,021,984 | ---- | M] (KORG Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KORGUMDS.SYS -- (KORGUMDS)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2004/04/01 15:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/"
FF - prefs.js..extensions.enabledItems: apptabs@frankyan.com:0.6.2
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:3.2.5.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: tabberwocky@studio17.wordpress.com:1.1
FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.6.2
FF - prefs.js..extensions.enabledItems: {eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}:2.0.2
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Components: C:\Program Files\Aurora\components
FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 11:01:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/22 16:45:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 10\components [2011/04/16 16:01:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/16 13:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/02 23:06:45 | 000,000,000 | ---D | M]

[2010/01/17 23:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Extensions
[2011/05/31 19:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions
[2010/10/28 08:59:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/04/28 07:46:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/04/01 09:59:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/22 15:10:13 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
[2011/02/03 00:51:40 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/03/02 14:19:26 | 000,000,000 | ---D | M] (App Tabs) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\apptabs@frankyan.com
[2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\engine@conduit.com
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Personas) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\personas@christopher.beard
[2010/03/02 14:19:26 | 000,000,000 | ---D | M] (Tabberwocky) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\tabberwocky@studio17.wordpress.com
[2011/05/12 19:27:04 | 000,002,306 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Mozilla\Firefox\Profiles\5w8gsb98.default\searchplugins\wot-safe-search.xml
[2011/04/21 15:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/16 13:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2011/04/29 06:01:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/05 10:34:19 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/03/10 11:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2010/01/01 20:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/14 09:02:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [AnVir Task Manager Free] C:\Program Files\AnVir Task Manager Free\AnVir.exe (AnVir Software)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Dexpot] C:\Program Files\Dexpot\dexpot.exe (Dexpot GbR)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [YouSendIt.exe] C:\Program Files\YouSendIt\Express\YouSendIt.exe (YouSendIt)
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-nz.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
O24 - Desktop BackupWallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 09:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: midi1 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
Drivers32: midi7 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

continued...

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 14:34:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 09:55:06 | 000,000,000 | ---D | C] -- C:\Windows\TEMP
[2011/06/14 09:04:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/14 08:49:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/14 08:49:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/14 08:49:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/14 08:49:12 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/06/14 08:49:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/14 08:35:56 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/14 08:35:55 | 004,120,909 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/13 18:35:04 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/13 18:35:04 | 000,607,310 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
[2011/06/12 14:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Evonsoft
[2011/06/12 14:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Restore
[2011/06/12 14:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Restore
[2011/06/10 10:48:16 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Today VST
[2011/06/09 03:22:04 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Set
[2011/06/09 02:16:44 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Ol Skool
[2011/06/07 18:40:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\DoctorWeb
[2011/06/06 21:55:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
[2011/06/06 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\IK Multimedia
[2011/06/05 23:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Waves
[2011/06/01 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
[2011/06/01 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\DVD-Ranger 3.5.1.3
[2011/06/01 15:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPaudioware
[2011/06/01 15:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\PSPaudioware
[2011/06/01 08:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/01 08:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/01 08:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/01 08:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/05/29 01:28:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
[2011/05/27 18:18:00 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\All Folders
[2011/05/27 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\ODUI
[2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Stardock
[2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\Stardock
[2011/05/27 17:36:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Stardock
[2011/05/27 17:36:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
[2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2011/05/27 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\PackageAware
[2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Rainmeter
[2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
[2011/05/27 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2011/05/27 14:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
[2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
[2011/05/27 00:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Dexpot
[2011/05/25 17:07:22 | 000,000,000 | R--D | C] -- C:\Users\RaeJae\Documents\Scanned Documents
[2011/05/25 17:07:20 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Fax
[2011/05/25 12:15:57 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Pluggers
[2011/05/25 03:13:47 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
[2011/05/24 14:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Ranger
[2011/05/24 14:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DShield
[2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DVDRanger
[2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\DVDRanger
[2011/05/24 14:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\Pixbyte
[2011/05/23 21:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/05/23 21:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011/05/22 16:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/05/19 02:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2011/05/17 08:26:23 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
[2011/05/16 14:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Aurora
[2011/05/16 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
[2011/05/16 12:34:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
[2011/05/16 04:58:30 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\112dB
[2011/05/16 04:57:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
[2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\112dB
[2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\112dB
[2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\G-Sonique
[2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Sonique

========== Files - Modified Within 30 Days ==========

[2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 14:31:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 14:31:10 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
[2011/06/14 14:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
[2011/06/14 10:14:50 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 10:14:49 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 10:05:53 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/14 09:02:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/06/14 08:42:25 | 000,000,512 | ---- | M] () -- C:\Users\RaeJae\Desktop\MBR.dat
[2011/06/14 08:33:06 | 001,007,120 | ---- | M] () -- C:\Users\RaeJae\Desktop\rkill.com
[2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/13 19:38:38 | 583,577,194 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/13 19:27:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
[2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/13 15:08:42 | 000,607,310 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
[2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/12 15:19:55 | 000,659,294 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/12 15:19:55 | 000,140,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/12 14:52:38 | 000,000,987 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
[2011/06/09 08:44:23 | 000,000,017 | ---- | M] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
[2011/06/08 13:26:37 | 000,001,156 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
[2011/06/08 11:39:03 | 006,024,971 | ---- | M] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
[2011/06/07 13:27:29 | 000,000,562 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
[2011/06/07 02:16:45 | 016,067,570 | ---- | M] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
[2011/06/07 02:13:41 | 020,755,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
[2011/06/07 00:40:09 | 000,175,671 | ---- | M] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
[2011/06/07 00:19:56 | 000,013,268 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
[2011/06/06 23:02:47 | 000,000,006 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\start
[2011/06/06 22:09:07 | 000,000,136 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
[2011/06/06 22:09:06 | 000,000,011 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
[2011/06/06 20:36:57 | 021,803,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
[2011/06/06 13:03:20 | 000,008,080 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
[2011/06/03 20:38:30 | 000,001,084 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/02 09:24:27 | 000,002,048 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/06/01 09:34:01 | 000,001,109 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/29 21:55:21 | 000,611,784 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/28 10:48:39 | 000,457,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/27 16:09:05 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRaeJae.job
[2011/05/27 14:16:25 | 000,001,889 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011/05/25 22:49:25 | 000,002,114 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
[2011/05/25 20:49:56 | 000,001,851 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/25 03:03:41 | 000,438,151 | ---- | M] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
[2011/05/23 21:49:14 | 000,003,838 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
[2011/05/22 16:45:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/18 17:04:08 | 000,005,040 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
[2011/05/17 21:29:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/05/17 10:46:19 | 007,942,144 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
[2011/05/17 10:46:19 | 007,938,048 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
[2011/05/17 08:25:19 | 000,000,632 | RHS- | M] () -- C:\Users\RaeJae\ntuser.pol
[2011/05/16 13:18:37 | 000,042,540 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg

========== Files Created - No Company Name ==========

[2011/06/14 11:48:36 | 000,000,000 | ---- | C] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
[2011/06/14 08:49:15 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/14 08:49:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/14 08:49:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/14 08:49:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/14 08:49:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/14 08:42:25 | 000,000,512 | ---- | C] () -- C:\Users\RaeJae\Desktop\MBR.dat
[2011/06/14 08:35:51 | 001,007,120 | ---- | C] () -- C:\Users\RaeJae\Desktop\rkill.com
[2011/06/13 18:35:06 | 000,302,592 | ---- | C] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/12 14:52:38 | 000,000,987 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
[2011/06/10 13:58:11 | 583,577,194 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/09 08:44:23 | 000,000,017 | ---- | C] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
[2011/06/09 02:30:16 | 004,034,641 | ---- | C] () -- C:\Users\RaeJae\Desktop\The Delfonics - La La Means I Love You [Ghostface - Holla].mp3
[2011/06/08 13:26:36 | 000,001,156 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
[2011/06/08 11:37:50 | 006,024,971 | ---- | C] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
[2011/06/07 13:27:27 | 000,000,562 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
[2011/06/07 02:11:57 | 016,067,570 | ---- | C] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
[2011/06/07 02:07:48 | 020,755,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
[2011/06/07 00:40:04 | 000,175,671 | ---- | C] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
[2011/06/07 00:19:16 | 000,013,268 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
[2011/06/06 23:02:47 | 000,000,006 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\start
[2011/06/06 22:09:07 | 000,000,136 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
[2011/06/06 22:09:06 | 000,000,011 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
[2011/06/06 20:31:35 | 021,803,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
[2011/06/06 13:03:18 | 000,008,080 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
[2011/06/03 20:38:30 | 000,001,084 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/02 09:24:27 | 000,002,048 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/06/01 09:34:01 | 000,001,109 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/29 21:55:12 | 000,611,784 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
[2011/05/27 14:16:25 | 000,001,889 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011/05/25 22:49:24 | 000,002,114 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
[2011/05/25 03:09:25 | 000,438,151 | ---- | C] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
[2011/05/23 21:49:12 | 000,003,838 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
[2011/05/23 21:41:27 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/05/23 21:41:27 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2011/05/23 21:41:26 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/05/18 17:04:07 | 000,005,040 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
[2011/05/17 10:42:22 | 007,942,144 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
[2011/05/17 10:42:22 | 007,938,048 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
[2011/05/16 14:49:12 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2011/05/16 13:59:38 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/16 13:18:36 | 000,042,540 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg
[2011/04/01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/04/01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/04/01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/04/01 04:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/03/23 12:38:49 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\FxShared.dll
[2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\com.fxpansion.fxshared.dll
[2011/01/18 14:25:24 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2010/12/10 12:11:06 | 000,000,004 | ---- | C] () -- C:\ProgramData\sysid100.dat
[2010/12/01 09:14:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Hyperman.dll
[2010/12/01 09:11:54 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Wavlbsys.dll
[2010/11/30 14:04:41 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2010/11/30 13:58:05 | 000,520,267 | ---- | C] () -- C:\Windows\System32\libmmd.dll
[2010/11/30 13:23:51 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2010/11/29 11:55:05 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ArtFfct.dll
[2010/08/25 03:00:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\privatedata.dll
[2010/08/14 19:14:27 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/02 10:35:15 | 000,217,088 | ---- | C] () -- C:\Windows\System32\qtmlClient.dll
[2010/06/02 10:35:09 | 001,362,460 | ---- | C] () -- C:\Windows\System32\ExpansionHD_Firmware.bin
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/05/03 11:29:33 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2010/05/03 11:27:48 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2010/05/03 11:27:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2010/02/02 01:09:05 | 000,212,992 | ---- | C] () -- C:\Windows\ALCHUNIN.EXE
[2010/01/24 16:06:36 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/01/21 13:38:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/17 23:08:10 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/01/09 13:40:49 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2010/01/08 12:31:11 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/01/05 12:08:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/04 01:21:38 | 000,000,052 | ---- | C] () -- C:\Windows\Relax.ini
[2010/01/04 01:13:49 | 000,185,856 | ---- | C] () -- C:\Windows\System32\Bmp2Jpeg.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 16:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 16:33:53 | 000,457,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 14:05:48 | 000,659,294 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 14:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 14:05:48 | 000,140,320 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 14:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 14:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 14:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 11:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 11:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 11:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 09:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/05 01:19:59 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2009/05/05 01:19:59 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/04/18 22:07:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll

========== LOP Check ==========

[2010/12/09 11:15:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\4Front
[2010/06/02 09:13:21 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ableton
[2011/03/23 15:04:17 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Acoustica
[2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ambient Design
[2010/06/01 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ancient Quest of Saqqarah__wildtan
[2010/11/30 12:32:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Applied Acoustics Systems
[2010/04/27 07:55:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo
[2011/04/13 02:57:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo Cover Studio 2
[2011/06/12 14:49:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\BitTorrent
[2010/12/27 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Blue Cat Audio
[2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Bump Technologies, Inc
[2010/06/17 09:05:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/06 16:18:18 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Lite
[2011/02/02 22:43:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Pro
[2010/12/03 09:05:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Deckadance16
[2010/06/29 19:20:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Dexpot
[2010/11/30 13:39:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FabFilter
[2010/01/17 23:03:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit
[2010/03/30 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit Software
[2010/10/15 11:44:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreeImageConverter
[2010/04/22 20:52:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreezeTag
[2010/10/11 10:20:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FrostWire
[2010/05/11 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\funkitron
[2011/02/17 23:23:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FXpansion
[2010/03/05 08:51:26 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\GetRightToGo
[2011/06/06 21:55:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
[2011/05/29 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
[2010/03/31 13:54:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImgBurn
[2010/08/17 17:45:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImTOO
[2010/02/03 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IObit
[2010/06/12 10:16:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iShell
[2010/12/10 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iZotope
[2010/06/27 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Leadertech
[2010/01/20 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\MysteryStudio
[2010/05/10 20:02:49 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\NCH Swift Sound
[2011/05/13 18:44:04 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Nomad Factory
[2011/05/27 00:18:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
[2011/04/01 01:55:23 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PACE Anti-Piracy
[2011/05/25 22:35:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PreSonus
[2011/02/02 22:48:25 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Propellerhead Software
[2010/02/03 01:00:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Publish Providers
[2011/05/28 02:32:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
[2010/01/20 17:28:41 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Recordpad
[2010/11/11 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Smartelectronix
[2010/12/20 19:30:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Sony
[2011/05/27 17:36:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Stardock
[2010/02/23 12:10:19 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SynthMaker
[2010/05/07 12:39:07 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SystemRequirementsLab
[2010/11/02 18:18:29 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweakNow RegCleaner
[2010/05/10 10:49:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/01/17 23:03:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Virtual City
[2010/02/17 12:15:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\VitySoft
[2010/12/06 09:57:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Waves Audio
[2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WildTangent
[2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WinBatch
[2011/04/26 13:12:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Windows Live Writer
[2010/03/05 08:53:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Xilisoft Corporation
[2011/05/16 12:35:09 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\YouSendIt
[2011/06/07 13:09:54 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/06/11 09:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/11/21 00:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2010/01/18 19:41:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/06/14 09:04:02 | 000,023,091 | ---- | M] () -- C:\ComboFix.txt
[2009/06/11 09:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/10/15 13:31:44 | 000,001,370 | ---- | M] () -- C:\docuPrinter.log
[2010/10/21 21:53:27 | 000,002,750 | ---- | M] () -- C:\FINIS_IT.TXT
[2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/20 16:25:30 | 000,015,803 | ---- | M] () -- C:\INSTALL.LOG
[2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/06/14 10:05:37 | 2136,137,728 | -HS- | M] () -- C:\pagefile.sys
[2011/06/14 09:10:16 | 000,000,361 | ---- | M] () -- C:\rkill.log
[2009/05/05 01:44:16 | 000,000,349 | ---- | M] () -- C:\updatedatfix.log
[2008/08/27 00:37:52 | 000,000,458 | ---- | M] () -- C:\Windows Sidebar

< %systemroot%\Fonts\*.com >
[2009/07/14 16:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 16:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 16:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 16:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/11 09:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/06/22 17:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2009/07/14 13:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/21 00:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/05/11 00:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/10 01:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 16:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/04 02:44:15 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/04/23 17:20:48 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/11 09:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/04/23 17:20:47 | 000,000,402 | -HS- | M] () -- C:\Users\RaeJae\Favorites\desktop.ini
[2011/05/13 04:57:30 | 000,000,276 | ---- | M] () -- C:\Users\RaeJae\Favorites\NCH Software Download Site.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: TDX.SYS >
[2009/07/14 11:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:30FD0CBD

< End of report >

Extras

OTL Extras logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E086923-AAA3-4F98-A6E2-48B64CE27553}" = Native Instruments Reaktor Factory Selection
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11F703F5-DCAF-49EC-8CD2-488F483E32B0}" = KORG USB-MIDI Driver Tools for Windows
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 (Beta)
"{20140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 (Beta)
"{20140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 (Beta)
"{20140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 (Beta)
"{20140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 (Beta)
"{20140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 (Beta)
"{20140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 (Beta)
"{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 (Beta)
"{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta)
"{20140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 (Beta)
"{20140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 (Beta)
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236E0A03-6110-485E-B0F9-399215948BB7}" = M-Audio FastTrackPro Driver 6.0.2 (x86)
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
"{316B3C3F-6B5A-DBC3-1398-FBE614ECCAA7}" = TweetDeck
"{33286B63-B749-4D54-AA04-5631319B168D}" = GEAR driver installer for x86 Win2K
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{348CE492-86E7-4594-9051-2F3DCE39463F}" = V-Station
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4EBE7270-A95A-4A03-82C0-41A6F38A4DB2}" = Native Instruments Maschine Factory Content 1.5
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6438691E-D44E-4A18-B6C4-D1EB26281D6A}" = Native Instruments Mikro Prism
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F099B88-FE9D-4287-BE5F-3ED2BD16223C}" = Native Instruments Maschine
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80D3F817-2D33-4643-B900-64AE2C0C4745}" = M-Audio Oxygen Driver 1.2.1 (x86)
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = NetComm NetComm 900n Series Wireless USB Adapter
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94056AE8-EF0F-45E4-A1B4-D754115F8A28}" = Numedia CD-DVD writing as non-admin user
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2DDE39D-BA16-4DBB-9C96-A6703142DCF3}" = Native Instruments Komplete 7 Players
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1" = Bass Station 1.50
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D28571EC-82E4-414D-B09D-BBA1B5B3FE55}" = Native Instruments Maschine Factory Content
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5D3F942-1061-4031-8032-D78728F9A920}" = Windows 7 Manager
"{D77332DD-FA53-4E49-9F4B-3863B8D56196}" = KORG padKONTROL Editor Librarian
"{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1" = Focusrite Scarlett Plug-in Suite 1.1
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1" = Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
"Abbeyroadplugins EMI RS 124 Compressor VST RTAS_is1" = Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0
"Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1" = Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
"Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1" = Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced System Restore_is1" = Advanced System Restore
"Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
"Antares Filter VST DX v1.01" = Antares Filter VST DX v1.01
"Antares Harmony Engine VST RTAS_is1" = Antares Harmony Engine VST RTAS v1.0
"Antares Microphone Modeler DX v1.32" = Antares Microphone Modeler DX v1.32
"AnVir Task Manager Free" = AnVir Task Manager Free
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia CS-80V_is1" = Arturia CS-80V v1.6
"Arturia minimoog V_is1" = Arturia minimoog V v1.6
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Cover Studio 2_is1" = Ashampoo Cover Studio 2.2.0
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.31
"Ashampoo Music Studio 2009_is1" = Ashampoo Music Studio 2009
"Ashampoo Slideshow Studio 2010_is1" = Ashampoo Slideshow Studio 2010
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"AVS Image Converter_is1" = AVS Image Converter 1.3.3.146
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BitTorrent" = BitTorrent
"bx_shredspread Native_is1" = bx_shredspread Native 1.0.3
"CCleaner" = CCleaner
"Clean!" = Clean! v1.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeClicker" = Steinberg DeClicker v1.21
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD-Ranger" = DVD-Ranger
"eLicenser Control" = eLicenser Control
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"FL Studio 9" = FL Studio 9
"Focusrite Midnignt Suite VST RTAS v1.1_is1" = Focusrite Midnignt Suite VST RTAS v1.1
"Foxit Reader" = Foxit Reader
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.0" = Freecorder 4.0 Application
"Game Booster_is1" = Game Booster
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"impOSCar" = GForce - impOSCar
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Live 6.0.1" = Live 6.0.1
"Live 8.1.3" = Live 8.1.3
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Mastering Edition" = Steinberg Mastering Edition v1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Komplete 7 Players" = Native Instruments Komplete 7 Players
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Controller Driver" = Native Instruments Maschine Controller Driver
"Native Instruments Maschine Factory Content" = Native Instruments Maschine Factory Content
"Native Instruments Maschine Factory Content 1.5" = Native Instruments Maschine Factory Content 1.5
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Mikro Prism" = Native Instruments Mikro Prism
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Factory Selection" = Native Instruments Reaktor Factory Selection
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"ObjectDock Free" = ObjectDock Free
"Oddity" = GForce - Oddity
"Oddity VST2" = GMediaMusic - Oddity VST2
"Office14.SingleImage" = Microsoft Office Professionnel 2010
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"PhotoStage" = PhotoStage Slideshow Producer
"PoiZone" = PoiZone
"PreSonus Studio One" = PreSonus Studio One
"PROHYBRIDR" = 2007 Microsoft Office system
"Prosoniq OrangeVocoder v1.4" = Prosoniq OrangeVocoder v1.4
"PSP Xenon 1.3.0 32bit" = PSP Xenon 1.3.0 32bit
"pywin32-py2.6" = Python 2.6 pywin32-212
"Rainmeter" = Rainmeter
"RB MOLOTOF V11.0.0" = RB MOLOTOF V1
"RealPlayer 12.0" = RealPlayer
"Reason5_is1" = Reason 5.0
"Rob Papen Albino 2" = Rob Papen Albino 2
"RocketDock_is1" = RocketDock 1.3.5
"Sakura" = Sakura
"Sawer" = Sawer
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SONiVOX 2.0 DVI Creamy Fuzz Guitar_is1" = SONiVOX DVI Creamy Fuzz Guitar
"Toxic Biohazard" = Toxic Biohazard
"TruePianos: Amber Module_is1" = TruePianos: Amber Module 1.4.0
"TruePianos: Diamond Module_is1" = TruePianos: Diamond Module 1.4.0
"TruePianos: Emerald Module_is1" = TruePianos: Emerald Module 1.4.0
"TruePianos: Sapphire Module_is1" = TruePianos: Sapphire Module 1.4.0
"TruePianos_is1" = TruePianos 1.4.1
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Universal Audio v4.4.0 Native" = Universal Audio v4.4.0 Native
"VLC media player" = VLC media player 1.1.9
"VST" = VST Compressor
"WavePad" = WavePad Sound Editor
"Waves Mercury Bundle" = Waves Mercury Bundle
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WT083427" = Elementals - The Magic Key
"WT083777" = Murder She Wrote
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Xvid_is1" = Xvid 1.2.2 final uninstall
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dexpot" = Dexpot

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 2:21:56 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 3:40:22 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 4:49:28 p.m. | Computer Name = RaeJae-PC | Source = System Restore | ID = 8193
Description =

Error - 13/06/2011 6:07:23 p.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075


< End of report >

Combofix is running now but as it completed stage 2 a popup box appeared saying 'invalid window handle' with only option to click ok?

After combofix finished a box popped up 'The recycle bin on c:\ is corrupted. Do you want to empty the recycle bin on this drive? Yes / No

Combofix Log Report

ComboFix 11-06-13.01 - RaeJae 14/06/2011 15:55:46.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1106 [GMT 12:00]
Running from: c:\users\RaeJae\Desktop\ComboFix.exe
Command switches used :: F:\cfscript.txt
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-05-14 to 2011-06-14 )))))))))))))))))))))))))))))))
.
.
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\ChaKotAshWai\AppData\Local\temp
2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\users\RaeJae\AppData\Local\112dB
2011-05-15 16:57 . 2011-05-15 16:57 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
2011-05-15 13:27 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
.
c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=KORGUMDD.DRV
"midi7"=KORGUMDD.DRV
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2660)
c:\program files\Stardock\ObjectDockFree\DockShellHook.dll
c:\program files\AnVir Task Manager Free\AnvirHook55.dll
c:\program files\Dexpot\hooxpot.dll
c:\users\RaeJae\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\program files\Stardock\ObjectDockFree\ODMenu.dll
.
Completion time: 2011-06-14 16:09:12
ComboFix-quarantined-files.txt 2011-06-14 04:09
ComboFix2.txt 2011-06-13 21:04
.
Pre-Run: 157,888,204,800 bytes free
Post-Run: 157,819,756,544 bytes free
.
- - End Of File - - E4B84B26D83FE0EA5B174D7F7101556A

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>NET START NSI
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START TDX
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>NET START AFD
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START DHCP
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>

Still no internet connection and everything I click on (Folder,MP3) comes up with an error saying 'Illegal operation attempted on a registry key that has been marked for deletion.'

It wont work cause it keeps popping up that error in my previous post (Illegal operation attempted on a registry key that has been marked for deletion)

Copied and dragged into Combofix as you suggested,this is the Log Report

ComboFix 11-06-13.01 - RaeJae 15/06/2011 8:36.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.913 [GMT 12:00]
Running from: c:\users\RaeJae\Desktop\ComboFix.exe
Command switches used :: c:\users\RaeJae\Desktop\CFScript,txt.txt
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys --> c:\windows\System32\drivers\tdx.sys
.
((((((((((((((((((((((((( Files Created from 2011-05-14 to 2011-06-14 )))))))))))))))))))))))))))))))
.
.
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\ChaKotAshWai\AppData\Local\temp
2011-06-14 20:36 . 2009-07-13 23:12 74240 ----a-w- c:\windows\system32\drivers\tdx.sys
2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-15 13:27 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
.
c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=KORGUMDD.DRV
"midi7"=KORGUMDD.DRV
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5564)
c:\program files\Stardock\ObjectDockFree\DockShellHook.dll
c:\program files\AnVir Task Manager Free\AnvirHook55.dll
c:\program files\Dexpot\hooxpot.dll
c:\users\RaeJae\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\program files\Stardock\ObjectDockFree\ODMenu.dll
.
Completion time: 2011-06-15 08:51:41
ComboFix-quarantined-files.txt 2011-06-14 20:51
ComboFix2.txt 2011-06-14 04:09
ComboFix3.txt 2011-06-13 21:04
.
Pre-Run: 157,830,139,904 bytes free
Post-Run: 157,780,922,368 bytes free
.
- - End Of File - - FD1984AF1F07646D73A2932BC566B3DE

Got this message again

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>NET START NSI
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START TDX
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>NET START AFD
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START DHCP
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>