at a loss.. my firefox browser constantly redirects me whenever i'm on google to yellowpages to a local area or bing or some other crap. and i constantly hear ticks in the background like something is opening and loading and my desktop seems to be constantly refreshing.

did the 6 steps here are the logs


Malwarebytes' Anti-Malware 1.36
Database version: 2075
Windows 5.1.2600 Service Pack 3

10/11/2011 4:17:26 AM
mbam-log-2011-10-11 (04-17-26).txt

Scan type: Quick Scan
Objects scanned: 125143
Time elapsed: 5 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-10-11 04:22:42
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3500320AS rev.SD15
Running: e90bprdy.exe; Driver: C:\DOCUME~1\CAPNDR~1\LOCALS~1\Temp\fwdiqpog.sys


---- System - GMER 1.0.15 ----

SSDT splw.sys ZwEnumerateKey [0xB9EC5CA4]
SSDT splw.sys ZwEnumerateValueKey [0xB9EC6032]

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9DFBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target14Lun0 8B03D1F8
Device \Driver\mv61xx \Device\Scsi\mv61xx1 8B03D1F8
Device \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target0Lun0 8B03D1F8
Device \FileSystem\Ntfs \Ntfs 8B03C1F8
Device \FileSystem\Fastfat \Fat 8A139500

---- EOF - GMER 1.0.15 ----







.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_26
Run by CapnDrake at 4:23:07 on 2011-10-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2577 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\V0610Mon.exe
C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [MsnMsgr] "c:\progra~1\window~4\messen~1\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\capndrake\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Hcarapaximi] rundll32.exe "c:\windows\rtsxmap.dll",Startup
uRun: [SecurityNetman] rundll32.exe "c:\documents and settings\capndrake\local settings\application data\mcimouseide\SecurityNetman.dll",CRLPadxx xpMousemon2
uRun: [WindowsLivePhone] "c:\program files\windows live\device manager\msgrdvmn.exe" /AutoRun
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16
mRun: [V0610Mon.exe] c:\windows\V0610Mon.exe
mRun: [WindowsLivePhone] c:\program files\windows live\device manager\msgrdvmn.exe /AutoRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Jvisuhiqijoyi] rundll32.exe "c:\windows\egivumej.dll",Startup
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRunOnce: [mvdriver] "c:\program files\marvell\61xx\driver\devcon.exe" update "c:\program files\marvell\61xx\driver\mvnodrv.inf" "scsi\ArrayMARVELL_Virtual_Device__"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{81ABE42E-3B10-4B0C-B933-D218032B2766} : DhcpNameServer = 192.168.2.1 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\capndrake\application data\mozilla\firefox\profiles\f3ccif8l.default\
FF - prefs.js: browser.search.defaulturl - false
FF - prefs.js: browser.search.selectedEngine - false
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - false
FF - component: c:\documents and settings\capndrake\application data\mozilla\firefox\profiles\f3ccif8l.default\extensions\firesheep@codebutler.com\platform\winnt_x86-msvc\components\mozpopen.dll
FF - plugin: c:\documents and settings\capndrake\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\capndrake\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\capndrake\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npRLCT4Player.dll
FF - plugin: c:\program files\mpcstar\codecs\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\mpcstar\codecs\real\browser\plugins\nprpjplug.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: XULRunner: {0A2C8F58-08EC-4FC2-91C6-0E1DC31BE07B} - c:\documents and settings\capndrake\local settings\application data\{0A2C8F58-08EC-4FC2-91C6-0E1DC31BE07B}
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.search.defaultenginename - false
FF - user.js: browser.search.defaulturl - false
FF - user.js: browser.search.selectedEngine - false
FF - user.js: keyword.URL - false
FF - user.js: keyword.enabled - true
FF - user.js: google.toolbar.linkdoctor.enabled - false
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-8-18 151592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2011-10-6 100368]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2011-1-22 143936]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2010-9-3 14856]
R3 V0610Afx;Creative Camera VF0610 Audio Effects Driver;c:\windows\system32\drivers\V0610Afx.sys [2011-1-22 160256]
R3 V0610Vid;Creative Live! Cam Socialize HD Driver;c:\windows\system32\drivers\V0610Vid.sys [2011-1-22 274624]
S0 d344prt;d344prt;c:\windows\system32\drivers\d344prt.sys --> c:\windows\system32\drivers\d344prt.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-12 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-8-5 12672]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\capndr~1\locals~1\temp\mnif.tmp --> c:\docume~1\capndr~1\locals~1\temp\MNIF.tmp [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-9-1 13352]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-12 135664]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys --> c:\windows\system32\drivers\rt2870.sys [?]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-1-6 594048]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x32l.sys [2007-12-14 57344]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x32v.sys [2007-11-23 20992]
.
=============== Created Last 30 ================
.
2011-10-11 06:35:53 -------- d-----w- c:\documents and settings\capndrake\application data\SharePod
2011-10-06 23:02:37 100368 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2011-10-06 22:54:53 -------- d-----w- c:\program files\AMD APP
2011-10-06 10:49:54 -------- d-----w- c:\documents and settings\capndrake\local settings\application data\Help
2011-10-05 06:54:22 -------- d-----w- c:\program files\World of Warcraft
2011-09-26 18:53:15 -------- d-----w- c:\documents and settings\capndrake\local settings\application data\WLDM
2011-09-14 15:47:40 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-09-14 15:46:58 13625856 ----a-w- c:\windows\system32\amdocl.dll
2011-09-14 15:38:28 37376 ----a-w- c:\windows\system32\amdoclcl.dll
2011-09-14 13:30:29 -------- d-----w- c:\documents and settings\capndrake\local settings\application data\mciMouseIde
.
==================== Find3M ====================
.
2011-10-06 04:41:59 0 ----a-w- c:\windows\Nlehideduva.bin
2011-09-08 18:24:14 7180800 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-09-08 18:17:00 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-09-08 17:50:08 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-09-08 17:50:02 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-09-08 17:46:32 5701632 ----a-w- c:\windows\system32\aticaldd.dll
2011-09-08 17:41:52 18571264 ----a-w- c:\windows\system32\atioglxx.dll
2011-09-08 17:26:46 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-08 17:25:58 3953280 ----a-w- c:\windows\system32\ati3duag.dll
2011-09-08 17:25:42 303104 ----a-w- c:\windows\system32\ati2dvag.dll
2011-09-08 17:19:36 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-09-08 17:09:28 3174656 ----a-w- c:\windows\system32\ativvaxx.dll
2011-09-08 17:09:18 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-09-08 17:09:08 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-09-08 17:09:02 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-09-08 17:08:54 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-09-08 17:08:42 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-09-08 17:07:36 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-09-08 17:06:26 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-09-08 17:05:10 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-08 17:01:54 704512 ----a-w- c:\windows\system32\atikvmag.dll
2011-09-08 17:00:28 528384 ----a-w- c:\windows\system32\atiok3x2.dll
2011-09-08 16:58:28 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-08 16:58:06 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-09-08 16:52:44 876544 ----a-w- c:\windows\system32\ati2cqag.dll
2011-09-08 16:52:08 65024 ----a-w- c:\windows\system32\atimpc32.dll
2011-09-08 16:52:08 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2011-09-08 16:52:06 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-08-31 09:31:55 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-08-26 22:21:30 42392 ----a-w- c:\windows\system32\xfcodec.dll
2011-07-28 21:48:54 43520 ----a-w- c:\windows\system32\OpenCL.dll
.
============= FINISH: 4:23:29.09 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/8/2008 3:55:26 PM
System Uptime: 10/11/2011 2:48:26 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5Q-E
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | LGA 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 244 GiB total, 58.026 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 84.544 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is FIXED (NTFS) - 222 GiB total, 155.895 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
AAC Decoder
Ableton Live v7.0.2
ACID Pro 7.0
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe ConnectNow Add-in
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 Professional
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader 9.1.1
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advanced Audio FX Engine
AI Suite
AMD APP SDK Runtime
AMD Catalyst Install Manager
ASIO4ALL
Auslogics BoostSpeed
AusLogics Disk Defrag
AutoUpdate
Belkin Connect Wireless USB Adapter
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
ccc-utility
CCC Help English
CCleaner (remove only)
Collab
Connect
CPUID HWMonitor 1.14
Creative Live! Cam Socialize HD (VF0610) (1.00.04.00)
Creative Live! Central 2
Creative System Information
Crysis WARHEAD(R)
CyberLink PowerDirector
Dell Photo AIO Printer 924
Digital Photo Navigator 1.5
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
FL Studio 8
FLAC 1.2.1b (remove only)
FLV Direct Player
foobar2000 v0.9.6.5
FXCM Trading Station
GGPO
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
Guitar Pro 5.2
H.264 Decoder
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
HotForex MetaTrader 4.00
IL Download Manager
ImgBurn
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 7
kuler
League of Legends
Left 4 Dead
Live! Cam Avatar Creator
Logitech GamePanel Software 3.06.109
Logitech QuickCam
Logitech® Camera Driver
MagicDisc 2.7.106
Maintenance Samsung ML-1660 Series
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
marvell 61xx
Marvell Miniport Driver
Marvell Network Configuration Utility
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MKV Splitter
Mozilla Firefox (3.6.23)
MpcStar 3.1
MSN
MSVCRT
MSXML 6.0 Parser (KB933579)
NVIDIA PhysX
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
Power Tab Editor 1.7
PowerISO
PunkBuster Services
Reason 4.0
RESIDENT EVIL 5
Segoe UI
Skype™ 3.8
Smart Menus (Windows Live Toolbar)
Sony Ericsson Media Manager 1.2
Sony Noise Reduction Plug-In 2.0h
Sony Sound Forge 9.0
SoulSeek 157 NS 13c
SoundMAX
Source SDK Base - Orange Box
Starcraft
Steinberg Cubase SX v3.1.1.944
STREET FIGHTER IV
Suite Shared Configuration CS4
Tomb Raider: Anniversary 1.0
Trader Workstation
TWS Demo
Unreal Tournament
Unreal Tournament 3
Update Service
VC80CRTRedist - 8.0.50727.4053
Virtual DJ - Atomix Productions
VisualRoute Lite Edition
WC3Banlist
WebFldrs XP
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Device Manager
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinPcap 3.1
WinRAR archiver
World of Warcraft
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.1 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
10/5/2011 5:12:51 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/4/2011 10:58:57 PM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
10/4/2011 10:58:57 PM, error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the file specified.
10/4/2011 10:57:37 PM, error: Dhcp [1002] - The IP address lease 192.168.2.2 for the Network Card with network address 002215125A8A has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

avast found about 7 infected files so it removed them here is the Goored report

GooredFix by jpshortstuff (03.07.10.1)
Log created at 16:34 on 11/10/2011 (CapnDrake)
Firefox version 8.0 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{0A2C8F58-08EC-4FC2-91C6-0E1DC31BE07B} -> Success!
Deleting C:\Documents and Settings\CapnDrake\Local Settings\Application Data\{0A2C8F58-08EC-4FC2-91C6-0E1DC31BE07B} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [21:18 31/07/2008]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [04:02 01/08/2008]
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [05:34 07/03/2009]
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [05:22 02/04/2009]
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [17:40 10/06/2009]
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [08:38 24/05/2011]
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [03:56 05/10/2011]

C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\extensions\
firesheep@codebutler.com [06:03 24/01/2011]
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [12:26 11/10/2011]
{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [09:12 11/10/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [05:34 07/03/2009]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [19:52 11/10/2011]

-=E.O.F=-

Combo fix log


ComboFix 11-10-11.05 - CapnDrake 10/11/2011 20:02:04.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2766 [GMT -4:00]
Running from: c:\documents and settings\CapnDrake\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\FLV Direct Player
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\-8--edrX_wh_11J
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\-bhAR-b-q_qbS
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\QU_u-0
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\s3QBSgPZ_
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\VHmCq2K-LlJ
c:\documents and settings\CapnDrake\Local Settings\Temporary Internet Files\XHI95h5tM
c:\documents and settings\CapnDrake\WINDOWS
c:\program files\FLV Direct Player
c:\program files\FLV Direct Player\downloading.swf
c:\program files\FLV Direct Player\player.swf
c:\program files\FLV Direct Player\preload.swf
c:\program files\FLV Direct Player\Skin\DirectFLV\Button.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Logo.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\skin.xml
c:\program files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Window.bmp
c:\windows\system32\d3d9caps.dat
H:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MSUPDATE
.
.
((((((((((((((((((((((((( Files Created from 2011-09-12 to 2011-10-12 )))))))))))))))))))))))))))))))
.
.
2011-10-11 19:53 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-11 19:53 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-11 19:53 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-11 19:53 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-11 19:53 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-11 19:53 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-11 19:53 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-11 19:52 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-11 19:52 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-11 19:52 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-11 19:52 . 2011-10-11 19:52 -------- d-----w- c:\program files\AVAST Software
2011-10-11 19:52 . 2011-10-11 19:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVAST Software
2011-10-11 09:11 . 2011-10-11 09:12 -------- d-----w- C:\beta mozillalol
2011-10-11 06:35 . 2011-10-11 06:35 -------- d-----w- c:\documents and settings\CapnDrake\Application Data\SharePod
2011-10-06 23:02 . 2011-08-08 20:58 100368 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2011-10-06 22:57 . 2011-10-06 22:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ATI
2011-10-06 22:54 . 2011-10-06 22:54 -------- d-----w- c:\program files\AMD APP
2011-10-06 10:49 . 2011-10-06 10:49 -------- d-----w- c:\documents and settings\CapnDrake\Local Settings\Application Data\Help
2011-10-05 06:54 . 2011-10-07 01:03 -------- d-----w- c:\program files\World of Warcraft
2011-09-26 18:53 . 2011-09-26 18:53 -------- d-----w- c:\documents and settings\CapnDrake\Local Settings\Application Data\WLDM
2011-09-14 15:47 . 2011-09-14 15:47 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-09-14 15:46 . 2011-09-14 15:46 13625856 ----a-w- c:\windows\system32\amdocl.dll
2011-09-14 15:38 . 2011-09-14 15:38 37376 ----a-w- c:\windows\system32\amdoclcl.dll
2011-09-14 13:30 . 2011-10-11 23:54 -------- d-----w- c:\documents and settings\CapnDrake\Local Settings\Application Data\mciMouseIde
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-08 18:24 . 2008-07-04 06:33 7180800 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-09-08 18:17 . 2011-08-24 22:27 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-09-08 17:50 . 2011-08-24 22:27 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-09-08 17:50 . 2011-08-24 22:27 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-09-08 17:46 . 2011-08-24 22:27 5701632 ----a-w- c:\windows\system32\aticaldd.dll
2011-09-08 17:41 . 2011-08-24 22:27 18571264 ----a-w- c:\windows\system32\atioglxx.dll
2011-09-08 17:26 . 2011-08-24 22:27 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-08 17:25 . 2008-07-04 03:00 3953280 ----a-w- c:\windows\system32\ati3duag.dll
2011-09-08 17:25 . 2008-07-04 03:23 303104 ----a-w- c:\windows\system32\ati2dvag.dll
2011-09-08 17:19 . 2011-08-24 22:27 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-09-08 17:09 . 2008-07-04 02:49 3174656 ----a-w- c:\windows\system32\ativvaxx.dll
2011-09-08 17:09 . 2011-08-24 22:27 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-09-08 17:09 . 2011-08-24 22:27 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-09-08 17:09 . 2011-08-24 22:27 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-09-08 17:08 . 2011-08-24 22:27 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-09-08 17:08 . 2011-08-24 22:27 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-09-08 17:07 . 2011-08-24 22:27 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-09-08 17:06 . 2011-08-24 22:27 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-09-08 17:05 . 2011-08-24 22:27 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-08 17:01 . 2011-08-24 22:27 704512 ----a-w- c:\windows\system32\atikvmag.dll
2011-09-08 17:00 . 2011-08-24 22:27 528384 ----a-w- c:\windows\system32\atiok3x2.dll
2011-09-08 16:58 . 2011-08-24 22:27 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-08 16:58 . 2011-08-24 22:27 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-09-08 16:52 . 2008-07-04 02:22 876544 ----a-w- c:\windows\system32\ati2cqag.dll
2011-09-08 16:52 . 2011-08-24 22:27 65024 ----a-w- c:\windows\system32\atimpc32.dll
2011-09-08 16:52 . 2011-08-24 22:27 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2011-09-08 16:52 . 2011-08-24 22:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-08-31 09:31 . 2011-08-31 09:20 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-08-26 22:21 . 2011-08-26 22:21 42392 ----a-w- c:\windows\system32\xfcodec.dll
2011-07-28 21:48 . 2011-07-28 21:48 43520 ----a-w- c:\windows\system32\OpenCL.dll
2008-10-28 17:41 . 2011-01-22 07:07 238896 -c--a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 17:41 . 2011-01-22 07:07 210320 -c--a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 17:41 . 2011-01-22 07:07 83248 -c--a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 17:41 . 2011-01-22 07:07 431512 -c--a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 17:41 . 2011-01-22 07:07 464176 -c--a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2008-10-28 17:41 . 2011-01-22 07:07 144688 -c--a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 17:41 . 2011-01-22 07:07 210224 -c--a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 17:41 . 2011-01-22 07:07 111920 -c--a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 17:41 . 2011-01-22 07:07 218416 -c--a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 17:41 . 2011-01-22 07:07 173360 -c--a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\progra~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2010-04-17 3872080]
"WindowsLivePhone"="c:\program files\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-03-16 1040384]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]
"V0610Mon.exe"="c:\windows\V0610Mon.exe" [2009-08-06 24576]
"WindowsLivePhone"="c:\program files\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 358472]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 3649096]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 1809992]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKLM\~\startupfolder\C:^Documents and Settings^CapnDrake^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk]
path=c:\documents and settings\CapnDrake\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk
backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remove H2O driver]
rd [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 12:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai Nap]
2008-05-09 21:45 1423360 ----a-w- c:\program files\ASUS\AI Suite\AiNap\AiNap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpu Level Up help]
2007-12-01 03:03 881152 ----a-w- c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2007-02-26 06:01 437160 -c--a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 05:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-10-23 04:00 385024 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2004-08-04 12:00 44032 -c--a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 06:13 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
2007-02-08 08:12 488984 -c--a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2007-02-08 08:13 774168 -c--a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-14 06:13 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-14 06:13 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-14 06:13 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QFan Help]
2008-05-06 09:01 594432 ----a-w- c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\CAPCOM\\RESIDENT EVIL 5\\RE5DX9.EXE"=
"c:\\Program Files\\CAPCOM\\RESIDENT EVIL 5\\RE5DX10.EXE"=
"c:\\Program Files\\CAPCOM\\STREETFIGHTERIV\\StreetFighterIV.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\CapnDrake\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17082:TCP"= 17082:TCP:BitComet 17082 TCP
"17082:UDP"= 17082:UDP:BitComet 17082 UDP
"1755:TCP"= 1755:TCP:BitComet 1755 TCP
"1755:UDP"= 1755:UDP:BitComet 1755 UDP
"18491:TCP"= 18491:TCP:BitComet 18491 TCP
"18491:UDP"= 18491:UDP:BitComet 18491 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"8370:TCP"= 8370:TCP:League of Legends Launcher
"8370:UDP"= 8370:UDP:League of Legends Launcher
"6979:TCP"= 6979:TCP:League of Legends Launcher
"6979:UDP"= 6979:UDP:League of Legends Launcher
"6954:TCP"= 6954:TCP:League of Legends Launcher
"6954:UDP"= 6954:UDP:League of Legends Launcher
"6982:TCP"= 6982:TCP:League of Legends Launcher
"6982:UDP"= 6982:UDP:League of Legends Launcher
"14111:TCP"= 14111:TCP:BitComet 14111 TCP
"14111:UDP"= 14111:UDP:BitComet 14111 UDP
"53211:TCP"= 53211:TCP:BitComet 53211 TCP
"53211:UDP"= 53211:UDP:BitComet 53211 UDP
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [8/18/2008 11:13 PM 151592]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9/5/2008 4:29 PM 721904]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10/11/2011 3:53 PM 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/11/2011 3:53 PM 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/11/2011 3:53 PM 20568]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [10/6/2011 7:02 PM 100368]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [1/22/2011 3:05 AM 143936]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [11/23/2009 5:37 PM 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [9/3/2010 11:39 AM 14856]
R3 V0610Afx;Creative Camera VF0610 Audio Effects Driver;c:\windows\system32\drivers\V0610Afx.sys [1/22/2011 3:10 AM 160256]
R3 V0610Vid;Creative Live! Cam Socialize HD Driver;c:\windows\system32\drivers\V0610Vid.sys [1/22/2011 3:10 AM 274624]
S0 d344prt;d344prt;c:\windows\system32\Drivers\d344prt.sys --> c:\windows\system32\Drivers\d344prt.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/12/2010 12:58 PM 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\CAPNDR~1\LOCALS~1\Temp\MNIF.tmp --> c:\docume~1\CAPNDR~1\LOCALS~1\Temp\MNIF.tmp [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [9/1/2008 11:01 PM 13352]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/12/2010 12:58 PM 135664]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [8/2/2005 5:10 PM 32512]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [1/6/2010 5:21 PM 594048]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x32l.sys [12/14/2007 1:10 PM 57344]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x32v.sys [11/23/2007 1:10 PM 20992]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-12 c:\windows\Tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job
- c:\program files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2011-02-04 15:30]
.
2011-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-12 16:58]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-12 16:58]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-413027322-2147027303-1003Core.job
- c:\documents and settings\CapnDrake\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-20 13:19]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-413027322-2147027303-1003UA.job
- c:\documents and settings\CapnDrake\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-20 13:19]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\documents and settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\
FF - prefs.js: browser.search.defaulturl - false
FF - prefs.js: browser.search.selectedEngine - false
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - false
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\beta mozillalol\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firesheep: firesheep@codebutler.com - %profile%\extensions\firesheep@codebutler.com
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.search.defaultenginename - false
FF - user.js: browser.search.defaulturl - false
FF - user.js: browser.search.selectedEngine - false
FF - user.js: keyword.URL - false
FF - user.js: keyword.enabled - true
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Hcarapaximi - c:\windows\rtsxmap.dll
HKCU-Run-SecurityNetman - c:\documents and settings\CapnDrake\Local Settings\Application Data\mciMouseIde\SecurityNetman.dll
HKLM-Run-Jvisuhiqijoyi - c:\windows\egivumej.dll
MSConfigStartUp-Autochartist - c:\program files\Autochartist\Autochartist_CITIFX.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-EverioService - c:\program files\CyberLink\PCM4Everio\EverioService.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-Jvisuhiqijoyi - c:\windows\egivumej.dll
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
MSConfigStartUp-WeatherEye - c:\documents and settings\CapnDrake\Local Settings\Application Data\TheWeatherNetwork\WeatherEye\WeatherEye.exe
AddRemove-Adobe ConnectNow Add-in - c:\documents and settings\CapnDrake\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\acaddin\acaddin.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-11 20:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\CAPNDR~1\LOCALS~1\Temp\MNIF.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-682003330-413027322-2147027303-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:aa,fd,b2,bb,27,ff,74,39,54,6c,e1,a2,24,72,b5,c6,ce,88,a9,3f,ac,f5,ab,
bd,ca,7d,19,1b,56,4f,1a,64,a7,ec,2d,f4,dc,56,2a,9b,44,08,47,d1,29,45,0a,25,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-682003330-413027322-2147027303-1003\Software\SecuROM\License information*]
"datasecu"=hex:a0,39,12,f5,6f,65,0b,36,d6,52,79,cd,f8,57,65,89,0b,d7,00,8b,d8,
4d,cb,55,f0,c4,3d,ed,f1,f9,6a,fc,c6,57,6c,5a,85,75,f9,04,34,4c,14,2a,24,59,\
"rkeysecu"=hex:ad,d2,c1,0a,5e,88,8b,2e,b3,83,e5,7a,f9,73,14,39
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="9794B0DCFB83FD6269D2898DC0FC4996C0C9AF09E62185BD44BB309F887CE61C7B1B98F8C8560C8CB1607AF9A145A975ABE6C53F7AE00C432A65739E1A74ECF3BE6A7741E05089BAF27392C8D6A01FADBB8EE104035721FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA2D97226D213B555A2D97226D213B5557216DA60EA6EECD242F6DD25819F93D3740A5637343C4D6A8760D587BF681F3518CB85D4C03515518A4EC2C86C01A6A3CCE2D8DAD41F3861A30E3E8DBE5821F10847E8748CB5C52496A9318EAE1CC5A78F77C3ECAE3D3365627423AB43CBDF98CE82BC3BF710B4C3149D09F864421E6F289B3F95EEB2073C134116CFA84C60C240299BFB315D3F4074F40EDDAA36861F4DD4584EC4919FBF4AD98E37D059C59DED9B8259E828623E6F2DE665A43075EEF35E7EE5E35F8E5D5FD5E27720E3DBED346FD5CCD46F4272FE761F8F7ADB852C57260701839488946F7ED2777ED19087ADEB59A33026252BDFB7262C555A79B578CE2A14609E667D5B55FEF1D77D74D5BD0E3A7D36B275451689CFE163403380182E83EAB9DDA5BE458EEB7920353D57088605D02B70C23566B9532B5813BB153F509424D2276617950F846F48BAC61D753A2DE4D2AF40025B4ACCD46BD0BD0F37F241B173436D56FA74950DCBC40ECF34400957F6B1C4464470B980D5680A9F910952DC67F0A5E3620D50DC257C3427B5E65298E52F4AB231157E24D53F940A9FB773BDFDDF19B703DD4A3FD50001722E2DA7EC71D0EF89F8D6E38A31AB742778DA36C40B35F960529DFC6863E05C9417490CEE6E387A2236071350AAFAE5E378810DB3660B1EFC8D37455F5526D403AD22E4093777CD68C72A1D68106D4A3E3E6CD2A16CEC7D43354AE480B8C91CC7F2D47DFD2914775B4EFAF4962EB523CDAC1342F9FADB347E0DAB817B1EB88903AC328361A50B258E31E670F657FC9AB7EA207BFA76CE050B1DE1A4541AD69464E23E8A9C92CA29A79A0ECDF5E35E7A3A647284B648AC53D83128BB62C578DD34E2B2876BD9B67B637748AA55ADEA3425489BC495D853A76EDBEE17D0BCE7A4CBBF7A555FE92537907A1D0BAB13A55ADB096209519A9431E46E59EC202164D098CBB6B3DE32E01A931ACAD561770726D85F41017800B2BE6881BF57A4179E6B1FA23D421FAA2A08629042563640FA732645E741EE80EA46BCF12B5285C6BC22F39E948AAFCA3207885BAABCB9596240E4F937C26A98E660B45F5DC0BE5C5AC7C164F975711223C225BDDB9BD3B011334901C761F5474949BA2F49671F89835147D65E509601940AEB3CE4EABC394D929CA0E1DD709026E34C8817EECB03BA59D59E664F2A1E174FA4A20586826A55CAB965055D0CFA07B2FA57"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Hzafob]
"Pwaliqasoqegepa"=hex:32,01,33,03,30,05,3e,07,3a,09,4f,0b,34,0d,37,0f,29,11,53,
13,27,15,50,17,2c,19,23,1b,59,1d,29,1f,62,21,1b,23,14,25,62,27,1b,29,12,2b,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'explorer.exe'(2820)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\Windows Live\Messenger\wlcsdk.exe
.
**************************************************************************
.
Completion time: 2011-10-11 20:25:43 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-12 00:25
.
Pre-Run: 61,031,825,408 bytes free
Post-Run: 61,225,496,576 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - BB9373D0514F066F920DE478F3E927CC

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 10/11/2011 at 20:40:08.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe


Rkill completed on 10/11/2011 at 20:40:16.

my PC seems to be running faster now

OTL logfile created on: 10/12/2011 5:00:08 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\CapnDrake\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 82.30% Memory free
5.09 Gb Paging File | 4.66 Gb Available in Paging File | 91.57% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 244.14 Gb Total Space | 56.79 Gb Free Space | 23.26% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 86.03 Gb Free Space | 57.72% Space Free | Partition Type: NTFS
Drive F: | 1.85 Gb Total Space | 1.53 Gb Free Space | 83.07% Space Free | Partition Type: FAT
Drive G: | 896.29 Mb Total Space | 59.14 Mb Free Space | 6.60% Space Free | Partition Type: FAT32
Drive H: | 221.61 Gb Total Space | 159.89 Gb Free Space | 72.15% Space Free | Partition Type: NTFS

Computer Name: CAPNMORGAN | User Name: CapnDrake | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/12 04:57:55 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CapnDrake\Desktop\OTL.exe
PRC - [2011/09/06 16:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/10/11 10:23:32 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/08/03 10:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2010/08/03 09:44:06 | 000,498,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
PRC - [2010/08/03 09:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2010/08/03 09:42:52 | 000,523,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
PRC - [2010/08/03 09:42:42 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2009/08/05 21:00:00 | 000,024,576 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0610Mon.exe
PRC - [2008/04/14 09:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/12 04:01:54 | 001,596,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101200\algo.dll
MOD - [2011/10/11 14:34:40 | 001,596,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101102\algo.dll
MOD - [2011/10/11 10:44:01 | 000,272,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101200\aswRep.dll
MOD - [2011/10/11 10:44:01 | 000,272,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101102\aswRep.dll
MOD - [2011/09/08 13:20:28 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/03/16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2009/08/10 03:07:46 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\ssp7ml3.dll
MOD - [2009/01/31 19:36:55 | 011,791,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
MOD - [2009/01/31 19:36:48 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll
MOD - [2009/01/31 19:36:38 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
MOD - [2009/01/31 19:36:29 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
MOD - [2009/01/31 15:37:00 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
MOD - [2009/01/31 15:36:56 | 012,428,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll
MOD - [2009/01/31 15:36:48 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll
MOD - [2009/01/31 15:34:06 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2009/01/31 15:17:57 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2008/08/19 02:46:02 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/04/14 09:42:04 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/14 09:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 09:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/06/21 19:22:06 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\dlcclmpm.dll
MOD - [2005/06/06 14:58:38 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\dlcccfg.dll
MOD - [2005/04/01 15:44:16 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 924\dlcccnv4.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/08/13 19:42:00 | 003,432,656 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/02/15 20:28:04 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/02/06 20:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/02/06 20:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2005/08/02 17:18:49 | 000,086,016 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2005/06/21 19:19:38 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/09/08 14:24:14 | 007,180,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/08 16:58:38 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/01/06 17:21:00 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/08/23 21:00:00 | 000,274,624 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0610Vid.sys -- (V0610Vid)
DRV - [2009/08/21 12:33:14 | 000,143,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/04/26 15:36:10 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/03/27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009/03/24 05:53:50 | 000,160,256 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0610Afx.sys -- (V0610Afx)
DRV - [2009/03/21 02:18:08 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009/03/15 06:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/09/01 23:01:45 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008/09/01 23:01:45 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008/08/22 02:52:50 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/07/22 04:01:34 | 000,151,592 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008/04/14 04:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/12/17 05:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007/12/14 13:10:00 | 000,057,344 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x32l.sys -- (SkLaggProtocol)
DRV - [2007/12/06 13:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/11/23 13:10:00 | 000,020,992 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x32v.sys -- (SkVlanProtocol)
DRV - [2007/02/06 20:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/02/06 20:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 20:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/02/03 13:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 13:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/03/17 05:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/08/02 17:10:13 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-682003330-413027322-2147027303-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\CapnDrake\Application Data\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\CapnDrake\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\CapnDrake\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/10/11 15:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/11 01:59:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/11 01:59:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\beta mozillalol\components [2011/10/11 05:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\beta mozillalol\plugins

[2009/05/13 10:22:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Extensions
[2009/05/13 10:22:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2011/10/12 05:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\extensions
[2011/10/12 05:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/10/11 05:12:09 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/01/24 02:03:03 | 000,000,000 | ---D | M] (Firesheep) -- C:\Documents and Settings\CapnDrake\Application Data\Mozilla\Firefox\Profiles\f3ccif8l.default\extensions\firesheep@codebutler.com
[2011/10/11 20:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/24 04:38:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/10/04 23:56:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2008/01/23 02:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\CapnDrake\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\CapnDrake\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U14 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Quake Live (Enabled) = C:\Documents and Settings\All Users.WINDOWS\Application Data\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/11 20:19:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [V0610Mon.exe] C:\WINDOWS\V0610Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-682003330-413027322-2147027303-1003..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-413027322-2147027303-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81ABE42E-3B10-4B0C-B933-D218032B2766}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/22 03:09:28 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/27 19:11:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\Program Files\MpcStar\Codecs\tscc\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/12 04:57:54 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\CapnDrake\Desktop\OTL.exe
[2011/10/11 20:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Skype
[2011/10/11 20:37:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/10/11 19:36:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/11 19:25:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/11 19:25:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/11 19:25:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/11 19:25:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/11 19:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/10/11 19:25:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/11 19:22:58 | 004,255,422 | R--- | C] (Swearware) -- C:\Documents and Settings\CapnDrake\Desktop\ComboFix.exe
[2011/10/11 16:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Desktop\GooredFix Backups
[2011/10/11 15:53:03 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/10/11 15:53:03 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/10/11 15:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2011/10/11 15:53:01 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/10/11 15:53:01 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/10/11 15:53:01 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/10/11 15:53:00 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/10/11 15:53:00 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/10/11 15:52:59 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/10/11 15:52:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/10/11 15:52:50 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/10/11 15:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/11 15:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2011/10/11 15:43:58 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\CapnDrake\Desktop\GooredFix.exe
[2011/10/11 05:11:27 | 000,000,000 | ---D | C] -- C:\beta mozillalol
[2011/10/11 04:02:53 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\CapnDrake\Desktop\dds.scr
[2011/10/11 03:02:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\My Documents\DriverGenius
[2011/10/11 02:35:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Application Data\SharePod
[2011/10/11 02:31:42 | 005,470,720 | ---- | C] (Jeffrey Harris) -- C:\Documents and Settings\CapnDrake\Desktop\SharePod.exe
[2011/10/06 18:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ATI
[2011/10/06 18:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011/10/06 18:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Catalyst Control Center
[2011/10/06 06:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Help
[2011/10/06 06:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Application Data\Help
[2011/10/05 02:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2011/10/05 02:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\World of Warcraft
[2011/09/26 14:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Local Settings\Application Data\WLDM
[2011/09/21 16:34:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Desktop\collision
[2011/09/14 09:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CapnDrake\Local Settings\Application Data\mciMouseIde
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/12 04:57:55 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CapnDrake\Desktop\OTL.exe
[2011/10/12 04:43:00 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/12 04:10:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-413027322-2147027303-1003UA.job
[2011/10/12 03:43:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/11 20:52:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job
[2011/10/11 20:37:23 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\rkill.exe
[2011/10/11 20:19:33 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/11 20:19:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/11 19:36:18 | 000,000,471 | RHS- | M] () -- C:\boot.ini
[2011/10/11 19:23:05 | 004,255,422 | R--- | M] (Swearware) -- C:\Documents and Settings\CapnDrake\Desktop\ComboFix.exe
[2011/10/11 16:10:02 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-413027322-2147027303-1003Core.job
[2011/10/11 15:53:03 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\avast! Free Antivirus.lnk
[2011/10/11 15:53:00 | 000,002,638 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/11 15:43:59 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\CapnDrake\Desktop\GooredFix.exe
[2011/10/11 05:11:29 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/11 05:11:29 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2011/10/11 05:11:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Nlehideduva.bin
[2011/10/11 04:03:02 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\CapnDrake\Desktop\dds.scr
[2011/10/11 04:01:18 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\e90bprdy.exe
[2011/10/11 02:49:19 | 002,180,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/11 02:49:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/11 02:46:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2011/10/11 02:42:35 | 000,007,386 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\SharePodSettings.xml
[2011/10/09 03:10:50 | 000,335,588 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011/10/06 21:03:29 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\World of Warcraft.lnk
[2011/10/06 06:49:58 | 000,000,343 | ---- | M] () -- C:\WINDOWS\goldwave.ini
[2011/10/06 06:49:54 | 000,006,592 | ---- | M] () -- C:\WINDOWS\gwpreset.ini
[2011/10/06 06:49:54 | 000,003,362 | ---- | M] () -- C:\WINDOWS\express.eqx
[2011/10/05 05:38:58 | 000,000,355 | ---- | M] () -- C:\Boot.bak
[2011/10/05 03:35:18 | 000,174,080 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/05 02:11:44 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\Google Chrome.lnk
[2011/10/05 02:11:44 | 000,002,303 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/14 11:47:40 | 000,053,760 | ---- | M] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/09/13 07:34:03 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Ygelimaxe.dat
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/11 20:37:23 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Desktop\rkill.exe
[2011/10/11 19:36:16 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/10/11 19:25:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/11 19:25:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/11 19:25:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/11 19:25:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/11 19:25:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/10/11 15:53:03 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\avast! Free Antivirus.lnk
[2011/10/11 05:11:29 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/11 05:11:29 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2011/10/11 04:01:18 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Desktop\e90bprdy.exe
[2011/10/11 02:37:34 | 000,007,386 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Desktop\SharePodSettings.xml
[2011/10/06 07:07:50 | 000,056,298 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Desktop\Picture 7.jpg
[2011/10/06 06:49:54 | 000,006,592 | ---- | C] () -- C:\WINDOWS\gwpreset.ini
[2011/10/06 06:49:54 | 000,003,362 | ---- | C] () -- C:\WINDOWS\express.eqx
[2011/10/06 06:49:54 | 000,000,343 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2011/10/05 02:54:22 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\World of Warcraft.lnk
[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/08/31 05:20:26 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/26 18:21:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011/08/24 18:27:08 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/08/24 18:27:07 | 000,239,869 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/08/24 18:27:07 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/06/13 04:04:08 | 000,001,405 | ---- | C] () -- C:\WINDOWS\urivasax.dll
[2011/06/12 23:58:28 | 000,001,405 | ---- | C] () -- C:\WINDOWS\ibinodij.dll
[2011/06/01 22:06:23 | 000,001,065 | ---- | C] () -- C:\WINDOWS\uxororohugewu.dll
[2011/06/01 18:01:26 | 000,001,065 | ---- | C] () -- C:\WINDOWS\efixafujahozazoh.dll
[2011/05/01 15:53:28 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ygelimaxe.dat
[2011/05/01 15:53:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Nlehideduva.bin
[2011/02/03 22:01:07 | 000,000,042 | ---- | C] () -- C:\WINDOWS\oodjobd.INI
[2011/02/03 17:23:56 | 000,482,408 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2011/02/03 17:23:37 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ssp7ml3.dll
[2011/01/22 03:07:53 | 000,000,076 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
[2010/10/19 03:13:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Application Data\$_hpcst$.hpc
[2010/03/18 22:07:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010/01/11 11:29:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS69.DLL
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/06/10 06:07:24 | 000,033,258 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2009/05/17 01:59:59 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/17 01:59:59 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/28 15:07:18 | 000,520,267 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2009/04/11 10:54:57 | 000,040,167 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/03/29 19:32:42 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Application Data\PnkBstrK.sys
[2009/03/29 19:32:22 | 002,246,144 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/03/22 01:49:02 | 000,024,890 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2009/01/30 20:59:03 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/01/30 20:59:02 | 000,139,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/01/30 20:58:55 | 000,189,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/10/14 12:21:12 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\dlccserv.dll
[2008/10/14 12:21:12 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\dlccusb1.dll
[2008/10/14 12:21:12 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\dlcchbn3.dll
[2008/10/14 12:21:12 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\dlcccomc.dll
[2008/10/14 12:21:12 | 000,638,976 | ---- | C] () -- C:\WINDOWS\System32\dlccpmui.dll
[2008/10/14 12:21:12 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcccoms.exe
[2008/10/14 12:21:12 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\dlcclmpm.dll
[2008/10/14 12:21:12 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\dlcccomm.dll
[2008/10/14 12:21:12 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\dlccih.exe
[2008/10/14 12:21:12 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.exe
[2008/10/14 12:21:12 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccprox.dll
[2008/10/14 12:21:12 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll
[2008/10/14 12:21:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlccpplc.dll
[2008/10/14 12:21:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll
[2008/10/14 12:21:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll
[2008/10/14 12:21:11 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll
[2008/10/14 12:21:11 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll
[2008/10/14 12:21:11 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll
[2008/10/14 12:21:11 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll
[2008/10/14 12:21:11 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll
[2008/10/14 12:21:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll
[2008/10/14 12:21:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll
[2008/10/05 00:56:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/09/07 22:04:38 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/09/03 02:37:29 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/08/19 01:41:20 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/08/19 00:54:27 | 000,174,080 | ---- | C] () -- C:\Documents and Settings\CapnDrake\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/19 00:20:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/08/19 00:04:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/08/19 00:03:57 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/08/18 23:27:12 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008/08/18 23:27:12 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008/08/18 23:12:00 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/08/18 23:11:47 | 000,039,775 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/08/18 23:11:47 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/08/18 23:01:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/18 22:56:13 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/18 15:41:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/18 15:38:54 | 002,180,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/02/06 20:45:04 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/02/06 20:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2005/08/02 17:24:01 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,435,590 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,068,360 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2008/08/07 21:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2009/04/01 03:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\2DBoy
[2011/10/11 15:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2011/04/11 21:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BioWare
[2011/04/13 21:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BOINC
[2010/07/14 14:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CounterPath
[2009/03/21 02:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DAEMON Tools Pro
[2011/03/26 16:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EA Core
[2011/03/26 16:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Electronic Arts
[2010/01/31 23:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\eSignal
[2011/08/31 05:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hitman Pro
[2011/03/02 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MetaQuotes
[2011/01/22 03:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\muvee Technologies
[2010/02/25 18:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\performance
[2009/04/12 09:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Propellerhead Software
[2008/09/05 16:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SimCity Societies
[2011/09/30 14:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Solidshield
[2008/09/01 21:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
[2008/08/27 06:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Soulseek
[2009/04/27 14:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Stardock
[2011/10/11 20:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2011/05/18 02:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Tunngle
[2011/01/13 03:14:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{ACABC2F9-44A4-4E51-B14F-01A564E7E99E}
[2008/09/09 03:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\.BitTornado
[2011/07/28 18:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\.bsnes
[2010/10/24 04:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\.minecraft
[2008/10/05 11:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Ableton
[2011/02/16 16:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Auslogics
[2009/03/30 17:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Bioshock
[2010/03/03 21:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Bioshock2
[2011/03/01 17:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\CitiBank
[2009/02/16 00:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\com.adobe.ExMan
[2009/02/08 19:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/10/13 14:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
[2010/01/31 23:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\counters
[2009/01/30 09:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Crayon Physics Deluxe
[2008/08/19 00:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\DAEMON Tools
[2009/03/21 02:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\DAEMON Tools Pro
[2008/08/21 04:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Damdai
[2010/12/20 14:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Dexpot
[2011/10/11 03:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\foobar2000
[2011/01/13 03:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\FXTS2
[2011/10/11 02:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\id Software
[2009/03/22 21:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\ImgBurn
[2009/04/14 10:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Juce VST Host
[2009/01/30 20:43:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Leadertech
[2009/09/04 04:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2009/08/14 00:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\LucasArts
[2011/01/26 21:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\muvee Technologies
[2009/04/11 06:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\NetMedia Providers
[2009/04/12 09:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Propellerhead Software
[2009/04/11 06:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Publish Providers
[2011/03/02 04:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\SecondLife
[2011/10/11 02:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\SharePod
[2009/04/12 04:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Sony
[2008/09/01 21:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Sony Setup
[2009/04/12 10:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Steinberg
[2008/09/04 22:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\TigerPlayer
[2008/08/18 23:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\TMP
[2011/05/18 02:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\Tunngle
[2011/10/12 05:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\uTorrent
[2011/02/14 22:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnDrake\Application Data\webex
[2008/08/01 00:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnMorgan\Application Data\Azureus
[2008/08/01 03:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnMorgan\Application Data\DAEMON Tools
[2008/08/18 06:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CapnMorgan\Application Data\TmpRecentIcons
[2011/10/11 20:52:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics BoostSpeed Integrator Start On Windows Logon.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004/08/04 08:00:00 | 000,260,272 | R--- | M] () -- C:\$LDR$
[2011/01/22 03:09:28 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/06/03 22:54:00 | 000,000,656 | ---- | M] () -- C:\BnetLog.txt
[2011/10/05 05:38:58 | 000,000,355 | ---- | M] () -- C:\Boot.bak
[2011/10/11 19:36:18 | 000,000,471 | RHS- | M] () -- C:\boot.ini
[2009/03/24 05:18:07 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2009/04/22 01:28:23 | 000,383,200 | RHS- | M] () -- C:\bootmgr
[2009/05/27 18:49:25 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/10/11 20:25:46 | 000,027,876 | ---- | M] () -- C:\ComboFix.txt
[2008/08/18 22:58:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/13 16:58:44 | 000,055,664 | ---- | M] () -- C:\Copy of ACCStudentShoppingReport.xlsx
[2011/08/12 19:59:56 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2010/11/29 03:27:45 | 000,001,461 | ---- | M] () -- C:\dlcc.log
[2011/10/06 00:41:33 | 000,007,676 | ---- | M] () -- C:\dlccscan.log
[2010/11/01 03:23:59 | 000,000,120 | ---- | M] () -- C:\drmHeader.bin
[2009/03/22 21:12:54 | 000,171,136 | RHS- | M] () -- C:\grldr
[2008/08/18 22:58:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/06 12:39:36 | 000,000,389 | -H-- | M] () -- C:\IPH.PH
[2008/08/18 22:58:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/01/30 23:34:50 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/10/11 20:19:00 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2011/10/11 20:40:16 | 000,000,453 | ---- | M] () -- C:\rkill.log
[2011/01/22 03:10:44 | 000,000,086 | ---- | M] () -- C:\Setup.log
[2008/08/01 01:04:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/08/01 01:31:17 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/08/01 03:49:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2008/08/02 00:10:48 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2008/08/02 00:50:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2008/08/02 22:43:57 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2008/09/16 19:43:03 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/03/15 02:29:37 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2008/08/01 01:04:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/08/01 01:31:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/08/01 03:49:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2008/08/02 00:10:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2008/08/02 00:50:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2008/08/02 22:43:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2008/09/16 19:43:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/03/15 02:29:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010/04/29 02:42:26 | 007,416,754 | ---- | M] () -- C:\Twist.mp3
[2004/08/04 08:00:00 | 000,472,007 | R--- | M] () -- C:\txtsetup.sif

< %systemroot%\Fonts\*.com >
[2006/06/29 18:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/04/18 19:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 18:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 19:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008/10/08 15:52:16 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2004/06/07 07:00:00 | 000,017,920 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD69.DLL
[2004/06/07 07:00:00 | 000,054,272 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP69.DLL
[2005/08/26 11:42:56 | 000,073,728 | ---- | M] (Dell, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlccPP5C.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2009/08/10 03:07:27 | 000,019,968 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ssp7mpc.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/09/06 16:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/10/07 19:26:10 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008/10/05 13:35:16 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2008/10/07 19:26:10 | 017,301,504 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008/10/07 19:26:10 | 004,980,736 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/01/30 23:38:11 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >
[2008/08/18 23:28:53 | 000,006,144 | ---- | M] () -- C:\WINDOWS\system32\SV_SQL3_Config.db
[2008/08/18 23:28:53 | 000,002,048 | ---- | M] () -- C:\WINDOWS\system32\SV_SQL3_Events.db
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/01/30 23:49:58 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\CapnDrake\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/08/18 23:05:54 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/10/11 19:23:05 | 004,255,422 | R--- | M] (Swearware) -- C:\Documents and Settings\CapnDrake\Desktop\ComboFix.exe
[2008/07/11 02:11:00 | 000,260,624 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\Core Temp.exe
[2008/06/30 13:52:00 | 001,425,408 | ---- | M] (CPUID) -- C:\Documents and Settings\CapnDrake\Desktop\cpuz.exe
[2011/10/11 04:01:18 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\e90bprdy.exe
[2011/10/11 15:43:59 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\CapnDrake\Desktop\GooredFix.exe
[2011/10/12 04:57:55 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CapnDrake\Desktop\OTL.exe
[2011/10/11 20:37:23 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\rkill.exe
[2010/11/27 13:19:28 | 005,470,720 | ---- | M] (Jeffrey Harris) -- C:\Documents and Settings\CapnDrake\Desktop\SharePod.exe
[2008/04/01 12:26:22 | 003,380,736 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Desktop\zsnesw.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/01/30 23:49:58 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\CapnDrake\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/10/12 04:55:37 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\CapnDrake\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/14 09:42:40 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
[2006/06/23 02:48:54 | 000,032,768 | R--- | M] (AsusTek Inc.) -- C:\WINDOWS\inf\UpdateUSB.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 09:41:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 04:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 04:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/04/14 09:42:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/14 03:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 09:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/03 03:37:24 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/03 03:37:24 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/03 03:37:26 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 04:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 04:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:07BF512B

< End of report >

OTL Extras logfile created on: 10/12/2011 5:00:08 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\CapnDrake\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 82.30% Memory free
5.09 Gb Paging File | 4.66 Gb Available in Paging File | 91.57% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 244.14 Gb Total Space | 56.79 Gb Free Space | 23.26% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 86.03 Gb Free Space | 57.72% Space Free | Partition Type: NTFS
Drive F: | 1.85 Gb Total Space | 1.53 Gb Free Space | 83.07% Space Free | Partition Type: FAT
Drive G: | 896.29 Mb Total Space | 59.14 Mb Free Space | 6.60% Space Free | Partition Type: FAT32
Drive H: | 221.61 Gb Total Space | 159.89 Gb Free Space | 72.15% Space Free | Partition Type: NTFS

Computer Name: CAPNMORGAN | User Name: CapnDrake | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"17082:TCP" = 17082:TCP:*:Enabled:BitComet 17082 TCP
"17082:UDP" = 17082:UDP:*:Enabled:BitComet 17082 UDP
"1755:TCP" = 1755:TCP:*:Enabled:BitComet 1755 TCP
"1755:UDP" = 1755:UDP:*:Enabled:BitComet 1755 UDP
"18491:TCP" = 18491:TCP:*:Enabled:BitComet 18491 TCP
"18491:UDP" = 18491:UDP:*:Enabled:BitComet 18491 UDP
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher
"8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher
"6979:TCP" = 6979:TCP:*:Enabled:League of Legends Launcher
"6979:UDP" = 6979:UDP:*:Enabled:League of Legends Launcher
"6954:TCP" = 6954:TCP:*:Enabled:League of Legends Launcher
"6954:UDP" = 6954:UDP:*:Enabled:League of Legends Launcher
"6982:TCP" = 6982:TCP:*:Enabled:League of Legends Launcher
"6982:UDP" = 6982:UDP:*:Enabled:League of Legends Launcher
"14111:TCP" = 14111:TCP:*:Enabled:BitComet 14111 TCP
"14111:UDP" = 14111:UDP:*:Enabled:BitComet 14111 UDP
"53211:TCP" = 53211:TCP:*:Enabled:BitComet 53211 TCP
"53211:UDP" = 53211:UDP:*:Enabled:BitComet 53211 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe" = C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe" = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2 -- (Sony Creative Software Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE" = C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9) -- (CAPCOM CO., LTD.)
"C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE" = C:\Program Files\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10) -- (CAPCOM CO., LTD.)
"C:\Program Files\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe" = C:\Program Files\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe:*:Enabled:STREET FIGHTER IV -- (CAPCOM U.S.A., INC.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\CapnDrake\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{08B73C99-D071-488F-8861-5DDA897C510D}" = Belkin Connect Wireless USB Adapter
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 26
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3686B63F-72CD-C0FB-1348-34DB78ADFC9C}" = CCC Help English
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = HotForex MetaTrader 4.00
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{494367EC-82A9-4C0D-A788-74A967998E8C}" = FXCM Trading Station
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4AEA9A23-D627-4699-8A0F-FC474308C2E6}" = Sony Sound Forge 9.0
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{58288FBC-C7E8-FE33-3009-199C219D3363}" = Catalyst Control Center Graphics Previews Common
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Windows Live Device Manager
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68BD9036-0952-4849-AE7A-963BB53EDB71}" = GGPO
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7A351AAA-E651-41B1-89B6-972A676FF78B}" = Marvell Network Configuration Utility
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}" = ACID Pro 7.0
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EB1504E-FD95-4BCD-8E93-B4039F59C469}" = Sony Ericsson Media Manager 1.2
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C12DD140-59B3-B5AB-B602-8A247AF84BD7}" = AMD Catalyst Install Manager
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{EFF5ECCC-20B9-68CE-A95A-A1500E4E0FF8}" = ccc-utility
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA798C4A-FE41-AE67-932F-F00CDAAA7723}" = Catalyst Control Center
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Ableton Live_is1" = Ableton Live v7.0.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"Collab" = Collab
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.14
"Creative Live! Central 2" = Creative Live! Central 2
"Creative VF0610" = Creative Live! Cam Socialize HD (VF0610) (1.00.04.00)
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Dell Photo AIO Printer 924" = Dell Photo AIO Printer 924
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FL Studio 8" = FL Studio 8
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v0.9.6.5
"FXCM Trading Station" = FXCM Trading Station
"Guitar Pro 5_is1" = Guitar Pro 5.2
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}" = Belkin Connect Wireless USB Adapter
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"MpcStar" = MpcStar 3.1
"MSNINST" = MSN
"mv61xxDriver" = marvell 61xx
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera Driver
"Reason4_is1" = Reason 4.0
"Samsung ML-1660 Series" = Maintenance Samsung ML-1660 Series
"Soulseek2" = SoulSeek 157 NS 13c
"Starcraft" = Starcraft
"Steam App 218" = Source SDK Base - Orange Box
"Steam App 500" = Left 4 Dead
"Steinberg Cubase SX v3.1.1.944" = Steinberg Cubase SX v3.1.1.944
"SysInfo" = Creative System Information
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"UnrealTournament" = Unreal Tournament
"Update Service" = Update Service
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VisualRoute Lite Edition" = VisualRoute Lite Edition
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 3.1
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-682003330-413027322-2147027303-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"Trader Workstation" = Trader Workstation
"TWS Demo" = TWS Demo

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/18/2011 2:45:03 AM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application update.exe, version 2.4.0.1070, faulting module
update.exe, version 2.4.0.1070, fault address 0x00041b3d.

Error - 6/6/2011 4:27:49 PM | Computer Name = CAPNMORGAN | Source = Windows Live Messenger | ID = 1000
Description =

Error - 6/7/2011 10:13:19 PM | Computer Name = CAPNMORGAN | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/12/2011 4:33:02 PM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 9.0.0.4503, faulting module
quicktimeaudiosupport.qtx, version 7.6.5.0, fault address 0x001a19d2.

Error - 7/28/2011 6:19:36 PM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application zsnesw.exe, version 0.0.0.0, faulting module
zsnesw.exe, version 0.0.0.0, fault address 0x0021c694.

Error - 9/6/2011 7:11:26 AM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application divx player.exe, version 7.2.0.19, faulting module
atioglxx.dll, version 6.14.10.11005, fault address 0x00cb0be0.

Error - 9/7/2011 2:57:09 AM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4259, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x0000100b.

Error - 9/21/2011 9:48:33 AM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module ad2mpgdmux.dll, version 7.5.0.32179, fault address 0x00010864.

Error - 9/21/2011 9:48:37 AM | Computer Name = CAPNMORGAN | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 10/11/2011 2:31:54 AM | Computer Name = CAPNMORGAN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sharepod.exe, P2 3.9.7.0, P3 4cf1055e, P4 system.windows.forms,
P5 2.0.0.0, P6 4889dee7, P7 1521, P8 17, P9 system.invalidoperationexception, P10
NIL.

[ System Events ]
Error - 10/11/2011 2:50:25 AM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2

Error - 10/11/2011 2:50:25 AM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The SSPORT service failed to start due to the following error: %%2

Error - 10/11/2011 7:25:17 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7034
Description = The PnkBstrB service terminated unexpectedly. It has done this 1
time(s).

Error - 10/11/2011 7:25:40 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/11/2011 7:55:11 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2

Error - 10/11/2011 7:55:11 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The SSPORT service failed to start due to the following error: %%2

Error - 10/11/2011 8:00:35 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/11/2011 8:19:44 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2

Error - 10/11/2011 8:19:44 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7000
Description = The SSPORT service failed to start due to the following error: %%2

Error - 10/11/2011 8:19:44 PM | Computer Name = CAPNMORGAN | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).


< End of report >

The redirects seems to have stopped!! !!!!!!!!!

All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {39B0684F-D7BF-4743-B050-FDC3F48F7E3B}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}\ not found.
Starting removal of ActiveX control {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET5F.tmp deleted successfully.
C:\WINDOWS\System32\SET61.tmp deleted successfully.
C:\WINDOWS\System32\SET65.tmp deleted successfully.
C:\WINDOWS\System32\SET6D.tmp deleted successfully.
C:\WINDOWS\System32\SETB4.tmp deleted successfully.
C:\WINDOWS\003079_.tmp deleted successfully.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET4D.tmp deleted successfully.
C:\WINDOWS\SET4F.tmp deleted successfully.
C:\WINDOWS\SET50.tmp deleted successfully.
C:\WINDOWS\SET51.tmp deleted successfully.
C:\WINDOWS\SET52.tmp deleted successfully.
C:\WINDOWS\SET57.tmp deleted successfully.
C:\WINDOWS\SET5C.tmp deleted successfully.
C:\WINDOWS\SET5E.tmp deleted successfully.
C:\WINDOWS\SET64.tmp deleted successfully.
C:\WINDOWS\SET67.tmp deleted successfully.
C:\WINDOWS\SET6C.tmp deleted successfully.
C:\WINDOWS\SET73.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\Ygelimaxe.dat moved successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:07BF512B deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 317757 bytes
->FireFox cache emptied: 12957612 bytes
->Flash cache emptied: 405 bytes

User: Administrator.CAPNMORGAN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: All Users.WINDOWS

User: CapnDrake
->Temp folder emptied: 40910606 bytes
->Temporary Internet Files folder emptied: 9252818 bytes
->Java cache emptied: 20130 bytes
->FireFox cache emptied: 54819773 bytes
->Google Chrome cache emptied: 22947022 bytes
->Flash cache emptied: 9669 bytes

User: CapnMorgan
->Java cache emptied: 33687 bytes
->FireFox cache emptied: 57645255 bytes
->Flash cache emptied: 1532360 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 65670 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3072 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 191.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.CAPNMORGAN

User: All Users

User: All Users.WINDOWS

User: CapnDrake
->Flash cache emptied: 0 bytes

User: CapnMorgan
->Flash cache emptied: 0 bytes

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY

User: NetworkService

User: NetworkService.NT AUTHORITY

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 10122011_211520

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
avast! Free Antivirus
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner (remove only)
Java(TM) 6 Update 27
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player 10.1.102.64
Adobe Reader 9.1.1
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````

C:\Downloads\Ableton Live 7.0.2\setup.exe probably a variant of Win32/Agent.HKWXFKN trojan deleted - quarantined
C:\Downloads\FruityLoops Studio 8.0 XXL Edition\flstudio_8.0_install.exe probably a variant of Win32/Delf.LQXDKYX trojan deleted - quarantined
C:\Downloads\Sony ACID Pro 7.0 Build 502\Keygen.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\Downloads\Sony ACID Pro 7.0a Build 536\Keygen.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\Downloads\Sony Sound Forge 9.0e Build 441\Keygen.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\Program Files\Ableton\Live 7.0.2\Program\cpv.dll probably a variant of Win32/Agent.HKWXFKN trojan cleaned by deleting - quarantined
C:\Program Files\Image-Line\FL Studio 8\Plugins\Fruity\Generators\Toxic Biohazard\Toxic Biohazard.dll probably a variant of Win32/Delf.LQXDKYX trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\FLV Direct Player\player.swf.vir Win32/Adware.FlvDirect application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\qqstv.bak1.vir Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\qqstv.ini.vir Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\qqstv.ini2.vir Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\qqstv.tmp.vir Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\qqstv.tmp2.vir Win32/Adware.Virtumonde.NEO application cleaned by deleting - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001587.exe probably a variant of Win32/Agent.HKWXFKN trojan deleted - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001588.exe probably a variant of Win32/Delf.LQXDKYX trojan deleted - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001589.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001590.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001591.exe a variant of Win32/Keygen.AR application cleaned by deleting - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001592.dll probably a variant of Win32/Agent.HKWXFKN trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{1BFFBDF8-6F08-4E81-AF05-B6830AE72B83}\RP3\A0001593.dll probably a variant of Win32/Delf.LQXDKYX trojan cleaned by deleting - quarantined

done and done

MY COMPUTER IS RUNNING GREAT NOW!!! better than it ever was