Inactive Avgnt.exe : "bad image"

[bongojam]

I ran some scans after getting a bad image message for avgnt.exe by Avira. Here are the logs. Any advice would be appreciated. Thank you!

============



Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7926

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/10/2011 10:06:56
mbam-log-2011-10-12 (10-06-56).txt

Scan type: Quick scan
Objects scanned: 178258
Time elapsed: 6 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


==============



GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-12 11:10:17
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5 WDC_WD1600JS-00NCB1 rev.10.02E02
Running: e8whyj0r.exe; Driver: C:\DOCUME~1\Molto\LOCALS~1\Temp\fxtdqpoc.sys


---- System - GMER 1.0.15 ----

SSDT B873C494 ZwClose
SSDT B873C44E ZwCreateKey
SSDT B873C49E ZwCreateSection
SSDT B873C476 ZwCreateSymbolicLinkObject
SSDT B873C444 ZwCreateThread
SSDT B873C453 ZwDeleteKey
SSDT B873C45D ZwDeleteValueKey
SSDT B873C48F ZwDuplicateObject
SSDT B873C47B ZwLoadDriver
SSDT B873C462 ZwLoadKey
SSDT B873C430 ZwOpenProcess
SSDT B873C471 ZwOpenSection
SSDT B873C435 ZwOpenThread
SSDT B873C4B7 ZwQueryValueKey
SSDT B873C46C ZwReplaceKey
SSDT B873C4A8 ZwRequestWaitReplyPort
SSDT B873C467 ZwRestoreKey
SSDT B873C4A3 ZwSetContextThread
SSDT B873C4AD ZwSetSecurityObject
SSDT B873C480 ZwSetSystemInformation
SSDT B873C458 ZwSetValueKey
SSDT B873C4B2 ZwSystemDebugControl
SSDT B873C43F ZwTerminateProcess
SSDT B873C43A ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 24E8 80501D10 5 Bytes [7B, C4, 73, B8, 62]
.text ntkrnlpa.exe!ZwCallbackReturn + 24EE 80501D16 2 Bytes [73, B8] {JAE 0xffffffffffffffba}
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6C2F3A0, 0x88C445, 0xE8000020]
init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB3686A80]

---- EOF - GMER 1.0.15 ----


=============




.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Molto at 11:10:56 on 2011-10-12
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2047.1435 [GMT 3:00]
.
AV: Avira Desktop *Enabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Documents and Settings\Molto\Desktop\e8whyj0r.exe
C:\Documents and Settings\Molto\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Molto\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Molto\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [X-Lite 4] "c:\program files\counterpath\x-lite 4\X-Lite4.exe" -bootload
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: SmarThru4 Capture Selection - c:\program files\smarthru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\smarthru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\smarthru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\smarthru 4\WebCapture.dll
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\documents and settings\molto\desktop\PartyPoker.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1310394543801
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.10.254
TCP: Interfaces\{D5F1F1D6-11B1-4F0F-8EB5-CFB65023BC5A} : DhcpNameServer = 192.168.10.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\molto\application data\mozilla\firefox\profiles\nnrmt3xh.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\documents and settings\molto\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\molto\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\molto\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-10 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-10 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-10 110032]
R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2011-10-10 463824]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-10 74640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-13 366640]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w --> C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-13 22712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2010-8-2 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2010-8-2 20864]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2010-8-2 19968]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2010-8-2 24960]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [2010-8-2 25728]
S3 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2011-9-30 5162352]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AntiVirMailService;Avira Mail Protection;c:\program files\avira\antivir desktop\avmailc.exe [2011-10-10 342480]
.
=============== Created Last 30 ================
.
2011-10-10 01:54:50 -------- d-----w- c:\windows\system32\NtmsData
2011-10-10 00:34:29 -------- d-----w- c:\documents and settings\molto\application data\Avira
2011-10-10 00:33:42 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-10 00:33:42 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-10 00:33:37 -------- d-----w- c:\program files\Avira
2011-10-10 00:33:37 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-10-09 11:29:56 -------- d-----w- C:\Poker
2011-10-09 03:43:08 -------- d-----w- c:\documents and settings\molto\application data\HighPulse
2011-10-09 03:43:00 -------- d-----w- c:\program files\High Pulse
2011-10-09 02:15:46 -------- d-----w- c:\documents and settings\molto\local settings\application data\Temp
2011-10-06 00:45:57 -------- d-----w- c:\documents and settings\molto\local settings\application data\WBFSManager
2011-10-06 00:44:23 -------- d-----w- c:\program files\WBFS
2011-10-05 15:26:20 -------- d-----w- c:\program files\BlackChipPoker
2011-10-05 14:36:48 -------- d-----w- c:\documents and settings\molto\local settings\application data\PokerEdge
2011-10-05 14:31:20 -------- d-----w- c:\program files\PokerEdge
2011-10-05 12:21:17 -------- d-----w- c:\program files\BetClic Poker.com
2011-10-04 20:16:57 -------- d-----w- c:\program files\Bodog Poker
2011-10-04 20:12:30 -------- d-----w- c:\documents and settings\molto\local settings\application data\CPN
2011-10-04 20:12:19 -------- d-----w- c:\program files\Cake Poker 2.0
2011-10-02 22:33:17 23920 ----a-w- c:\windows\system32\drivers\povrtdev.sys
2011-10-02 22:32:58 -------- d-----w- c:\program files\common files\ffdshowEx
2011-10-02 22:32:57 -------- d-----w- c:\program files\MediaMall
2011-10-02 22:31:30 -------- d-----w- c:\documents and settings\all users\application data\MediaMall
2011-09-28 12:06:13 -------- d-----w- c:\documents and settings\molto\local settings\application data\Hold'em_Manager
2011-09-25 10:01:35 -------- d-----w- c:\documents and settings\all users\application data\Boss Media
2011-09-25 10:01:34 -------- d-----w- c:\documents and settings\molto\local settings\application data\Boss Media
2011-09-25 09:43:50 -------- d-----w- c:\program files\Poker Heaven
2011-09-22 14:02:53 -------- d-----w- c:\documents and settings\molto\application data\YoudaGames
2011-09-20 23:08:35 -------- d-----w- c:\documents and settings\molto\local settings\application data\PokerStrategy
2011-09-20 22:49:38 -------- d-----w- c:\documents and settings\molto\local settings\application data\ICMTrainer
2011-09-20 22:48:20 -------- d-----w- c:\program files\PokerStrategy
2011-09-20 18:50:35 -------- d-----w- c:\program files\PokerStove
2011-09-14 16:37:12 -------- d-----w- c:\documents and settings\molto\application data\Mozilla-Cache
2011-09-14 16:36:24 -------- d-----w- c:\program files\PartyGaming
2011-09-12 20:18:20 -------- d-----w- c:\program files\PokerOfficer
2011-09-12 19:49:26 -------- d-----w- c:\documents and settings\molto\local settings\application data\In_The_Money_LLC
2011-09-12 19:49:08 -------- d-----w- c:\program files\In The Money
2011-09-12 16:55:14 -------- d-----w- C:\HMArchive
2011-09-12 16:55:13 -------- d-----w- c:\documents and settings\molto\local settings\application data\In The Money
2011-09-12 16:54:25 -------- d-----w- c:\documents and settings\all users\application data\XHEO INC
2011-09-12 16:53:55 -------- d-----w- c:\documents and settings\molto\local settings\application data\IsolatedStorage
2011-09-12 16:53:51 -------- d-----w- c:\documents and settings\molto\application data\HEM Data
2011-09-12 16:50:35 -------- d-----w- c:\program files\PostgreSQL
2011-09-12 16:49:31 -------- d-----w- c:\program files\RVG Software
2011-09-12 16:49:06 -------- d-----w- c:\program files\PSQLINSTALL
2011-09-12 16:44:57 -------- d-----w- c:\documents and settings\molto\P5JavaClientSettings
2011-09-12 16:44:38 -------- d-----w- c:\documents and settings\molto\local settings\application data\P5
2011-09-12 16:44:35 -------- d-----w- C:\bwinPoker JPC
2011-09-12 16:22:57 -------- d-----w- c:\program files\PKR
.
==================== Find3M ====================
.
2011-10-11 20:35:03 55 ---h--w- c:\windows\system32\t3zmolto.sys
2011-10-10 00:10:12 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-10-10 00:10:12 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-10-10 00:09:27 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-09-14 16:37:49 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-05 17:05:00 47512 ----a-w- c:\windows\system32\AdobePDF.dll
2011-09-05 17:04:58 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll
2011-08-10 17:28:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-10 17:28:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 11:11:22.26 ===============



================



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/11/2011 5:00:48 PM
System Uptime: 10/12/2011 9:44:45 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | A8N-VM
Processor: AMD Athlon(tm) 64 Processor 3000+ | CPU 1 | 1808/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 69.752 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_0264&SUBSYS_81C01043&REV_A2\3&267A616A&0&51
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_0264&SUBSYS_81C01043&REV_A2\3&267A616A&0&51
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Gigabyte GN-WP01GT Wireless PCI Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_E9121458&REV_01\4&2B17F62E&0&4080
Manufacturer: Giga-byte
Name: Gigabyte GN-WP01GT Wireless PCI Adapter
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_E9121458&REV_01\4&2B17F62E&0&4080
Service: AR5211
.
==== System Restore Points ===================
.
RP21: 7/13/2011 6:11:51 PM - Installed Microsoft .NET Framework 1.1
RP22: 7/13/2011 6:48:22 PM - Installed TRADOS 7 Freelance
RP23: 7/14/2011 8:00:16 PM - System Checkpoint
RP25: 7/17/2011 2:02:32 PM - Installed Windows Media Format 9 Series Runtime Setup
RP26: 7/17/2011 2:13:06 PM - Installed Windows XP Wdf01005.
RP27: 7/17/2011 10:08:18 PM - Installed DirectX
RP28: 7/19/2011 12:03:22 AM - System Checkpoint
RP29: 7/20/2011 4:33:15 AM - System Checkpoint
RP30: 7/21/2011 5:24:27 AM - System Checkpoint
RP31: 7/22/2011 1:49:43 AM - Installed Viva Fax
RP32: 7/23/2011 12:14:02 PM - System Checkpoint
RP33: 8/3/2011 7:57:41 PM - System Checkpoint
RP34: 8/4/2011 8:24:02 AM - Installed Windows Live installer
RP35: 8/4/2011 8:25:12 AM - Installed Windows Live
RP36: 8/5/2011 3:22:44 PM - System Checkpoint
RP37: 8/6/2011 5:16:41 PM - System Checkpoint
RP38: 8/8/2011 1:04:45 PM - Installed Image Resizer Powertoy for Windows XP
RP39: 8/9/2011 6:04:26 PM - System Checkpoint
RP40: 8/10/2011 8:28:20 PM - Installed Java(TM) 6 Update 26
RP41: 8/12/2011 3:05:32 PM - System Checkpoint
RP42: 8/13/2011 9:53:03 PM - System Checkpoint
RP43: 8/14/2011 10:56:28 PM - System Checkpoint
RP44: 8/16/2011 12:26:34 PM - System Checkpoint
RP45: 8/16/2011 7:55:14 PM - Installed Windows Media Player 11
RP46: 8/16/2011 7:56:07 PM - Software Distribution Service 3.0
RP47: 8/16/2011 8:09:20 PM - Removed Microsoft Visual C++ 2005 Redistributable
RP48: 8/16/2011 8:09:45 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP49: 8/16/2011 8:10:18 PM - Installed Windows XP KB942288-v3.
RP50: 8/16/2011 8:13:52 PM - Installed Nero Burning ROM 10.
RP51: 8/20/2011 9:54:14 AM - System Checkpoint
RP52: 8/22/2011 2:01:35 PM - System Checkpoint
RP53: 8/23/2011 10:24:26 AM - Removed X-Lite 4
RP54: 8/24/2011 11:12:38 AM - System Checkpoint
RP55: 8/25/2011 12:37:48 PM - System Checkpoint
RP56: 8/26/2011 5:00:56 PM - System Checkpoint
RP57: 8/29/2011 12:01:27 PM - System Checkpoint
RP58: 8/30/2011 2:52:08 PM - System Checkpoint
RP59: 8/31/2011 5:15:30 PM - System Checkpoint
RP60: 9/8/2011 8:07:10 PM - System Checkpoint
RP61: 9/9/2011 8:17:51 PM - System Checkpoint
RP62: 9/10/2011 8:23:14 PM - System Checkpoint
RP63: 9/12/2011 11:18:25 PM - Installed PokerOfficer
RP64: 9/14/2011 12:34:32 AM - System Checkpoint
RP65: 9/15/2011 5:16:19 PM - System Checkpoint
RP66: 9/16/2011 8:20:52 PM - System Checkpoint
RP67: 9/18/2011 5:26:31 PM - System Checkpoint
RP68: 9/19/2011 5:50:11 PM - System Checkpoint
RP69: 9/21/2011 1:48:52 AM - Installed ICM Trainer
RP70: 9/22/2011 6:39:49 PM - System Checkpoint
RP71: 9/24/2011 5:37:46 PM - System Checkpoint
RP72: 9/25/2011 10:15:12 PM - System Checkpoint
RP73: 9/27/2011 12:53:24 AM - System Checkpoint
RP74: 9/28/2011 8:09:14 PM - System Checkpoint
RP75: 9/30/2011 3:14:24 PM - System Checkpoint
RP76: 10/2/2011 4:41:29 PM - System Checkpoint
RP77: 10/3/2011 1:32:39 AM - Installed PlayOn
RP78: 10/4/2011 2:44:37 PM - System Checkpoint
RP79: 10/6/2011 4:39:03 AM - System Checkpoint
RP80: 10/7/2011 11:52:26 AM - System Checkpoint
RP81: 10/8/2011 2:42:07 PM - System Checkpoint
RP82: 10/9/2011 6:42:59 AM - Installed High Pulse.
RP83: 10/10/2011 7:31:17 AM - System Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 2 (SP2)
ABBYY FineReader 10 Corporate Edition
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Athlon 64 Processor Driver
µTorrent
Avira Antivirus Premium 2012
BetClic Poker.com (Remove Only)
Black Chip Poker
Bodog Poker
bwin Poker JPC 1.0.0
Cake Poker 2.0
Foxit Reader 5.0
Free Music Zilla
Gigabyte Client Installation Program
Glary Utilities 2.38.0.1288
Google Chrome
Google Talk Plugin
High Pulse
Holdem Manager
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
ICM Trainer
Image Resizer Powertoy for Windows XP
Java Auto Updater
Java(TM) 6 Update 26
LG Bluetooth Drivers
LG PC Suite IV
LG United Mobile Drivers
MAGENTA - GOLDEN VERSION 2006 - English-Greek-English dictionar
Malwarebytes' Anti-Malware version 1.51.0.1200
Media Player Classic - Home Cinema v1.5.1.2903
MediaCoder 2011
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (Greek) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Greek) 2007
Microsoft Office Groove MUI (Greek) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (Greek) 2007
Microsoft Office Language Pack 2007 - Greek/????????
Microsoft Office O MUI (Greek) 2007
Microsoft Office OneNote MUI (Greek) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (Greek) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Greek) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Greek) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (Greek) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Greek) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer MUI (Greek) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Greek) 2007
Microsoft Office X MUI (Greek) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Software Update for Web Folders (Greek) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 8.0 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 Parser and SDK
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
NVIDIA Control Panel 275.33
NVIDIA Drivers
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
PartyPoker
Peck's Power Join
PhotoFiltre
PKR
PlayOn
Poker Heaven
PokerOfficer
PokerStove version 1.23
PostgreSQL 8.4
PowerISO
Prism Video File Converter
Readiris Pro 10
Samsung SCX-4300 Series
Segoe UI
Sentinel Protection Installer 7.0.0
SitNGo Wizard
SmarThru 4
SoundMAX
Spybot - Search & Destroy
TRADOS 7 Freelance
Translation Office 3000, Version 9.0
Viva Fax
VLC media player 1.1.10
WBFS Manager 3.0
WebFldrs XP
William Hill Poker
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
WinZip 15.5
X-Lite 4
.
==== Event Viewer Messages From Past Week ========
.
10/8/2011 6:37:30 AM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
10/11/2011 10:10:25 AM, error: Service Control Manager [7034] - The postgresql-8.4 - PostgreSQL Server 8.4 service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

 

[bongojam]

I should also mention that a couple of days ago there were some "unusual runtime compression" messages regarding some dll files. These were removed and the associated application (Poker Edge) was uninstalled. Anyway, here's the Antivir report in case it's of any help.

==========





Avira Antivirus Premium 2012
Report file date: 10 October 2011 04:54

Scanning for 3375797 virus strains and unwanted programs.

The program is running as a fully functional evaluation version.
Online services are available:

Licensee : Molto
Serial number : 2216633411-PEPWE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Molto
Computer name : BRISTOL

Version information:
BUILD.DAT : 12.0.0.867 42511 Bytes 05/10/2011 21:07:00
AVSCAN.EXE : 12.1.0.17 490448 Bytes 05/10/2011 07:24:16
AVSCAN.DLL : 12.1.0.17 54224 Bytes 23/09/2011 10:34:57
LUKE.DLL : 12.1.0.17 68304 Bytes 05/10/2011 07:24:24
AVSCPLR.DLL : 12.1.0.19 99536 Bytes 05/10/2011 07:24:16
AVREG.DLL : 12.1.0.20 227024 Bytes 05/10/2011 07:24:15
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 17:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 08:07:39
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 14:08:51
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07/04/2011 09:00:55
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31/05/2011 09:18:22
VBASE005.VDF : 7.11.10.251 1788416 Bytes 07/07/2011 11:12:53
VBASE006.VDF : 7.11.13.60 6411776 Bytes 16/08/2011 06:26:09
VBASE007.VDF : 7.11.15.106 2389504 Bytes 05/10/2011 08:44:27
VBASE008.VDF : 7.11.15.107 2048 Bytes 05/10/2011 08:44:27
VBASE009.VDF : 7.11.15.108 2048 Bytes 05/10/2011 08:44:27
VBASE010.VDF : 7.11.15.109 2048 Bytes 05/10/2011 08:44:27
VBASE011.VDF : 7.11.15.110 2048 Bytes 05/10/2011 08:44:27
VBASE012.VDF : 7.11.15.111 2048 Bytes 05/10/2011 08:44:27
VBASE013.VDF : 7.11.15.144 161792 Bytes 07/10/2011 00:36:10
VBASE014.VDF : 7.11.15.145 2048 Bytes 07/10/2011 00:36:10
VBASE015.VDF : 7.11.15.146 2048 Bytes 07/10/2011 00:36:10
VBASE016.VDF : 7.11.15.147 2048 Bytes 07/10/2011 00:36:10
VBASE017.VDF : 7.11.15.148 2048 Bytes 07/10/2011 00:36:10
VBASE018.VDF : 7.11.15.149 2048 Bytes 07/10/2011 00:36:10
VBASE019.VDF : 7.11.15.150 2048 Bytes 07/10/2011 00:36:10
VBASE020.VDF : 7.11.15.151 2048 Bytes 07/10/2011 00:36:11
VBASE021.VDF : 7.11.15.152 2048 Bytes 07/10/2011 00:36:11
VBASE022.VDF : 7.11.15.153 2048 Bytes 07/10/2011 00:36:11
VBASE023.VDF : 7.11.15.154 2048 Bytes 07/10/2011 00:36:11
VBASE024.VDF : 7.11.15.155 2048 Bytes 07/10/2011 00:36:11
VBASE025.VDF : 7.11.15.156 2048 Bytes 07/10/2011 00:36:11
VBASE026.VDF : 7.11.15.157 2048 Bytes 07/10/2011 00:36:11
VBASE027.VDF : 7.11.15.158 2048 Bytes 07/10/2011 00:36:11
VBASE028.VDF : 7.11.15.159 2048 Bytes 07/10/2011 00:36:12
VBASE029.VDF : 7.11.15.160 2048 Bytes 07/10/2011 00:36:12
VBASE030.VDF : 7.11.15.161 2048 Bytes 07/10/2011 00:36:12
VBASE031.VDF : 7.11.15.175 126464 Bytes 09/10/2011 00:36:12
Engineversion : 8.2.6.80
AEVDF.DLL : 8.1.2.1 106868 Bytes 01/09/2011 20:46:02
AESCRIPT.DLL : 8.1.3.81 467322 Bytes 04/10/2011 16:01:31
AESCN.DLL : 8.1.7.2 127349 Bytes 01/09/2011 20:46:02
AESBX.DLL : 8.2.1.34 323957 Bytes 01/09/2011 20:46:02
AERDL.DLL : 8.1.9.15 639348 Bytes 08/09/2011 20:16:06
AEPACK.DLL : 8.2.10.11 684408 Bytes 22/09/2011 13:18:45
AEOFFICE.DLL : 8.1.2.15 201083 Bytes 15/09/2011 22:17:25
AEHEUR.DLL : 8.1.2.177 3744120 Bytes 10/10/2011 00:36:15
AEHELP.DLL : 8.1.17.7 254327 Bytes 01/09/2011 20:46:01
AEGEN.DLL : 8.1.5.9 401780 Bytes 01/09/2011 20:46:01
AEEMU.DLL : 8.1.3.0 393589 Bytes 01/09/2011 20:46:01
AECORE.DLL : 8.1.23.0 196983 Bytes 01/09/2011 20:46:01
AEBB.DLL : 8.1.1.0 53618 Bytes 01/09/2011 20:46:01
AVWINLL.DLL : 12.1.0.17 27344 Bytes 05/10/2011 07:24:18
AVPREF.DLL : 12.1.0.17 51920 Bytes 05/10/2011 07:24:15
AVREP.DLL : 12.1.0.17 179920 Bytes 05/10/2011 07:24:15
AVARKT.DLL : 12.1.0.17 223184 Bytes 05/10/2011 07:24:12
AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 05/10/2011 07:24:14
SQLITE3.DLL : 3.7.0.0 398288 Bytes 05/10/2011 07:24:28
AVSMTP.DLL : 12.1.0.17 63440 Bytes 05/10/2011 07:24:16
NETNT.DLL : 12.1.0.17 17104 Bytes 05/10/2011 07:24:25
RCIMAGE.DLL : 12.1.0.17 4493520 Bytes 05/10/2011 07:24:33
RCTEXT.DLL : 12.1.0.16 96208 Bytes 23/09/2011 10:37:28

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: default
Primary action......................: delete
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Deviating risk categories...........: +PCK,+SPR,

Start of the scan: 10 October 2011 04:54

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '102' Module(s) have been scanned
Scan process 'chrome.exe' - '41' Module(s) have been scanned
Scan process 'chrome.exe' - '44' Module(s) have been scanned
Scan process 'avgnt.exe' - '63' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '38' Module(s) have been scanned
Scan process 'sched.exe' - '37' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '89' Module(s) have been scanned
Scan process 'chrome.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'postgres.exe' - '30' Module(s) have been scanned
Scan process 'postgres.exe' - '30' Module(s) have been scanned
Scan process 'postgres.exe' - '30' Module(s) have been scanned
Scan process 'postgres.exe' - '30' Module(s) have been scanned
Scan process 'postgres.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'spnsrvnt.exe' - '20' Module(s) have been scanned
Scan process 'pg_ctl.exe' - '32' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '36' Module(s) have been scanned
Scan process 'mbamservice.exe' - '33' Module(s) have been scanned
Scan process 'jqs.exe' - '33' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'Explorer.EXE' - '118' Module(s) have been scanned
Scan process 'acs.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '164' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '64' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '70' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting to scan executable files (registry).
The registry was scanned ( '6148' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Documents and Settings\Molto\Local Settings\Temp\PE5.0.3.9.exe
[0] Archive type: NSIS
--> TPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> PSDataIT.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> PSDataFR.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> PSData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> PPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> APData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> BPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> OGData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> C1Data.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> C2Data.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> MRData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> FTData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
--> OpenerInterface.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\APData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\BPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\C1Data.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\C2Data.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\FTData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\MRData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\OGData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\OpenerInterface.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\PPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\PSData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\PSDataFR.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\PSDataIT.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!
C:\Program Files\PokerEdge\TPData.dll
[DETECTION] This file has been compressed using unusual runtime compression (PCK/Themida). Please verify the origin of this file.
[NOTE] The file was deleted!


End of the scan: 10 October 2011 05:41
Used time: 47:07 Minute(s)

The scan has been done completely.

6914 Scanned directories
356780 Files were scanned
26 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
14 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
356754 Files not concerned
3010 Archives were scanned
0 Warnings
14 Notes
356221 Objects were scanned with rootkit scan
0 Hidden objects were found

 

[Bobbye]

Welcome to TechSpot! Looking over the installed programs makes me fairly certain that one or more- maybe even all of the poker programs you put on the system in the last month has most probably corrupted files.

As you may know, avgnt.exe is a background task of the AntiVir antivirus program which scans files transparently in the background . It appears that you installed c:\program files\Avira on 2011-10-10 after getting the poker software. Was there any other AV on this system before Avira?
===================================
From 9/10 to 10/9/2011, you put 12 poker programs on the system and set up 2 directories for related poker processes.
C:\Poker
c:\program files\BlackChipPoker
c:\program files\PokerEdge
c:\program files\High Pulse
c:\program files\BetClic Poker.com
c:\program files\Bodog Poker
c:\program files\Cake Poker 2.0
c:\program files\Poker Heaven
c:\program files\PokerStrategy
c:\program files\PokerStove
c:\program files\PartyGaming
c:\program files\PokerOfficer
c:\program files\RVG Software
C:\bwinPoker JPC
c:\program files\PKR

Additionally, the installed programs also show:
ICM Trainer
PartyPoker
PlayOn
William Hill Poker
======================================
I don't know what country you live in, but in the US- and possibly globally- the government closed most if not all of the online poker games.
===================================================
I am certain that these numerous downloads in the last month have taken their tool on the system

If you would like my help with this, please give me some detail of what is going on with the system and the full bad image message.
==========================================

• Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  ESETOnlineScan
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  [o] Double click on the
  
  on your desktop.
• Check 'Yes I accept terms of use.'
• Click Start button
• Accept any security warnings from your browser.
  
  
• Uncheck 'Remove found threats'
• Check 'Scan archives/
• Leave remaining settings as is.
• Press the Start button.
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
• When the scan completes, press List of found threats
• Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
• Push the Back button
• Push Finish

Please post the entire log with heading resembling this:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=1

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.