Inactive (new TDL4) Keylogged & IE with a mind of its own

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by gamers at 2011-12-02 19:53:22
Running from C:\Users\gamers\Desktop
(X86) OS Language: English(US)
Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.

========================== Registry (Whitelisted) =============

HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2008-06-09] (Hewlett-Packard Company)
HKLM\...\Winlogon: [Userinit] [x]
HKLM\...\Winlogon: [Shell]

================================ Services (Whitelisted) ==================


========================== Drivers (Whitelisted) =============


========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-12-02 19:52 - 2011-12-02 19:52 - 0858348 ____A C:\Users\gamers\Desktop\FRST.exe
2011-12-01 20:38 - 2009-07-13 18:12 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-01 20:30 - 2011-12-02 19:49 - 0000000 ___SD C:\Yourname
2011-12-01 19:49 - 2011-12-01 19:49 - 0000000 ____A C:\Users\gamers\Desktop\New Text Document.txt
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\Users\All Users\AMMYY
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\ProgramData\AMMYY
2011-12-01 01:29 - 2011-12-01 01:29 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\gamers\Desktop\tdsskiller.exe
2011-11-30 19:44 - 2011-11-30 19:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-29 21:52 - 2011-12-01 20:28 - 4324789 ____R (Swearware) C:\Users\gamers\Desktop\Yourname.exe
2011-11-29 03:53 - 2011-06-26 01:45 - 0256000 ____A C:\Windows\PEV.exe
2011-11-29 03:53 - 2010-11-07 12:20 - 0208896 ____A C:\Windows\MBR.exe
2011-11-29 03:53 - 2009-04-19 23:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0098816 ____A C:\Windows\sed.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0080412 ____A C:\Windows\grep.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0068096 ____A C:\Windows\zip.exe
2011-11-29 03:52 - 2011-11-29 03:52 - 0000000 ____D C:\Windows\ERDNT
2011-11-29 03:46 - 2011-11-29 03:52 - 0000000 ____D C:\Qoobox
2011-11-29 01:38 - 2011-11-29 01:38 - 0160160 ____A C:\Windows\Minidump\112911-24679-01.dmp
2011-11-28 16:48 - 2011-11-29 01:38 - 311721516 ____A C:\Windows\MEMORY.DMP
2011-11-28 16:48 - 2011-11-29 01:38 - 0000000 ____D C:\Windows\Minidump
2011-11-28 16:48 - 2011-11-28 16:48 - 0160112 ____A C:\Windows\Minidump\112811-24133-01.dmp
2011-11-28 06:44 - 2011-11-28 10:03 - 0052018 ____A C:\Users\gamers\Desktop\bootkit_remover_debug_log.txt
2011-11-24 14:45 - 2011-11-24 14:45 - 1916416 ____A (AVAST Software) C:\Users\gamers\Desktop\aswMBR.exe
2011-11-24 14:44 - 2011-12-01 01:35 - 0000357 ____A C:\rkill.log
2011-11-24 14:43 - 2011-11-24 14:43 - 1008092 ____A C:\Users\gamers\Desktop\rkill.com
2011-11-24 14:27 - 2011-12-02 19:49 - 0017838 ____A C:\Windows\PFRO.log
2011-11-24 14:19 - 2011-11-24 14:19 - 9130808 ____A (OPSWAT, Inc.) C:\Users\gamers\Downloads\AppRemover.exe
2011-11-23 16:08 - 2011-12-02 19:49 - 0002184 ____A C:\Windows\setupact.log
2011-11-23 16:08 - 2011-11-23 16:08 - 0000000 ____A C:\Windows\setuperr.log
2011-11-23 13:38 - 2011-11-23 13:38 - 0035561 ____A C:\Users\gamers\Documents\DDSlog2.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0019191 ____A C:\Users\gamers\Documents\DDSlog1.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0004413 ____A C:\Users\gamers\Documents\GMERlog.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0000909 ____A C:\Users\gamers\Documents\MBLog.txt
2011-11-23 13:21 - 2011-11-23 13:21 - 0004415 ____A C:\Users\gamers\Desktop\GMER.log
2011-11-23 12:11 - 2011-11-23 12:11 - 0000000 ____D C:\Program Files\somototoolbar
2011-11-23 12:10 - 2011-11-23 12:10 - 1785905 ____A C:\Users\gamers\Downloads\TempFileCleaner_3.1.1_Setup.exe
2011-11-23 12:10 - 2011-11-23 12:10 - 0001047 ____A C:\Users\gamers\Desktop\Temp File Cleaner.lnk
2011-11-23 12:10 - 2011-11-23 12:10 - 0000000 ____D C:\Program Files\Temp File Cleaner
2011-11-23 12:09 - 2011-11-23 12:09 - 0463080 ____A (CNET Download.com) C:\Users\gamers\Downloads\cnet_TempFileCleaner_3_1_1_Setup_exe.exe
2011-11-23 07:29 - 2011-11-23 07:36 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG
2011-11-23 07:28 - 2011-11-23 07:28 - 8143920 ____A (AVG ) C:\Users\gamers\Downloads\avg_pct_stf_all_2012_26_c5.exe
2011-11-23 06:58 - 2011-11-23 06:57 - 0607260 ____R (Swearware) C:\Users\gamers\Desktop\dds.scr
2011-11-23 06:58 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Desktop\u6gx0ld6.exe
2011-11-23 06:57 - 2011-11-23 06:58 - 0607260 ____A (Swearware) C:\Users\gamers\Downloads\dds.scr
2011-11-23 06:56 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Downloads\u6gx0ld6.exe
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-23 06:42 - 2011-11-23 06:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\QuickScan
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\Users\All Users\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\ProgramData\boost_interprocess
2011-11-23 06:37 - 2011-11-23 06:39 - 102896192 ____A C:\Users\gamers\Downloads\setup_11.0.0.1245.x01_2011_11_23_14_01.exe
2011-11-23 06:27 - 2011-11-23 15:29 - 0011513 ____A C:\Users\gamers\Documents\hijackthis.log
2011-11-23 06:02 - 2011-11-23 06:02 - 0002969 ____A C:\Users\gamers\Desktop\HiJackThis.lnk
2011-11-23 06:02 - 2011-11-23 06:02 - 0000000 ____D C:\Program Files\Trend Micro
2011-11-23 06:01 - 2011-11-23 06:01 - 1402880 ____A C:\Users\gamers\Downloads\HijackThis.msi
2011-11-21 18:09 - 2011-11-23 06:06 - 0002378 ____A C:\Users\gamers\Documents\Kill Box Instructions.txt
2011-11-21 18:09 - 2011-11-21 18:09 - 0092672 ____A (Option^Explicit Software vbtechcd@gmail.com) C:\Users\gamers\Downloads\KillBox.exe
2011-11-21 17:57 - 2011-11-21 17:57 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:57 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 17:56 - 2011-11-21 17:56 - 9852544 ____A (Malwarebytes Corporation ) C:\Users\gamers\Downloads\mbam-setup-1.51.2.1300.exe
2011-11-21 17:56 - 2011-11-21 17:56 - 0001071 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-20 09:17 - 2011-11-20 09:17 - 0000000 ___HD C:\$AVG
2011-11-20 08:42 - 2011-11-20 08:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG2012
2011-11-20 08:40 - 2011-11-24 14:27 - 0000000 ____D C:\Users\All Users\AVG2012
2011-11-20 08:40 - 2011-11-24 14:27 - 0000000 ____D C:\ProgramData\AVG2012
2011-11-20 08:37 - 2011-11-24 14:25 - 0000000 ____D C:\Users\All Users\MFAData
2011-11-20 08:37 - 2011-11-24 14:25 - 0000000 ____D C:\ProgramData\MFAData
2011-11-20 08:29 - 2011-11-20 08:29 - 3903528 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stb_en_2012_1872_free.exe
2011-11-20 08:18 - 2011-11-20 08:21 - 0000000 ____D C:\Program Files\Eusing Free Registry Cleaner
2011-11-20 08:18 - 2011-11-20 08:18 - 0001027 ____A C:\Users\gamers\Desktop\Eusing Free Registry Cleaner.lnk
2011-11-20 08:17 - 2011-11-20 08:17 - 0977520 ____A C:\Users\gamers\Downloads\EFRCSetup.exe
2011-11-19 06:13 - 2011-11-24 14:27 - 0000000 ____D C:\Program Files\AVG
2011-11-19 06:06 - 2011-11-19 06:08 - 93393016 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stf_en_90_851a3009.exe
2011-11-19 05:59 - 2011-11-19 05:59 - 0000027 ____A C:\Windows\System32\MPFServiceFailureCount.txt
2011-11-19 05:33 - 2011-11-19 09:18 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-11-19 05:33 - 2011-11-19 09:18 - 0000000 ____D C:\ProgramData\AVAST Software
2011-11-19 05:33 - 2011-11-19 05:33 - 0000000 ____D C:\Program Files\AVAST Software
2011-11-19 04:17 - 2011-11-19 04:17 - 0000000 ____D C:\Users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
2011-11-19 03:59 - 2011-11-19 03:59 - 0000000 ____D C:\Users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
2011-11-19 03:10 - 2011-11-19 04:30 - 0000000 ____D C:\Users\gamers\AppData\Roaming\B424F
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\wcccS11ivD
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\kttxxP0uuS1
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\FiiibFF3pnGa
2011-11-18 15:24 - 2011-11-18 15:34 - 0000304 ____A C:\Users\All Users\~MqGNiCX5Sv6EsH
2011-11-18 15:24 - 2011-11-18 15:34 - 0000304 ____A C:\ProgramData\~MqGNiCX5Sv6EsH
2011-11-18 15:24 - 2011-11-18 15:34 - 0000232 ____A C:\Users\All Users\~MqGNiCX5Sv6EsHr
2011-11-18 15:24 - 2011-11-18 15:34 - 0000232 ____A C:\ProgramData\~MqGNiCX5Sv6EsHr
2011-11-18 15:23 - 2011-11-18 15:32 - 0000448 ____A C:\Users\All Users\MqGNiCX5Sv6EsH
2011-11-18 15:23 - 2011-11-18 15:32 - 0000448 ____A C:\ProgramData\MqGNiCX5Sv6EsH
2011-11-18 12:47 - 2011-11-18 12:47 - 1063703 ___AH C:\Users\gamers\Documents\Shadow Sabres Notes - Big D.docx
2011-11-16 13:30 - 2011-11-16 13:30 - 0397472 ____A () C:\Users\gamers\Downloads\FXAA_PPI_Automatic_Installer-131-1-2.exe
2011-11-16 13:20 - 2011-11-29 01:41 - 0000000 ___HD C:\Users\gamers\Documents\Nexus Mod Manager
2011-11-16 13:20 - 2011-11-23 16:36 - 0001047 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2011-11-16 13:20 - 2011-11-23 16:36 - 0000000 ____D C:\Program Files\Nexus Mod Manager
2011-11-16 13:20 - 2011-11-19 04:28 - 0000000 ____D C:\Users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-16 13:20 - 2011-11-16 13:20 - 2286434 ____A (Black Tree Gaming ) C:\Users\gamers\Downloads\Nexus Mod Manager-0.12.2.exe
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\Users\All Users\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\ProgramData\NCH Software
2011-11-14 12:26 - 2011-11-14 12:26 - 0000637 ___AH C:\Users\gamers\Documents\Bob's Burgers.xspf
2011-11-10 16:28 - 2011-11-10 16:28 - 0001624 ____A C:\Users\gamers\Desktop\The Elder Scrolls Skyrim.lnk
2011-11-10 16:16 - 2011-11-10 16:16 - 0000000 ___HD C:\Users\gamers\AppData\Local\Skyrim
2011-11-10 15:50 - 2011-11-29 01:40 - 0000000 ____D C:\Program Files\The Elder Scrolls V Skyrim
2011-11-10 15:48 - 2011-11-10 15:49 - 21386221 ___AH C:\Users\gamers\Downloads\rzr-skrm.rar
2011-11-10 15:45 - 2011-11-19 04:31 - 0000000 ____D C:\Elder Scrolls
2011-11-10 15:39 - 2011-11-10 15:40 - 6685523 ___AH C:\Users\gamers\Downloads\SkyUPDATERAZOR.rar
2011-11-10 15:39 - 2011-11-10 15:39 - 0752882 ___AH C:\Users\gamers\Downloads\insta.rar
2011-11-09 12:35 - 2011-11-09 12:35 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk


============ 3 Months Modified Files and Folders ===============

2011-12-02 19:53 - 2011-12-02 19:53 - 0000000 ____D C:\FRST
2011-12-02 19:52 - 2011-12-02 19:52 - 0858348 ____A C:\Users\gamers\Desktop\FRST.exe
2011-12-02 19:50 - 2010-12-16 02:45 - 0000000 ____D C:\Program Files\Steam
2011-12-02 19:49 - 2011-12-01 20:30 - 0000000 ___SD C:\Yourname
2011-12-02 19:49 - 2011-11-24 14:27 - 0017838 ____A C:\Windows\PFRO.log
2011-12-02 19:49 - 2011-11-23 16:08 - 0002184 ____A C:\Windows\setupact.log
2011-12-02 19:49 - 2010-11-03 18:58 - 2415566848 __ASH C:\hiberfil.sys
2011-12-02 19:49 - 2009-07-13 23:53 - 0032556 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-12-02 19:49 - 2009-07-13 23:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-12-01 20:37 - 2009-07-13 21:37 - 0000000 ___DC C:\Windows\$NtUninstallKB49674$
2011-12-01 20:33 - 2010-11-03 19:01 - 1809242 ____A C:\Windows\WindowsUpdate.log
2011-12-01 20:28 - 2011-11-29 21:52 - 4324789 ____R (Swearware) C:\Users\gamers\Desktop\Yourname.exe
2011-12-01 20:10 - 2011-04-22 14:09 - 0000000 ____D C:\Users\All Users\MediaMall
2011-12-01 20:10 - 2011-04-22 14:09 - 0000000 ____D C:\ProgramData\MediaMall
2011-12-01 20:10 - 2010-11-09 21:20 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-12-01 19:58 - 2009-07-13 23:34 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-12-01 19:58 - 2009-07-13 23:34 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-12-01 19:55 - 2010-11-09 21:20 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-12-01 19:49 - 2011-12-01 19:49 - 0000000 ____A C:\Users\gamers\Desktop\New Text Document.txt
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\Users\All Users\AMMYY
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\ProgramData\AMMYY
2011-12-01 01:38 - 2011-02-16 14:00 - 1775562 ____A C:\Windows\ntbtlog.txt
2011-12-01 01:35 - 2011-11-24 14:44 - 0000357 ____A C:\rkill.log
2011-12-01 01:29 - 2011-12-01 01:29 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\gamers\Desktop\tdsskiller.exe
2011-11-30 21:04 - 2011-08-10 19:38 - 0000000 ____D C:\Users\gamers\.frostwire5
2011-11-30 20:11 - 2010-11-09 21:20 - 0000000 ___HD C:\Users\gamers\AppData\Local\Google
2011-11-30 19:44 - 2011-11-30 19:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-30 19:44 - 2010-12-23 03:38 - 0000000 ____D C:\Users\gamers\AppData\Local\Apps\2.0
2011-11-30 15:47 - 2009-07-13 21:04 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2011-11-29 03:56 - 2009-07-13 21:37 - 0000000 ___RD C:\users\Public
2011-11-29 03:52 - 2011-11-29 03:52 - 0000000 ____D C:\Windows\ERDNT
2011-11-29 03:52 - 2011-11-29 03:46 - 0000000 ____D C:\Qoobox
2011-11-29 01:41 - 2011-11-16 13:20 - 0000000 ___HD C:\Users\gamers\Documents\Nexus Mod Manager
2011-11-29 01:40 - 2011-11-10 15:50 - 0000000 ____D C:\Program Files\The Elder Scrolls V Skyrim
2011-11-29 01:38 - 2011-11-29 01:38 - 0160160 ____A C:\Windows\Minidump\112911-24679-01.dmp
2011-11-29 01:38 - 2011-11-28 16:48 - 311721516 ____A C:\Windows\MEMORY.DMP
2011-11-29 01:38 - 2011-11-28 16:48 - 0000000 ____D C:\Windows\Minidump
2011-11-28 18:46 - 2011-02-16 16:32 - 0000000 ____D C:\Users\gamers\AppData\Roaming\SoftGrid Client
2011-11-28 16:48 - 2011-11-28 16:48 - 0160112 ____A C:\Windows\Minidump\112811-24133-01.dmp
2011-11-28 10:03 - 2011-11-28 06:44 - 0052018 ____A C:\Users\gamers\Desktop\bootkit_remover_debug_log.txt
2011-11-28 08:39 - 2011-07-05 19:18 - 0000000 ____D C:\Users\gamers\AppData\Roaming\RIFT
2011-11-28 08:39 - 2010-12-26 11:46 - 0000000 __SHD C:\Config.Msi
2011-11-28 08:39 - 2010-11-03 17:16 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-11-24 14:45 - 2011-11-24 14:45 - 1916416 ____A (AVAST Software) C:\Users\gamers\Desktop\aswMBR.exe
2011-11-24 14:43 - 2011-11-24 14:43 - 1008092 ____A C:\Users\gamers\Desktop\rkill.com
2011-11-24 14:27 - 2011-11-20 08:40 - 0000000 ____D C:\Users\All Users\AVG2012
2011-11-24 14:27 - 2011-11-20 08:40 - 0000000 ____D C:\ProgramData\AVG2012
2011-11-24 14:27 - 2011-11-19 06:13 - 0000000 ____D C:\Program Files\AVG
2011-11-24 14:25 - 2011-11-20 08:37 - 0000000 ____D C:\Users\All Users\MFAData
2011-11-24 14:25 - 2011-11-20 08:37 - 0000000 ____D C:\ProgramData\MFAData
2011-11-24 14:19 - 2011-11-24 14:19 - 9130808 ____A (OPSWAT, Inc.) C:\Users\gamers\Downloads\AppRemover.exe
2011-11-23 16:36 - 2011-11-16 13:20 - 0001047 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2011-11-23 16:36 - 2011-11-16 13:20 - 0000000 ____D C:\Program Files\Nexus Mod Manager
2011-11-23 16:08 - 2011-11-23 16:08 - 0000000 ____A C:\Windows\setuperr.log
2011-11-23 15:29 - 2011-11-23 06:27 - 0011513 ____A C:\Users\gamers\Documents\hijackthis.log
2011-11-23 15:27 - 2010-11-03 16:08 - 0000000 ____D C:\Users\gamers\AppData\Local\VirtualStore
2011-11-23 13:38 - 2011-11-23 13:38 - 0035561 ____A C:\Users\gamers\Documents\DDSlog2.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0019191 ____A C:\Users\gamers\Documents\DDSlog1.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0004413 ____A C:\Users\gamers\Documents\GMERlog.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0000909 ____A C:\Users\gamers\Documents\MBLog.txt
2011-11-23 13:21 - 2011-11-23 13:21 - 0004415 ____A C:\Users\gamers\Desktop\GMER.log
2011-11-23 12:13 - 2010-11-06 00:46 - 0000000 ___HD C:\Users\gamers\AppData\Roaming\Macromedia
2011-11-23 12:13 - 2010-11-03 16:08 - 0000000 ____D C:\Users\gamers\AppData\LocalLow
2011-11-23 12:12 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\security
2011-11-23 12:11 - 2011-11-23 12:11 - 0000000 ____D C:\Program Files\somototoolbar
2011-11-23 12:10 - 2011-11-23 12:10 - 1785905 ____A C:\Users\gamers\Downloads\TempFileCleaner_3.1.1_Setup.exe
2011-11-23 12:10 - 2011-11-23 12:10 - 0001047 ____A C:\Users\gamers\Desktop\Temp File Cleaner.lnk
2011-11-23 12:10 - 2011-11-23 12:10 - 0000000 ____D C:\Program Files\Temp File Cleaner
2011-11-23 12:09 - 2011-11-23 12:09 - 0463080 ____A (CNET Download.com) C:\Users\gamers\Downloads\cnet_TempFileCleaner_3_1_1_Setup_exe.exe
2011-11-23 07:43 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\config\TxR
2011-11-23 07:41 - 2009-07-13 23:52 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-11-23 07:36 - 2011-11-23 07:29 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG
2011-11-23 07:28 - 2011-11-23 07:28 - 8143920 ____A (AVG ) C:\Users\gamers\Downloads\avg_pct_stf_all_2012_26_c5.exe
2011-11-23 06:58 - 2011-11-23 06:57 - 0607260 ____A (Swearware) C:\Users\gamers\Downloads\dds.scr
2011-11-23 06:57 - 2011-11-23 06:58 - 0607260 ____R (Swearware) C:\Users\gamers\Desktop\dds.scr
2011-11-23 06:56 - 2011-11-23 06:58 - 0302592 ____A C:\Users\gamers\Desktop\u6gx0ld6.exe
2011-11-23 06:56 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Downloads\u6gx0ld6.exe
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-23 06:42 - 2011-11-23 06:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\QuickScan
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\Users\All Users\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\ProgramData\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:37 - 102896192 ____A C:\Users\gamers\Downloads\setup_11.0.0.1245.x01_2011_11_23_14_01.exe
2011-11-23 06:06 - 2011-11-21 18:09 - 0002378 ____A C:\Users\gamers\Documents\Kill Box Instructions.txt
2011-11-23 06:02 - 2011-11-23 06:02 - 0002969 ____A C:\Users\gamers\Desktop\HiJackThis.lnk
2011-11-23 06:02 - 2011-11-23 06:02 - 0000000 ____D C:\Program Files\Trend Micro
2011-11-23 06:01 - 2011-11-23 06:01 - 1402880 ____A C:\Users\gamers\Downloads\HijackThis.msi
2011-11-23 05:51 - 2010-11-06 16:07 - 0000000 ___HD C:\Users\gamers\AppData\Roaming\BitComet
2011-11-21 23:53 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\Cursors
2011-11-21 18:09 - 2011-11-21 18:09 - 0092672 ____A (Option^Explicit Software vbtechcd@gmail.com) C:\Users\gamers\Downloads\KillBox.exe
2011-11-21 17:57 - 2011-11-21 17:57 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 17:57 - 2011-11-21 17:56 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 17:56 - 2011-11-21 17:56 - 9852544 ____A (Malwarebytes Corporation ) C:\Users\gamers\Downloads\mbam-setup-1.51.2.1300.exe
2011-11-21 17:56 - 2011-11-21 17:56 - 0001071 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-20 09:17 - 2011-11-20 09:17 - 0000000 ___HD C:\$AVG
2011-11-20 08:42 - 2011-11-20 08:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG2012
2011-11-20 08:29 - 2011-11-20 08:29 - 3903528 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stb_en_2012_1872_free.exe
2011-11-20 08:21 - 2011-11-20 08:18 - 0000000 ____D C:\Program Files\Eusing Free Registry Cleaner
2011-11-20 08:18 - 2011-11-20 08:18 - 0001027 ____A C:\Users\gamers\Desktop\Eusing Free Registry Cleaner.lnk
2011-11-20 08:17 - 2011-11-20 08:17 - 0977520 ____A C:\Users\gamers\Downloads\EFRCSetup.exe
2011-11-19 20:07 - 2011-09-28 14:47 - 0000000 ___HD C:\Users\gamers\AppData\Local\dxhr
2011-11-19 14:28 - 2010-12-16 02:45 - 0000000 ____D C:\Program Files\Common Files\Steam
2011-11-19 09:18 - 2011-11-19 05:33 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-11-19 09:18 - 2011-11-19 05:33 - 0000000 ____D C:\ProgramData\AVAST Software
2011-11-19 06:23 - 2010-11-03 16:12 - 0714754 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-19 06:19 - 2011-03-30 13:23 - 0000000 ____D C:\Program Files\Midnight Club 2
2011-11-19 06:17 - 2011-03-07 09:40 - 0000000 ____D C:\Users\All Users\McAfee
2011-11-19 06:17 - 2011-03-07 09:40 - 0000000 ____D C:\ProgramData\McAfee
2011-11-19 06:08 - 2011-11-19 06:06 - 93393016 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stf_en_90_851a3009.exe
2011-11-19 05:59 - 2011-11-19 05:59 - 0000027 ____A C:\Windows\System32\MPFServiceFailureCount.txt
2011-11-19 05:33 - 2011-11-19 05:33 - 0000000 ____D C:\Program Files\AVAST Software
2011-11-19 05:33 - 2009-07-13 21:04 - 0002577 ____A C:\Windows\System32\config.nt
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\Users\All Users\Alwil Software
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\ProgramData\Alwil Software
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\Program Files\Alwil Software
2011-11-19 04:59 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\DriverStore
2011-11-19 04:33 - 2010-11-03 16:08 - 0000000 ____D C:\users\gamers
2011-11-19 04:32 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\wfp
2011-11-19 04:31 - 2011-11-10 15:45 - 0000000 ____D C:\Elder Scrolls
2011-11-19 04:31 - 2011-10-15 18:58 - 0000000 ____D C:\Users\gamers\AppData\Local\Top_Producer_Systems_Inc
2011-11-19 04:31 - 2011-10-14 18:13 - 0000000 ____D C:\Users\gamers\AppData\Local\Conduit
2011-11-19 04:31 - 2011-09-25 15:27 - 0000000 ____D C:\Users\gamers\AppData\Local\LogMeIn Hamachi
2011-11-19 04:31 - 2011-08-12 10:29 - 0000000 ___AD C:\Users\gamers\Desktop\plugins
2011-11-19 04:31 - 2011-08-12 10:28 - 0000000 ___AD C:\Users\gamers\plugins
2011-11-19 04:31 - 2011-06-25 13:24 - 0000000 ____D C:\Users\gamers\Desktop\Comcast Essentials
2011-11-19 04:31 - 2011-03-30 16:26 - 0000000 ____D C:\Users\gamers\AppData\Roaming\NCH Software
2011-11-19 04:31 - 2011-03-22 00:53 - 0000000 ____D C:\Users\gamers\Documents\Blood Omen 2
2011-11-19 04:31 - 2011-03-20 18:11 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2011-11-19 04:31 - 2010-12-26 11:50 - 0000000 ____D C:\Program Files\WinZip
2011-11-19 04:31 - 2010-12-18 17:34 - 0000000 ____D C:\Users\gamers\AppData\Local\FOMM
2011-11-19 04:31 - 2010-11-30 22:39 - 0000000 ____D C:\Users\gamers\AppData\Roaming\uTorrent
2011-11-19 04:31 - 2010-11-30 22:28 - 0000000 ____D C:\Users\gamers\AppData\Roaming\vlc
2011-11-19 04:31 - 2010-11-23 18:57 - 0000000 ____D C:\Program Files\Mozilla Firefox
2011-11-19 04:31 - 2010-11-11 12:07 - 0000000 ____D C:\Users\gamers\AppData\Local\SupportSoft
2011-11-19 04:31 - 2010-11-09 23:19 - 0000000 ____D C:\Users\gamers\Desktop\FFXIV JUNK
2011-11-19 04:31 - 2010-11-05 16:33 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Ventrilo
2011-11-19 04:31 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\AppCompat
2011-11-19 04:30 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\B424F
2011-11-19 04:30 - 2011-02-01 10:32 - 0000000 ____D C:\DeadSpace
2011-11-19 04:30 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\registration
2011-11-19 04:29 - 2011-08-10 19:39 - 0000000 ____D C:\Users\gamers\FrostWire
2011-11-19 04:29 - 2011-06-24 05:55 - 0000000 ____D C:\Users\gamers\Documents\Witcher 2
2011-11-19 04:29 - 2011-03-31 12:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\TuneUp Software
2011-11-19 04:29 - 2011-03-08 21:31 - 0000000 ____D C:\Users\gamers\Desktop\Dragon Age 2
2011-11-19 04:29 - 2011-02-18 06:30 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Nero
2011-11-19 04:29 - 2011-02-05 00:16 - 0000000 ____D C:\Users\gamers\Documents\BioWare
2011-11-19 04:29 - 2010-11-23 18:58 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Mozilla
2011-11-19 04:29 - 2010-11-04 16:17 - 0000000 ____D C:\Users\gamers\Documents\My Games
2011-11-19 04:28 - 2011-11-16 13:20 - 0000000 ____D C:\Users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-19 04:28 - 2010-11-06 00:46 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Adobe
2011-11-19 04:27 - 2011-03-09 01:02 - 0000000 ____D C:\Users\All Users\Electronic Arts
2011-11-19 04:27 - 2011-03-09 01:02 - 0000000 ____D C:\ProgramData\Electronic Arts
2011-11-19 04:17 - 2011-11-19 04:17 - 0000000 ____D C:\Users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
2011-11-19 03:59 - 2011-11-19 03:59 - 0000000 ____D C:\Users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\wcccS11ivD
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\kttxxP0uuS1
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\FiiibFF3pnGa
2011-11-18 15:34 - 2011-11-18 15:24 - 0000304 ____A C:\Users\All Users\~MqGNiCX5Sv6EsH
2011-11-18 15:34 - 2011-11-18 15:24 - 0000304 ____A C:\ProgramData\~MqGNiCX5Sv6EsH
2011-11-18 15:34 - 2011-11-18 15:24 - 0000232 ____A C:\Users\All Users\~MqGNiCX5Sv6EsHr
2011-11-18 15:34 - 2011-11-18 15:24 - 0000232 ____A C:\ProgramData\~MqGNiCX5Sv6EsHr
2011-11-18 15:32 - 2011-11-18 15:23 - 0000448 ____A C:\Users\All Users\MqGNiCX5Sv6EsH
2011-11-18 15:32 - 2011-11-18 15:23 - 0000448 ____A C:\ProgramData\MqGNiCX5Sv6EsH
2011-11-18 12:47 - 2011-11-18 12:47 - 1063703 ___AH C:\Users\gamers\Documents\Shadow Sabres Notes - Big D.docx
2011-11-18 11:55 - 2010-12-23 03:38 - 0000000 ___HD C:\Users\gamers\AppData\Local\Deployment
2011-11-16 13:30 - 2011-11-16 13:30 - 0397472 ____A () C:\Users\gamers\Downloads\FXAA_PPI_Automatic_Installer-131-1-2.exe
2011-11-16 13:21 - 2010-12-18 17:36 - 0000000 ____D C:\Games
2011-11-16 13:20 - 2011-11-16 13:20 - 2286434 ____A (Black Tree Gaming ) C:\Users\gamers\Downloads\Nexus Mod Manager-0.12.2.exe
2011-11-15 17:47 - 2011-03-30 16:25 - 0000000 ____D C:\Program Files\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\Users\All Users\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\ProgramData\NCH Software
2011-11-14 12:26 - 2011-11-14 12:26 - 0000637 ___AH C:\Users\gamers\Documents\Bob's Burgers.xspf
2011-11-10 16:28 - 2011-11-10 16:28 - 0001624 ____A C:\Users\gamers\Desktop\The Elder Scrolls Skyrim.lnk
2011-11-10 16:16 - 2011-11-10 16:16 - 0000000 ___HD C:\Users\gamers\AppData\Local\Skyrim
2011-11-10 15:49 - 2011-11-10 15:48 - 21386221 ___AH C:\Users\gamers\Downloads\rzr-skrm.rar
2011-11-10 15:40 - 2011-11-10 15:39 - 6685523 ___AH C:\Users\gamers\Downloads\SkyUPDATERAZOR.rar
2011-11-10 15:39 - 2011-11-10 15:39 - 0752882 ___AH C:\Users\gamers\Downloads\insta.rar
2011-11-09 13:21 - 2011-08-10 19:37 - 0000000 ____D C:\Program Files\FrostWire 5
2011-11-09 13:21 - 2011-01-18 11:19 - 0000000 ____D C:\Program Files\iTunes
2011-11-09 12:35 - 2011-11-09 12:35 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-11-09 12:33 - 2010-11-30 22:39 - 0000000 ____D C:\Program Files\uTorrentBar
2011-11-02 08:15 - 2011-01-03 22:12 - 0000000 ___HD C:\Users\gamers\AppData\Local\ElevatedDiagnostics
2011-10-30 08:29 - 2011-08-12 10:29 - 0000000 ___HD C:\Users\gamers\Desktop\screenshots
2011-10-30 03:00 - 2011-10-30 03:00 - 0000736 ___AH C:\Users\gamers\Documents\Smn skill up.txt
2011-10-16 07:54 - 2010-11-06 16:07 - 0000969 ____A C:\Users\Public\Desktop\BitComet.lnk
2011-10-16 03:03 - 2011-10-16 02:19 - 0000131 ___AH C:\Users\gamers\Documents\JP Translate.txt
2011-10-15 03:57 - 2011-10-15 03:55 - 0046080 __ASH C:\Users\gamers\AppData\Roaming\Thumbs.db
2011-10-07 20:47 - 2011-10-07 20:46 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-10-07 20:47 - 2010-12-23 16:43 - 0000182 ___AH C:\Users\gamers\AppData\Roaming\default.rss
2011-10-04 18:30 - 2011-06-04 16:51 - 0000089 ___SH C:\Users\All Users\.zreglib
2011-10-04 18:30 - 2011-06-04 16:51 - 0000089 ___SH C:\ProgramData\.zreglib
2011-10-04 05:48 - 2011-10-04 05:48 - 0000461 ___AH C:\Users\gamers\Documents\LolJobs.txt
2011-10-01 20:37 - 2011-10-01 20:37 - 0000000 ____D C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2011-10-01 20:37 - 2010-12-22 04:33 - 0000000 ____D C:\Program Files\Common Files\InstallShield
2011-10-01 20:32 - 2011-10-01 20:32 - 0001624 ____A C:\Windows\System32\WLAN.INI
2011-10-01 20:29 - 2011-10-01 20:29 - 0000000 ____D C:\Linksys Driver
2011-09-30 17:06 - 2011-09-30 17:06 - 0000000 ___HD C:\Users\gamers\AppData\Local\Microsoft Games
2011-09-28 14:44 - 2011-09-28 14:44 - 0000000 ___HD C:\Users\gamers\AppData\Local\SKIDROW
2011-09-28 14:44 - 2011-09-28 14:44 - 0000000 ___HD C:\Users\gamers\AppData\Local\28050
2011-09-28 14:44 - 2011-09-28 14:25 - 0000000 ____D C:\Program Files\Square Enix
2011-09-28 14:42 - 2011-09-28 14:42 - 0001223 ____A C:\Users\Public\Desktop\Deus Ex - Human Revolution.lnk
2011-09-26 13:15 - 2011-09-26 13:11 - 0000260 ___AH C:\Users\gamers\Documents\Raps & Rhymes.txt
2011-09-25 15:27 - 2011-09-25 15:27 - 0000896 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2011-09-25 15:27 - 2011-09-25 15:27 - 0000000 ____D C:\Program Files\LogMeIn Hamachi
2011-09-25 14:59 - 2011-09-25 12:36 - 0000000 ____D C:\Program Files\Deep Silver
2011-09-25 14:54 - 2011-09-25 14:54 - 0001659 ____A C:\Users\gamers\Desktop\Dead Island.lnk
2011-09-25 13:28 - 2011-09-25 13:28 - 0000000 ___HD C:\Users\gamers\AppData\Local\PackageAware
2011-09-24 02:04 - 2011-01-21 10:53 - 0000166 ___AH C:\Users\gamers\Documents\Passwords.txt
2011-09-21 18:11 - 2011-09-21 18:11 - 0003641 ____A C:\Users\gamers\Desktop\readme_ru.txt
2011-09-21 18:11 - 2011-09-21 18:11 - 0003114 ____A C:\Users\gamers\Desktop\readme_en.txt
2011-09-20 03:02 - 2011-09-20 03:02 - 0083968 ____A (Esage Lab) C:\Users\gamers\Desktop\boot_cleaner.exe
2011-09-12 13:42 - 2011-09-12 13:42 - 0000000 ___AH C:\Users\gamers\Documents\Default.rdp
2011-09-11 04:06 - 2011-08-12 10:29 - 0000512 ____A C:\Users\gamers\Desktop\launcher.ini
2011-09-06 13:32 - 2009-07-13 21:37 - 0000000 __RHD C:\Users\Public\Libraries
2011-09-04 01:35 - 2011-07-21 13:45 - 0016914 ___AH C:\Users\gamers\Documents\Shadow Sabers Random Chapter Work.docx

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2010-11-30 22:42] - [2009-10-31 00:45] - 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 33%
Total physical RAM: 3071.55 MB
Available physical RAM: 2033.92 MB
Total Pagefile: 6141.39 MB
Available Pagefile: 5022.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.32 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:81.74 GB) NTFS ==>[System = boot components]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B

Partitions of Disk 0:

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 31 KB
Partition 2 Primary 10 MB 465 GB

Disk: 0
Partition 2
Hidden: Yes
Active: Yes

There is no volume associated with this partition.



==========================================================

Last Boot: 2011-12-01 00:40

======================= End Of Log ==========================
 
I got a new notification from Combofix. I left it running with the ethernet cord plugged in for the first time and downloaded an updated version of Combofix. This version told me I had a Rootkit.ZeroAccess virus. Unsure if thats even a virus but from my understanding that's what it said. I couldn't copy/paste this information sadly.

Combofix never finished running, was left at the same scanning screen for 23hrs.
 
You seem to be infected with the newest TDL4 rootkit.

WARNING!
Proceed with extreme caution!
Deleting wrong partition will result with your computer being unusable.
If you have any doubts, ask.


===========================================================================================

Download gparted-live-0.10.0-3.iso (115.1 MB)

Burn it to a CD: http://neosmart.net/wiki/display/G/Burning+ISO+Images+to+a+CD+or+DVD

Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
Boot off of the newly created Gparted CD.

You should be here:
gpartedsplash.png

Press Enter.

By default, "do not touch keymap" is highlighted. Leave this setting alone and just press ENTER:
gpartedkeymaps.png


Choose your language and press ENTER. English is default [33]:
gpartedlanguage.png


Once again, at this prompt, press ENTER:
gpartedgui.png


You will now be taken to the main GUI screen below:
gpartedo.png

According to your logs, the partition that you want to delete is the small partition of 10MB.
Click on it to highlight it.
Click the trash can icon to delete and then click Apply.

You should now be here confirming your actions:
gpartedsteps.png


Now you should be here:
gpartedsuccessclose.png


Is "boot" next to your OS drive?
gpartedboot.png


If "boot" is NOT next to your OS drive under "Flags", right-mouse click the OS drive while in Gparted and select Manage Flags.

In the menu that pops up, place a checkmark in boot like the picture below:
gpartedmanageflagsboot.png


Now double-click the
gpartedexit.png
button.

You should receive a small pop up like this:
gpartedexitreboot.png


Choose reboot and then press OK.

============================================================================================

Then....

Please Boot to the System Recovery Options
If you have Windows 7 installation disc, just insert a DVD to the drive, restart computer and it should load automatically (option two presented in the article).
It's possible also that your computer has a pre-installed recovery partition instead - in such a case use a method one (by pressing F8 before Windows starts loading)...

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Choose Command Prompt
You should see X:\SOURCES>...

Execute the following commands in bold.
Press Enter after every one of them.

bootrec /fixmbr (<--- there is a "space" after "bootrec")

bootrec /fixboot

exit

Restart computer.

Post new aswMBR log.
 
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-03 04:09:06
-----------------------------
04:09:06.824 OS Version: Windows 6.1.7600
04:09:06.824 Number of processors: 2 586 0x4B02
04:09:06.827 ComputerName: ELNEGROBRUTAL UserName: gamers
04:09:07.824 Initialize success
04:11:00.351 AVAST engine defs: 11120300
04:11:10.256 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
04:11:10.261 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
04:11:12.281 Disk 0 MBR read successfully
04:11:12.286 Disk 0 MBR scan
04:11:12.296 Disk 0 Windows 7 default MBR code
04:11:12.306 Disk 0 scanning sectors +976752000
04:11:12.353 Disk 0 scanning C:\Windows\system32\drivers
04:11:19.356 Service scanning
04:11:21.591 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
04:11:22.153 Modules scanning
04:11:26.638 Module: C:\Windows\System32\user32.dll **SUSPICIOUS**
04:11:26.958 Disk 0 trace - called modules:
04:11:26.971 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8557d1f8]<<
04:11:26.978 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86701aa0]
04:11:26.986 3 CLASSPNP.SYS[8b92659e] -> nt!IofCallDriver -> [0x855bb700]
04:11:26.991 5 ACPI.sys[8b3433b2] -> nt!IofCallDriver -> \Device\00000064[0x86311860]
04:11:26.996 \Driver\nvstor[0x862e9968] -> IRP_MJ_CREATE -> 0x8557d1f8
04:11:28.493 AVAST engine scan C:\Windows
04:11:31.216 AVAST engine scan C:\Windows\system32
04:13:19.856 AVAST engine scan C:\Windows\system32\drivers
04:13:26.988 AVAST engine scan C:\Users\gamers
04:18:58.678 AVAST engine scan C:\ProgramData
04:19:39.721 Scan finished successfully
04:40:09.366 Disk 0 MBR has been saved successfully to "C:\Users\gamers\Desktop\MBR.dat"
04:40:09.371 The log file has been saved successfully to "C:\Users\gamers\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-03 04:09:06
-----------------------------
04:09:06.824 OS Version: Windows 6.1.7600
04:09:06.824 Number of processors: 2 586 0x4B02
04:09:06.827 ComputerName: ELNEGROBRUTAL UserName: gamers
04:09:07.824 Initialize success
04:11:00.351 AVAST engine defs: 11120300
04:11:10.256 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
04:11:10.261 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
04:11:12.281 Disk 0 MBR read successfully
04:11:12.286 Disk 0 MBR scan
04:11:12.296 Disk 0 Windows 7 default MBR code
04:11:12.306 Disk 0 scanning sectors +976752000
04:11:12.353 Disk 0 scanning C:\Windows\system32\drivers
04:11:19.356 Service scanning
04:11:21.591 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
04:11:22.153 Modules scanning
04:11:26.638 Module: C:\Windows\System32\user32.dll **SUSPICIOUS**
04:11:26.958 Disk 0 trace - called modules:
04:11:26.971 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8557d1f8]<<
04:11:26.978 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86701aa0]
04:11:26.986 3 CLASSPNP.SYS[8b92659e] -> nt!IofCallDriver -> [0x855bb700]
04:11:26.991 5 ACPI.sys[8b3433b2] -> nt!IofCallDriver -> \Device\00000064[0x86311860]
04:11:26.996 \Driver\nvstor[0x862e9968] -> IRP_MJ_CREATE -> 0x8557d1f8
04:11:28.493 AVAST engine scan C:\Windows
04:11:31.216 AVAST engine scan C:\Windows\system32
04:13:19.856 AVAST engine scan C:\Windows\system32\drivers
04:13:26.988 AVAST engine scan C:\Users\gamers
04:18:58.678 AVAST engine scan C:\ProgramData
04:19:39.721 Scan finished successfully
04:40:09.366 Disk 0 MBR has been saved successfully to "C:\Users\gamers\Desktop\MBR.dat"
04:40:09.371 The log file has been saved successfully to "C:\Users\gamers\Desktop\aswMBR.txt"
04:41:18.389 Disk 0 MBR has been saved successfully to "C:\Users\gamers\Desktop\MBR.dat"
04:41:18.394 The log file has been saved successfully to "C:\Users\gamers\Desktop\aswMBR.txt"
 
Followed your instructions to the T. aswMBR wouldn't run before, but after following your steps and finally getting back to the desktop it ran as it should have the first time around, pleasant surprise. So I didn't hit "Fix MBR" because I figured it was something I should ask about first and it wasn't in the instrctions. So I left the log open with the option still available, should I hit the button?

Also, can I reinstall my AV at this point or not quite yet?
 
Hold on with reinstalling AV program.
Leave aswMBR alone.

First of all how are the issues?

Post fresh Farbar Recovery Scan Tool log.

See if TDSSKiller will run.

See if Combofix will run.
 
The problems have seemed to all cease, no more redirection, nor psychotic IE. But I'll definitely run all the programs and post some logs in just a moment.
 
Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by gamers at 2011-12-03 13:11:20
Running from C:\Users\gamers\Desktop
(X86) OS Language: English(US)
Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.

========================== Registry (Whitelisted) =============

HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2008-06-09] (Hewlett-Packard Company)
HKLM\...\Winlogon: [Userinit] [x]
HKLM\...\Winlogon: [Shell]

================================ Services (Whitelisted) ==================


========================== Drivers (Whitelisted) =============


========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-12-03 04:40 - 2011-12-03 04:41 - 0000512 ____A C:\Users\gamers\Desktop\MBR.dat
2011-12-02 22:22 - 2011-12-02 22:23 - 115079168 ____A C:\Users\gamers\Downloads\gparted-live-0.10.0-3.iso
2011-12-02 19:53 - 2011-12-03 13:11 - 0000000 ____D C:\FRST
2011-12-02 19:52 - 2011-12-02 19:52 - 0858348 ____A C:\Users\gamers\Desktop\FRST.exe
2011-12-01 20:38 - 2009-07-13 18:12 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-01 20:30 - 2011-12-02 19:49 - 0000000 ___SD C:\Yourname
2011-12-01 19:49 - 2011-12-01 19:49 - 0000000 ____A C:\Users\gamers\Desktop\New Text Document.txt
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\Users\All Users\AMMYY
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\ProgramData\AMMYY
2011-12-01 01:29 - 2011-12-01 01:29 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\gamers\Desktop\tdsskiller.exe
2011-11-30 19:44 - 2011-11-30 19:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-29 21:52 - 2011-12-01 20:28 - 4324789 ____R (Swearware) C:\Users\gamers\Desktop\Yourname.exe
2011-11-29 03:53 - 2011-06-26 01:45 - 0256000 ____A C:\Windows\PEV.exe
2011-11-29 03:53 - 2010-11-07 12:20 - 0208896 ____A C:\Windows\MBR.exe
2011-11-29 03:53 - 2009-04-19 23:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0098816 ____A C:\Windows\sed.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0080412 ____A C:\Windows\grep.exe
2011-11-29 03:53 - 2000-08-30 19:00 - 0068096 ____A C:\Windows\zip.exe
2011-11-29 03:52 - 2011-11-29 03:52 - 0000000 ____D C:\Windows\ERDNT
2011-11-29 03:46 - 2011-11-29 03:52 - 0000000 ____D C:\Qoobox
2011-11-29 01:38 - 2011-11-29 01:38 - 0160160 ____A C:\Windows\Minidump\112911-24679-01.dmp
2011-11-28 16:48 - 2011-11-29 01:38 - 311721516 ____A C:\Windows\MEMORY.DMP
2011-11-28 16:48 - 2011-11-29 01:38 - 0000000 ____D C:\Windows\Minidump
2011-11-28 16:48 - 2011-11-28 16:48 - 0160112 ____A C:\Windows\Minidump\112811-24133-01.dmp
2011-11-28 06:44 - 2011-11-28 10:03 - 0052018 ____A C:\Users\gamers\Desktop\bootkit_remover_debug_log.txt
2011-11-24 14:45 - 2011-11-24 14:45 - 1916416 ____A (AVAST Software) C:\Users\gamers\Desktop\aswMBR.exe
2011-11-24 14:44 - 2011-12-01 01:35 - 0000357 ____A C:\rkill.log
2011-11-24 14:43 - 2011-11-24 14:43 - 1008092 ____A C:\Users\gamers\Desktop\rkill.com
2011-11-24 14:27 - 2011-12-02 19:49 - 0017838 ____A C:\Windows\PFRO.log
2011-11-24 14:19 - 2011-11-24 14:19 - 9130808 ____A (OPSWAT, Inc.) C:\Users\gamers\Downloads\AppRemover.exe
2011-11-23 16:08 - 2011-12-03 04:07 - 0002408 ____A C:\Windows\setupact.log
2011-11-23 16:08 - 2011-11-23 16:08 - 0000000 ____A C:\Windows\setuperr.log
2011-11-23 13:38 - 2011-11-23 13:38 - 0035561 ____A C:\Users\gamers\Documents\DDSlog2.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0019191 ____A C:\Users\gamers\Documents\DDSlog1.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0004413 ____A C:\Users\gamers\Documents\GMERlog.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0000909 ____A C:\Users\gamers\Documents\MBLog.txt
2011-11-23 13:21 - 2011-11-23 13:21 - 0004415 ____A C:\Users\gamers\Desktop\GMER.log
2011-11-23 12:11 - 2011-11-23 12:11 - 0000000 ____D C:\Program Files\somototoolbar
2011-11-23 12:10 - 2011-11-23 12:10 - 1785905 ____A C:\Users\gamers\Downloads\TempFileCleaner_3.1.1_Setup.exe
2011-11-23 12:10 - 2011-11-23 12:10 - 0001047 ____A C:\Users\gamers\Desktop\Temp File Cleaner.lnk
2011-11-23 12:10 - 2011-11-23 12:10 - 0000000 ____D C:\Program Files\Temp File Cleaner
2011-11-23 12:09 - 2011-11-23 12:09 - 0463080 ____A (CNET Download.com) C:\Users\gamers\Downloads\cnet_TempFileCleaner_3_1_1_Setup_exe.exe
2011-11-23 07:29 - 2011-11-23 07:36 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG
2011-11-23 07:28 - 2011-11-23 07:28 - 8143920 ____A (AVG ) C:\Users\gamers\Downloads\avg_pct_stf_all_2012_26_c5.exe
2011-11-23 06:58 - 2011-11-23 06:57 - 0607260 ____R (Swearware) C:\Users\gamers\Desktop\dds.scr
2011-11-23 06:58 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Desktop\u6gx0ld6.exe
2011-11-23 06:57 - 2011-11-23 06:58 - 0607260 ____A (Swearware) C:\Users\gamers\Downloads\dds.scr
2011-11-23 06:56 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Downloads\u6gx0ld6.exe
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-23 06:42 - 2011-11-23 06:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\QuickScan
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\Users\All Users\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\ProgramData\boost_interprocess
2011-11-23 06:37 - 2011-11-23 06:39 - 102896192 ____A C:\Users\gamers\Downloads\setup_11.0.0.1245.x01_2011_11_23_14_01.exe
2011-11-23 06:27 - 2011-11-23 15:29 - 0011513 ____A C:\Users\gamers\Documents\hijackthis.log
2011-11-23 06:02 - 2011-11-23 06:02 - 0002969 ____A C:\Users\gamers\Desktop\HiJackThis.lnk
2011-11-23 06:02 - 2011-11-23 06:02 - 0000000 ____D C:\Program Files\Trend Micro
2011-11-23 06:01 - 2011-11-23 06:01 - 1402880 ____A C:\Users\gamers\Downloads\HijackThis.msi
2011-11-21 18:09 - 2011-11-23 06:06 - 0002378 ____A C:\Users\gamers\Documents\Kill Box Instructions.txt
2011-11-21 18:09 - 2011-11-21 18:09 - 0092672 ____A (Option^Explicit Software vbtechcd@gmail.com) C:\Users\gamers\Downloads\KillBox.exe
2011-11-21 17:57 - 2011-11-21 17:57 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:57 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 17:56 - 2011-11-21 17:56 - 9852544 ____A (Malwarebytes Corporation ) C:\Users\gamers\Downloads\mbam-setup-1.51.2.1300.exe
2011-11-21 17:56 - 2011-11-21 17:56 - 0001071 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-20 09:17 - 2011-11-20 09:17 - 0000000 ___HD C:\$AVG
2011-11-20 08:42 - 2011-11-20 08:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG2012
2011-11-20 08:40 - 2011-11-24 14:27 - 0000000 ____D C:\Users\All Users\AVG2012
2011-11-20 08:40 - 2011-11-24 14:27 - 0000000 ____D C:\ProgramData\AVG2012
2011-11-20 08:37 - 2011-11-24 14:25 - 0000000 ____D C:\Users\All Users\MFAData
2011-11-20 08:37 - 2011-11-24 14:25 - 0000000 ____D C:\ProgramData\MFAData
2011-11-20 08:29 - 2011-11-20 08:29 - 3903528 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stb_en_2012_1872_free.exe
2011-11-20 08:18 - 2011-11-20 08:21 - 0000000 ____D C:\Program Files\Eusing Free Registry Cleaner
2011-11-20 08:18 - 2011-11-20 08:18 - 0001027 ____A C:\Users\gamers\Desktop\Eusing Free Registry Cleaner.lnk
2011-11-20 08:17 - 2011-11-20 08:17 - 0977520 ____A C:\Users\gamers\Downloads\EFRCSetup.exe
2011-11-19 06:13 - 2011-11-24 14:27 - 0000000 ____D C:\Program Files\AVG
2011-11-19 06:06 - 2011-11-19 06:08 - 93393016 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stf_en_90_851a3009.exe
2011-11-19 05:59 - 2011-11-19 05:59 - 0000027 ____A C:\Windows\System32\MPFServiceFailureCount.txt
2011-11-19 05:33 - 2011-11-19 09:18 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-11-19 05:33 - 2011-11-19 09:18 - 0000000 ____D C:\ProgramData\AVAST Software
2011-11-19 05:33 - 2011-11-19 05:33 - 0000000 ____D C:\Program Files\AVAST Software
2011-11-19 04:17 - 2011-11-19 04:17 - 0000000 ____D C:\Users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
2011-11-19 03:59 - 2011-11-19 03:59 - 0000000 ____D C:\Users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
2011-11-19 03:10 - 2011-11-19 04:30 - 0000000 ____D C:\Users\gamers\AppData\Roaming\B424F
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\wcccS11ivD
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\kttxxP0uuS1
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\FiiibFF3pnGa
2011-11-18 15:24 - 2011-11-18 15:34 - 0000304 ____A C:\Users\All Users\~MqGNiCX5Sv6EsH
2011-11-18 15:24 - 2011-11-18 15:34 - 0000304 ____A C:\ProgramData\~MqGNiCX5Sv6EsH
2011-11-18 15:24 - 2011-11-18 15:34 - 0000232 ____A C:\Users\All Users\~MqGNiCX5Sv6EsHr
2011-11-18 15:24 - 2011-11-18 15:34 - 0000232 ____A C:\ProgramData\~MqGNiCX5Sv6EsHr
2011-11-18 15:23 - 2011-11-18 15:32 - 0000448 ____A C:\Users\All Users\MqGNiCX5Sv6EsH
2011-11-18 15:23 - 2011-11-18 15:32 - 0000448 ____A C:\ProgramData\MqGNiCX5Sv6EsH
2011-11-18 12:47 - 2011-11-18 12:47 - 1063703 ___AH C:\Users\gamers\Documents\Shadow Sabres Notes - Big D.docx
2011-11-16 13:30 - 2011-11-16 13:30 - 0397472 ____A () C:\Users\gamers\Downloads\FXAA_PPI_Automatic_Installer-131-1-2.exe
2011-11-16 13:20 - 2011-11-29 01:41 - 0000000 ___HD C:\Users\gamers\Documents\Nexus Mod Manager
2011-11-16 13:20 - 2011-11-23 16:36 - 0001047 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2011-11-16 13:20 - 2011-11-23 16:36 - 0000000 ____D C:\Program Files\Nexus Mod Manager
2011-11-16 13:20 - 2011-11-19 04:28 - 0000000 ____D C:\Users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-16 13:20 - 2011-11-16 13:20 - 2286434 ____A (Black Tree Gaming ) C:\Users\gamers\Downloads\Nexus Mod Manager-0.12.2.exe
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\Users\All Users\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\ProgramData\NCH Software
2011-11-14 12:26 - 2011-11-14 12:26 - 0000637 ___AH C:\Users\gamers\Documents\Bob's Burgers.xspf
2011-11-10 16:28 - 2011-11-10 16:28 - 0001624 ____A C:\Users\gamers\Desktop\The Elder Scrolls Skyrim.lnk
2011-11-10 16:16 - 2011-11-10 16:16 - 0000000 ___HD C:\Users\gamers\AppData\Local\Skyrim
2011-11-10 15:50 - 2011-11-29 01:40 - 0000000 ____D C:\Program Files\The Elder Scrolls V Skyrim
2011-11-10 15:48 - 2011-11-10 15:49 - 21386221 ___AH C:\Users\gamers\Downloads\rzr-skrm.rar
2011-11-10 15:45 - 2011-11-19 04:31 - 0000000 ____D C:\Elder Scrolls
2011-11-10 15:39 - 2011-11-10 15:40 - 6685523 ___AH C:\Users\gamers\Downloads\SkyUPDATERAZOR.rar
2011-11-10 15:39 - 2011-11-10 15:39 - 0752882 ___AH C:\Users\gamers\Downloads\insta.rar
2011-11-09 12:35 - 2011-11-09 12:35 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk


============ 3 Months Modified Files and Folders ===============

2011-12-03 13:11 - 2011-12-02 19:53 - 0000000 ____D C:\FRST
2011-12-03 12:55 - 2010-11-09 21:20 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-12-03 04:41 - 2011-12-03 04:40 - 0004069 ____A C:\Users\gamers\Desktop\aswMBR.txt
2011-12-03 04:41 - 2011-12-03 04:40 - 0000512 ____A C:\Users\gamers\Desktop\MBR.dat
2011-12-03 04:10 - 2010-11-03 19:01 - 1823747 ____A C:\Windows\WindowsUpdate.log
2011-12-03 04:07 - 2011-11-23 16:08 - 0002408 ____A C:\Windows\setupact.log
2011-12-03 04:07 - 2011-04-22 14:09 - 0000000 ____D C:\Users\All Users\MediaMall
2011-12-03 04:07 - 2011-04-22 14:09 - 0000000 ____D C:\ProgramData\MediaMall
2011-12-03 04:07 - 2010-12-16 02:45 - 0000000 ____D C:\Program Files\Steam
2011-12-03 04:07 - 2010-11-09 21:20 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-12-03 04:07 - 2009-07-13 23:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-12-03 04:06 - 2010-11-03 18:58 - 2415566848 __ASH C:\hiberfil.sys
2011-12-03 04:02 - 2011-02-16 14:00 - 1975558 ____A C:\Windows\ntbtlog.txt
2011-12-02 22:23 - 2011-12-02 22:22 - 115079168 ____A C:\Users\gamers\Downloads\gparted-live-0.10.0-3.iso
2011-12-02 19:58 - 2011-02-16 16:32 - 0000000 ____D C:\Users\gamers\AppData\Roaming\SoftGrid Client
2011-12-02 19:52 - 2011-12-02 19:52 - 0858348 ____A C:\Users\gamers\Desktop\FRST.exe
2011-12-02 19:49 - 2011-12-01 20:30 - 0000000 ___SD C:\Yourname
2011-12-02 19:49 - 2011-11-24 14:27 - 0017838 ____A C:\Windows\PFRO.log
2011-12-02 19:49 - 2009-07-13 23:53 - 0032556 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-12-01 20:37 - 2009-07-13 21:37 - 0000000 ___DC C:\Windows\$NtUninstallKB49674$
2011-12-01 20:28 - 2011-11-29 21:52 - 4324789 ____R (Swearware) C:\Users\gamers\Desktop\Yourname.exe
2011-12-01 19:58 - 2009-07-13 23:34 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-12-01 19:58 - 2009-07-13 23:34 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-12-01 19:49 - 2011-12-01 19:49 - 0000000 ____A C:\Users\gamers\Desktop\New Text Document.txt
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\Users\All Users\AMMYY
2011-12-01 19:05 - 2011-12-01 19:05 - 0000000 ____D C:\ProgramData\AMMYY
2011-12-01 01:35 - 2011-11-24 14:44 - 0000357 ____A C:\rkill.log
2011-12-01 01:29 - 2011-12-01 01:29 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\gamers\Desktop\tdsskiller.exe
2011-11-30 21:04 - 2011-08-10 19:38 - 0000000 ____D C:\Users\gamers\.frostwire5
2011-11-30 20:11 - 2010-11-09 21:20 - 0000000 ___HD C:\Users\gamers\AppData\Local\Google
2011-11-30 19:44 - 2011-11-30 19:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-30 19:44 - 2010-12-23 03:38 - 0000000 ____D C:\Users\gamers\AppData\Local\Apps\2.0
2011-11-30 15:47 - 2009-07-13 21:04 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2011-11-29 03:56 - 2009-07-13 21:37 - 0000000 ___RD C:\users\Public
2011-11-29 03:52 - 2011-11-29 03:52 - 0000000 ____D C:\Windows\ERDNT
2011-11-29 03:52 - 2011-11-29 03:46 - 0000000 ____D C:\Qoobox
2011-11-29 01:41 - 2011-11-16 13:20 - 0000000 ___HD C:\Users\gamers\Documents\Nexus Mod Manager
2011-11-29 01:40 - 2011-11-10 15:50 - 0000000 ____D C:\Program Files\The Elder Scrolls V Skyrim
2011-11-29 01:38 - 2011-11-29 01:38 - 0160160 ____A C:\Windows\Minidump\112911-24679-01.dmp
2011-11-29 01:38 - 2011-11-28 16:48 - 311721516 ____A C:\Windows\MEMORY.DMP
2011-11-29 01:38 - 2011-11-28 16:48 - 0000000 ____D C:\Windows\Minidump
2011-11-28 16:48 - 2011-11-28 16:48 - 0160112 ____A C:\Windows\Minidump\112811-24133-01.dmp
2011-11-28 10:03 - 2011-11-28 06:44 - 0052018 ____A C:\Users\gamers\Desktop\bootkit_remover_debug_log.txt
2011-11-28 08:39 - 2011-07-05 19:18 - 0000000 ____D C:\Users\gamers\AppData\Roaming\RIFT
2011-11-28 08:39 - 2010-12-26 11:46 - 0000000 __SHD C:\Config.Msi
2011-11-28 08:39 - 2010-11-03 17:16 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-11-24 14:45 - 2011-11-24 14:45 - 1916416 ____A (AVAST Software) C:\Users\gamers\Desktop\aswMBR.exe
2011-11-24 14:43 - 2011-11-24 14:43 - 1008092 ____A C:\Users\gamers\Desktop\rkill.com
2011-11-24 14:27 - 2011-11-20 08:40 - 0000000 ____D C:\Users\All Users\AVG2012
2011-11-24 14:27 - 2011-11-20 08:40 - 0000000 ____D C:\ProgramData\AVG2012
2011-11-24 14:27 - 2011-11-19 06:13 - 0000000 ____D C:\Program Files\AVG
2011-11-24 14:25 - 2011-11-20 08:37 - 0000000 ____D C:\Users\All Users\MFAData
2011-11-24 14:25 - 2011-11-20 08:37 - 0000000 ____D C:\ProgramData\MFAData
2011-11-24 14:19 - 2011-11-24 14:19 - 9130808 ____A (OPSWAT, Inc.) C:\Users\gamers\Downloads\AppRemover.exe
2011-11-23 16:36 - 2011-11-16 13:20 - 0001047 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2011-11-23 16:36 - 2011-11-16 13:20 - 0000000 ____D C:\Program Files\Nexus Mod Manager
2011-11-23 16:08 - 2011-11-23 16:08 - 0000000 ____A C:\Windows\setuperr.log
2011-11-23 15:29 - 2011-11-23 06:27 - 0011513 ____A C:\Users\gamers\Documents\hijackthis.log
2011-11-23 15:27 - 2010-11-03 16:08 - 0000000 ____D C:\Users\gamers\AppData\Local\VirtualStore
2011-11-23 13:38 - 2011-11-23 13:38 - 0035561 ____A C:\Users\gamers\Documents\DDSlog2.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0019191 ____A C:\Users\gamers\Documents\DDSlog1.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0004413 ____A C:\Users\gamers\Documents\GMERlog.txt
2011-11-23 13:38 - 2011-11-23 13:38 - 0000909 ____A C:\Users\gamers\Documents\MBLog.txt
2011-11-23 13:21 - 2011-11-23 13:21 - 0004415 ____A C:\Users\gamers\Desktop\GMER.log
2011-11-23 12:13 - 2010-11-06 00:46 - 0000000 ___HD C:\Users\gamers\AppData\Roaming\Macromedia
2011-11-23 12:13 - 2010-11-03 16:08 - 0000000 ____D C:\Users\gamers\AppData\LocalLow
2011-11-23 12:12 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\security
2011-11-23 12:11 - 2011-11-23 12:11 - 0000000 ____D C:\Program Files\somototoolbar
2011-11-23 12:10 - 2011-11-23 12:10 - 1785905 ____A C:\Users\gamers\Downloads\TempFileCleaner_3.1.1_Setup.exe
2011-11-23 12:10 - 2011-11-23 12:10 - 0001047 ____A C:\Users\gamers\Desktop\Temp File Cleaner.lnk
2011-11-23 12:10 - 2011-11-23 12:10 - 0000000 ____D C:\Program Files\Temp File Cleaner
2011-11-23 12:09 - 2011-11-23 12:09 - 0463080 ____A (CNET Download.com) C:\Users\gamers\Downloads\cnet_TempFileCleaner_3_1_1_Setup_exe.exe
2011-11-23 07:43 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\config\TxR
2011-11-23 07:41 - 2009-07-13 23:52 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-11-23 07:36 - 2011-11-23 07:29 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG
2011-11-23 07:28 - 2011-11-23 07:28 - 8143920 ____A (AVG ) C:\Users\gamers\Downloads\avg_pct_stf_all_2012_26_c5.exe
2011-11-23 06:58 - 2011-11-23 06:57 - 0607260 ____A (Swearware) C:\Users\gamers\Downloads\dds.scr
2011-11-23 06:57 - 2011-11-23 06:58 - 0607260 ____R (Swearware) C:\Users\gamers\Desktop\dds.scr
2011-11-23 06:56 - 2011-11-23 06:58 - 0302592 ____A C:\Users\gamers\Desktop\u6gx0ld6.exe
2011-11-23 06:56 - 2011-11-23 06:56 - 0302592 ____A C:\Users\gamers\Downloads\u6gx0ld6.exe
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-23 06:45 - 2011-11-23 06:45 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-23 06:42 - 2011-11-23 06:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\QuickScan
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\Users\All Users\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:39 - 0000000 ____D C:\ProgramData\boost_interprocess
2011-11-23 06:39 - 2011-11-23 06:37 - 102896192 ____A C:\Users\gamers\Downloads\setup_11.0.0.1245.x01_2011_11_23_14_01.exe
2011-11-23 06:06 - 2011-11-21 18:09 - 0002378 ____A C:\Users\gamers\Documents\Kill Box Instructions.txt
2011-11-23 06:02 - 2011-11-23 06:02 - 0002969 ____A C:\Users\gamers\Desktop\HiJackThis.lnk
2011-11-23 06:02 - 2011-11-23 06:02 - 0000000 ____D C:\Program Files\Trend Micro
2011-11-23 06:01 - 2011-11-23 06:01 - 1402880 ____A C:\Users\gamers\Downloads\HijackThis.msi
2011-11-23 05:51 - 2010-11-06 16:07 - 0000000 ___HD C:\Users\gamers\AppData\Roaming\BitComet
2011-11-21 23:53 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\Cursors
2011-11-21 18:09 - 2011-11-21 18:09 - 0092672 ____A (Option^Explicit Software vbtechcd@gmail.com) C:\Users\gamers\Downloads\KillBox.exe
2011-11-21 17:57 - 2011-11-21 17:57 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 17:57 - 2011-11-21 17:56 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-11-21 17:56 - 2011-11-21 17:56 - 9852544 ____A (Malwarebytes Corporation ) C:\Users\gamers\Downloads\mbam-setup-1.51.2.1300.exe
2011-11-21 17:56 - 2011-11-21 17:56 - 0001071 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-21 17:56 - 2011-11-21 17:56 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-20 09:17 - 2011-11-20 09:17 - 0000000 ___HD C:\$AVG
2011-11-20 08:42 - 2011-11-20 08:42 - 0000000 ____D C:\Users\gamers\AppData\Roaming\AVG2012
2011-11-20 08:29 - 2011-11-20 08:29 - 3903528 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stb_en_2012_1872_free.exe
2011-11-20 08:21 - 2011-11-20 08:18 - 0000000 ____D C:\Program Files\Eusing Free Registry Cleaner
2011-11-20 08:18 - 2011-11-20 08:18 - 0001027 ____A C:\Users\gamers\Desktop\Eusing Free Registry Cleaner.lnk
2011-11-20 08:17 - 2011-11-20 08:17 - 0977520 ____A C:\Users\gamers\Downloads\EFRCSetup.exe
2011-11-19 20:07 - 2011-09-28 14:47 - 0000000 ___HD C:\Users\gamers\AppData\Local\dxhr
2011-11-19 14:28 - 2010-12-16 02:45 - 0000000 ____D C:\Program Files\Common Files\Steam
2011-11-19 09:18 - 2011-11-19 05:33 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-11-19 09:18 - 2011-11-19 05:33 - 0000000 ____D C:\ProgramData\AVAST Software
2011-11-19 06:23 - 2010-11-03 16:12 - 0714754 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-19 06:19 - 2011-03-30 13:23 - 0000000 ____D C:\Program Files\Midnight Club 2
2011-11-19 06:17 - 2011-03-07 09:40 - 0000000 ____D C:\Users\All Users\McAfee
2011-11-19 06:17 - 2011-03-07 09:40 - 0000000 ____D C:\ProgramData\McAfee
2011-11-19 06:08 - 2011-11-19 06:06 - 93393016 ____A (AVG Technologies) C:\Users\gamers\Downloads\avg_free_stf_en_90_851a3009.exe
2011-11-19 05:59 - 2011-11-19 05:59 - 0000027 ____A C:\Windows\System32\MPFServiceFailureCount.txt
2011-11-19 05:33 - 2011-11-19 05:33 - 0000000 ____D C:\Program Files\AVAST Software
2011-11-19 05:33 - 2009-07-13 21:04 - 0002577 ____A C:\Windows\System32\config.nt
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\Users\All Users\Alwil Software
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\ProgramData\Alwil Software
2011-11-19 05:30 - 2010-12-23 20:11 - 0000000 ____D C:\Program Files\Alwil Software
2011-11-19 04:59 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\DriverStore
2011-11-19 04:33 - 2010-11-03 16:08 - 0000000 ____D C:\users\gamers
2011-11-19 04:32 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\wfp
2011-11-19 04:31 - 2011-11-10 15:45 - 0000000 ____D C:\Elder Scrolls
2011-11-19 04:31 - 2011-10-15 18:58 - 0000000 ____D C:\Users\gamers\AppData\Local\Top_Producer_Systems_Inc
2011-11-19 04:31 - 2011-10-14 18:13 - 0000000 ____D C:\Users\gamers\AppData\Local\Conduit
2011-11-19 04:31 - 2011-09-25 15:27 - 0000000 ____D C:\Users\gamers\AppData\Local\LogMeIn Hamachi
2011-11-19 04:31 - 2011-08-12 10:29 - 0000000 ___AD C:\Users\gamers\Desktop\plugins
2011-11-19 04:31 - 2011-08-12 10:28 - 0000000 ___AD C:\Users\gamers\plugins
2011-11-19 04:31 - 2011-06-25 13:24 - 0000000 ____D C:\Users\gamers\Desktop\Comcast Essentials
2011-11-19 04:31 - 2011-03-30 16:26 - 0000000 ____D C:\Users\gamers\AppData\Roaming\NCH Software
2011-11-19 04:31 - 2011-03-22 00:53 - 0000000 ____D C:\Users\gamers\Documents\Blood Omen 2
2011-11-19 04:31 - 2011-03-20 18:11 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2011-11-19 04:31 - 2010-12-26 11:50 - 0000000 ____D C:\Program Files\WinZip
2011-11-19 04:31 - 2010-12-18 17:34 - 0000000 ____D C:\Users\gamers\AppData\Local\FOMM
2011-11-19 04:31 - 2010-11-30 22:39 - 0000000 ____D C:\Users\gamers\AppData\Roaming\uTorrent
2011-11-19 04:31 - 2010-11-30 22:28 - 0000000 ____D C:\Users\gamers\AppData\Roaming\vlc
2011-11-19 04:31 - 2010-11-23 18:57 - 0000000 ____D C:\Program Files\Mozilla Firefox
2011-11-19 04:31 - 2010-11-11 12:07 - 0000000 ____D C:\Users\gamers\AppData\Local\SupportSoft
2011-11-19 04:31 - 2010-11-09 23:19 - 0000000 ____D C:\Users\gamers\Desktop\FFXIV JUNK
2011-11-19 04:31 - 2010-11-05 16:33 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Ventrilo
2011-11-19 04:31 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\AppCompat
2011-11-19 04:30 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\B424F
2011-11-19 04:30 - 2011-02-01 10:32 - 0000000 ____D C:\DeadSpace
2011-11-19 04:30 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\registration
2011-11-19 04:29 - 2011-08-10 19:39 - 0000000 ____D C:\Users\gamers\FrostWire
2011-11-19 04:29 - 2011-06-24 05:55 - 0000000 ____D C:\Users\gamers\Documents\Witcher 2
2011-11-19 04:29 - 2011-03-31 12:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\TuneUp Software
2011-11-19 04:29 - 2011-03-08 21:31 - 0000000 ____D C:\Users\gamers\Desktop\Dragon Age 2
2011-11-19 04:29 - 2011-02-18 06:30 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Nero
2011-11-19 04:29 - 2011-02-05 00:16 - 0000000 ____D C:\Users\gamers\Documents\BioWare
2011-11-19 04:29 - 2010-11-23 18:58 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Mozilla
2011-11-19 04:29 - 2010-11-04 16:17 - 0000000 ____D C:\Users\gamers\Documents\My Games
2011-11-19 04:28 - 2011-11-16 13:20 - 0000000 ____D C:\Users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-19 04:28 - 2010-11-06 00:46 - 0000000 ____D C:\Users\gamers\AppData\Roaming\Adobe
2011-11-19 04:27 - 2011-03-09 01:02 - 0000000 ____D C:\Users\All Users\Electronic Arts
2011-11-19 04:27 - 2011-03-09 01:02 - 0000000 ____D C:\ProgramData\Electronic Arts
2011-11-19 04:17 - 2011-11-19 04:17 - 0000000 ____D C:\Users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
2011-11-19 03:59 - 2011-11-19 03:59 - 0000000 ____D C:\Users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\wcccS11ivD
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\kttxxP0uuS1
2011-11-19 03:10 - 2011-11-19 03:10 - 0000000 ____D C:\Users\gamers\AppData\Roaming\FiiibFF3pnGa
2011-11-18 15:34 - 2011-11-18 15:24 - 0000304 ____A C:\Users\All Users\~MqGNiCX5Sv6EsH
2011-11-18 15:34 - 2011-11-18 15:24 - 0000304 ____A C:\ProgramData\~MqGNiCX5Sv6EsH
2011-11-18 15:34 - 2011-11-18 15:24 - 0000232 ____A C:\Users\All Users\~MqGNiCX5Sv6EsHr
2011-11-18 15:34 - 2011-11-18 15:24 - 0000232 ____A C:\ProgramData\~MqGNiCX5Sv6EsHr
2011-11-18 15:32 - 2011-11-18 15:23 - 0000448 ____A C:\Users\All Users\MqGNiCX5Sv6EsH
2011-11-18 15:32 - 2011-11-18 15:23 - 0000448 ____A C:\ProgramData\MqGNiCX5Sv6EsH
2011-11-18 12:47 - 2011-11-18 12:47 - 1063703 ___AH C:\Users\gamers\Documents\Shadow Sabres Notes - Big D.docx
2011-11-18 11:55 - 2010-12-23 03:38 - 0000000 ___HD C:\Users\gamers\AppData\Local\Deployment
2011-11-16 13:30 - 2011-11-16 13:30 - 0397472 ____A () C:\Users\gamers\Downloads\FXAA_PPI_Automatic_Installer-131-1-2.exe
2011-11-16 13:21 - 2010-12-18 17:36 - 0000000 ____D C:\Games
2011-11-16 13:20 - 2011-11-16 13:20 - 2286434 ____A (Black Tree Gaming ) C:\Users\gamers\Downloads\Nexus Mod Manager-0.12.2.exe
2011-11-15 17:47 - 2011-03-30 16:25 - 0000000 ____D C:\Program Files\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\Users\All Users\NCH Software
2011-11-15 17:24 - 2011-11-15 17:24 - 0000000 ____D C:\ProgramData\NCH Software
2011-11-14 12:26 - 2011-11-14 12:26 - 0000637 ___AH C:\Users\gamers\Documents\Bob's Burgers.xspf
2011-11-10 16:28 - 2011-11-10 16:28 - 0001624 ____A C:\Users\gamers\Desktop\The Elder Scrolls Skyrim.lnk
2011-11-10 16:16 - 2011-11-10 16:16 - 0000000 ___HD C:\Users\gamers\AppData\Local\Skyrim
2011-11-10 15:49 - 2011-11-10 15:48 - 21386221 ___AH C:\Users\gamers\Downloads\rzr-skrm.rar
2011-11-10 15:40 - 2011-11-10 15:39 - 6685523 ___AH C:\Users\gamers\Downloads\SkyUPDATERAZOR.rar
2011-11-10 15:39 - 2011-11-10 15:39 - 0752882 ___AH C:\Users\gamers\Downloads\insta.rar
2011-11-09 13:21 - 2011-08-10 19:37 - 0000000 ____D C:\Program Files\FrostWire 5
2011-11-09 13:21 - 2011-01-18 11:19 - 0000000 ____D C:\Program Files\iTunes
2011-11-09 12:35 - 2011-11-09 12:35 - 0001096 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-11-09 12:33 - 2010-11-30 22:39 - 0000000 ____D C:\Program Files\uTorrentBar
2011-11-02 08:15 - 2011-01-03 22:12 - 0000000 ___HD C:\Users\gamers\AppData\Local\ElevatedDiagnostics
2011-10-30 08:29 - 2011-08-12 10:29 - 0000000 ___HD C:\Users\gamers\Desktop\screenshots
2011-10-30 03:00 - 2011-10-30 03:00 - 0000736 ___AH C:\Users\gamers\Documents\Smn skill up.txt
2011-10-16 07:54 - 2010-11-06 16:07 - 0000969 ____A C:\Users\Public\Desktop\BitComet.lnk
2011-10-16 03:03 - 2011-10-16 02:19 - 0000131 ___AH C:\Users\gamers\Documents\JP Translate.txt
2011-10-15 03:57 - 2011-10-15 03:55 - 0046080 __ASH C:\Users\gamers\AppData\Roaming\Thumbs.db
2011-10-07 20:47 - 2011-10-07 20:46 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-10-07 20:47 - 2010-12-23 16:43 - 0000182 ___AH C:\Users\gamers\AppData\Roaming\default.rss
2011-10-04 18:30 - 2011-06-04 16:51 - 0000089 ___SH C:\Users\All Users\.zreglib
2011-10-04 18:30 - 2011-06-04 16:51 - 0000089 ___SH C:\ProgramData\.zreglib
2011-10-04 05:48 - 2011-10-04 05:48 - 0000461 ___AH C:\Users\gamers\Documents\LolJobs.txt
2011-10-01 20:37 - 2011-10-01 20:37 - 0000000 ____D C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2011-10-01 20:37 - 2010-12-22 04:33 - 0000000 ____D C:\Program Files\Common Files\InstallShield
2011-10-01 20:32 - 2011-10-01 20:32 - 0001624 ____A C:\Windows\System32\WLAN.INI
2011-10-01 20:29 - 2011-10-01 20:29 - 0000000 ____D C:\Linksys Driver
2011-09-30 17:06 - 2011-09-30 17:06 - 0000000 ___HD C:\Users\gamers\AppData\Local\Microsoft Games
2011-09-28 14:44 - 2011-09-28 14:44 - 0000000 ___HD C:\Users\gamers\AppData\Local\SKIDROW
2011-09-28 14:44 - 2011-09-28 14:44 - 0000000 ___HD C:\Users\gamers\AppData\Local\28050
2011-09-28 14:44 - 2011-09-28 14:25 - 0000000 ____D C:\Program Files\Square Enix
2011-09-28 14:42 - 2011-09-28 14:42 - 0001223 ____A C:\Users\Public\Desktop\Deus Ex - Human Revolution.lnk
2011-09-26 13:15 - 2011-09-26 13:11 - 0000260 ___AH C:\Users\gamers\Documents\Raps & Rhymes.txt
2011-09-25 15:27 - 2011-09-25 15:27 - 0000896 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2011-09-25 15:27 - 2011-09-25 15:27 - 0000000 ____D C:\Program Files\LogMeIn Hamachi
2011-09-25 14:59 - 2011-09-25 12:36 - 0000000 ____D C:\Program Files\Deep Silver
2011-09-25 14:54 - 2011-09-25 14:54 - 0001659 ____A C:\Users\gamers\Desktop\Dead Island.lnk
2011-09-25 13:28 - 2011-09-25 13:28 - 0000000 ___HD C:\Users\gamers\AppData\Local\PackageAware
2011-09-24 02:04 - 2011-01-21 10:53 - 0000166 ___AH C:\Users\gamers\Documents\Passwords.txt
2011-09-21 18:11 - 2011-09-21 18:11 - 0003641 ____A C:\Users\gamers\Desktop\readme_ru.txt
2011-09-21 18:11 - 2011-09-21 18:11 - 0003114 ____A C:\Users\gamers\Desktop\readme_en.txt
2011-09-20 03:02 - 2011-09-20 03:02 - 0083968 ____A (Esage Lab) C:\Users\gamers\Desktop\boot_cleaner.exe
2011-09-12 13:42 - 2011-09-12 13:42 - 0000000 ___AH C:\Users\gamers\Documents\Default.rdp
2011-09-11 04:06 - 2011-08-12 10:29 - 0000512 ____A C:\Users\gamers\Desktop\launcher.ini
2011-09-06 13:32 - 2009-07-13 21:37 - 0000000 __RHD C:\Users\Public\Libraries

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2010-11-30 22:42] - [2009-10-31 00:45] - 2614272 ____A (Microsoft Corporation) 2626FC9755BE22F805D3CFA0CE3EE727

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 44%
Total physical RAM: 3071.55 MB
Available physical RAM: 1713.34 MB
Total Pagefile: 6141.39 MB
Available Pagefile: 4611.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1956.65 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:90.18 GB) NTFS ==>[System = boot components]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 9 MB

Partitions of Disk 0:

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 31 KB

Disk: 0
Partition 1
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 465 GB Healthy System



==========================================================

Last Boot: 2011-12-01 00:40

======================= End Of Log ==========================
 
13:13:31.0031 2808 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
13:13:31.0458 2808 ============================================================
13:13:31.0458 2808 Current date / time: 2011/12/03 13:13:31.0458
13:13:31.0458 2808 SystemInfo:
13:13:31.0458 2808
13:13:31.0458 2808 OS Version: 6.1.7600 ServicePack: 0.0
13:13:31.0458 2808 Product type: Workstation
13:13:31.0458 2808 ComputerName: ELNEGROBRUTAL
13:13:31.0458 2808 UserName: gamers
13:13:31.0458 2808 Windows directory: C:\Windows
13:13:31.0458 2808 System windows directory: C:\Windows
13:13:31.0458 2808 Processor architecture: Intel x86
13:13:31.0458 2808 Number of processors: 2
13:13:31.0458 2808 Page size: 0x1000
13:13:31.0458 2808 Boot type: Normal boot
13:13:31.0458 2808 ============================================================
13:13:32.0466 2808 Initialize success
13:13:34.0494 4016 ============================================================
13:13:34.0494 4016 Scan started
13:13:34.0494 4016 Mode: Manual;
13:13:34.0494 4016 ============================================================
13:13:35.0090 4016 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
13:13:35.0093 4016 1394ohci - ok
13:13:35.0114 4016 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
13:13:35.0118 4016 ACPI - ok
13:13:35.0140 4016 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
13:13:35.0141 4016 AcpiPmi - ok
13:13:35.0169 4016 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:13:35.0174 4016 adp94xx - ok
13:13:35.0194 4016 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:13:35.0198 4016 adpahci - ok
13:13:35.0225 4016 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:13:35.0227 4016 adpu320 - ok
13:13:35.0292 4016 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
13:13:35.0296 4016 AFD - ok
13:13:35.0304 4016 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
13:13:35.0306 4016 agp440 - ok
13:13:35.0347 4016 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:13:35.0349 4016 aic78xx - ok
13:13:35.0371 4016 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
13:13:35.0372 4016 aliide - ok
13:13:35.0398 4016 amacpi (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\DRIVERS\null.sys
13:13:35.0399 4016 amacpi - ok
13:13:35.0408 4016 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
13:13:35.0410 4016 amdagp - ok
13:13:35.0426 4016 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
13:13:35.0428 4016 amdide - ok
13:13:35.0461 4016 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:13:35.0462 4016 AmdK8 - ok
13:13:35.0480 4016 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:13:35.0482 4016 AmdPPM - ok
13:13:35.0502 4016 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
13:13:35.0504 4016 amdsata - ok
13:13:35.0530 4016 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:13:35.0532 4016 amdsbs - ok
13:13:35.0550 4016 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
13:13:35.0551 4016 amdxata - ok
13:13:35.0578 4016 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
13:13:35.0580 4016 AppID - ok
13:13:35.0621 4016 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:13:35.0623 4016 arc - ok
13:13:35.0648 4016 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:13:35.0649 4016 arcsas - ok
13:13:35.0671 4016 ASPI32 - ok
13:13:35.0685 4016 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:13:35.0687 4016 AsyncMac - ok
13:13:35.0704 4016 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
13:13:35.0705 4016 atapi - ok
13:13:35.0754 4016 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:13:35.0760 4016 b06bdrv - ok
13:13:35.0786 4016 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:13:35.0789 4016 b57nd60x - ok
13:13:35.0808 4016 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:13:35.0809 4016 Beep - ok
13:13:35.0859 4016 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:13:35.0860 4016 blbdrive - ok
13:13:35.0880 4016 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
13:13:35.0881 4016 bowser - ok
13:13:35.0890 4016 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:13:35.0891 4016 BrFiltLo - ok
13:13:35.0901 4016 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:13:35.0902 4016 BrFiltUp - ok
13:13:35.0930 4016 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\system32\DRIVERS\BrSerId.sys
13:13:35.0933 4016 Brserid - ok
13:13:35.0942 4016 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:13:35.0944 4016 BrSerWdm - ok
13:13:35.0953 4016 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:13:35.0955 4016 BrUsbMdm - ok
13:13:35.0964 4016 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
13:13:35.0966 4016 BrUsbSer - ok
13:13:35.0985 4016 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:13:35.0986 4016 BTHMODEM - ok
13:13:36.0105 4016 catchme - ok
13:13:36.0125 4016 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:13:36.0129 4016 cdfs - ok
13:13:36.0151 4016 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
13:13:36.0153 4016 cdrom - ok
13:13:36.0177 4016 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:13:36.0180 4016 circlass - ok
13:13:36.0205 4016 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:13:36.0209 4016 CLFS - ok
13:13:36.0227 4016 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:13:36.0228 4016 CmBatt - ok
13:13:36.0247 4016 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
13:13:36.0248 4016 cmdide - ok
13:13:36.0262 4016 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:13:36.0266 4016 CNG - ok
13:13:36.0282 4016 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:13:36.0283 4016 Compbatt - ok
13:13:36.0300 4016 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:13:36.0301 4016 CompositeBus - ok
13:13:36.0330 4016 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:13:36.0331 4016 crcdisk - ok
13:13:36.0369 4016 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
13:13:36.0374 4016 CSC - ok
13:13:36.0413 4016 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
13:13:36.0415 4016 DfsC - ok
13:13:36.0428 4016 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:13:36.0429 4016 discache - ok
13:13:36.0441 4016 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:13:36.0442 4016 Disk - ok
13:13:36.0475 4016 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:13:36.0476 4016 drmkaud - ok
13:13:36.0515 4016 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
13:13:36.0523 4016 DXGKrnl - ok
13:13:36.0596 4016 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:13:36.0648 4016 ebdrv - ok
13:13:36.0697 4016 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
13:13:36.0698 4016 ElbyCDFL - ok
13:13:36.0738 4016 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys
13:13:36.0740 4016 ElbyCDIO - ok
13:13:36.0767 4016 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:13:36.0773 4016 elxstor - ok
13:13:36.0794 4016 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
13:13:36.0795 4016 ErrDev - ok
13:13:36.0821 4016 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:13:36.0823 4016 exfat - ok
13:13:36.0844 4016 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:13:36.0846 4016 fastfat - ok
13:13:36.0870 4016 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:13:36.0871 4016 fdc - ok
13:13:36.0897 4016 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:13:36.0898 4016 FileInfo - ok
13:13:36.0920 4016 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:13:36.0921 4016 Filetrace - ok
13:13:36.0930 4016 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:13:36.0931 4016 flpydisk - ok
13:13:36.0952 4016 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:13:36.0955 4016 FltMgr - ok
13:13:36.0970 4016 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:13:36.0972 4016 FsDepends - ok
13:13:36.0996 4016 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:13:36.0997 4016 Fs_Rec - ok
13:13:37.0018 4016 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
13:13:37.0021 4016 fvevol - ok
13:13:37.0042 4016 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:13:37.0044 4016 gagp30kx - ok
13:13:37.0074 4016 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:37.0075 4016 GEARAspiWDM - ok
13:13:37.0119 4016 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
13:13:37.0120 4016 hamachi - ok
13:13:37.0145 4016 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:13:37.0160 4016 hcw85cir - ok
13:13:37.0203 4016 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
13:13:37.0210 4016 HdAudAddService - ok
13:13:37.0234 4016 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:13:37.0237 4016 HDAudBus - ok
13:13:37.0250 4016 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:13:37.0253 4016 HidBatt - ok
13:13:37.0275 4016 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:13:37.0277 4016 HidBth - ok
13:13:37.0305 4016 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:13:37.0306 4016 HidIr - ok
13:13:37.0354 4016 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
13:13:37.0355 4016 HidUsb - ok
13:13:37.0390 4016 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:13:37.0392 4016 HpSAMD - ok
13:13:37.0420 4016 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
13:13:37.0427 4016 HTTP - ok
13:13:37.0448 4016 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
13:13:37.0450 4016 hwpolicy - ok
13:13:37.0469 4016 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
13:13:37.0471 4016 i8042prt - ok
13:13:37.0500 4016 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
13:13:37.0505 4016 iaStorV - ok
13:13:37.0527 4016 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:13:37.0529 4016 iirsp - ok
13:13:37.0549 4016 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
13:13:37.0550 4016 intelide - ok
13:13:37.0571 4016 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:13:37.0572 4016 intelppm - ok
13:13:37.0593 4016 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:37.0595 4016 IpFilterDriver - ok
13:13:37.0621 4016 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:13:37.0622 4016 IPMIDRV - ok
13:13:37.0633 4016 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:13:37.0635 4016 IPNAT - ok
13:13:37.0672 4016 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:13:37.0685 4016 IRENUM - ok
13:13:37.0720 4016 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
13:13:37.0721 4016 isapnp - ok
13:13:37.0748 4016 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
13:13:37.0765 4016 iScsiPrt - ok
13:13:37.0802 4016 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:13:37.0804 4016 kbdclass - ok
13:13:37.0818 4016 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
13:13:37.0821 4016 kbdhid - ok
13:13:37.0860 4016 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
13:13:37.0862 4016 KSecDD - ok
13:13:37.0888 4016 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
13:13:37.0891 4016 KSecPkg - ok
13:13:37.0932 4016 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:13:37.0934 4016 lltdio - ok
13:13:37.0955 4016 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:13:37.0957 4016 LSI_FC - ok
13:13:37.0984 4016 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:13:37.0986 4016 LSI_SAS - ok
13:13:37.0995 4016 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:13:37.0997 4016 LSI_SAS2 - ok
13:13:38.0008 4016 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:13:38.0010 4016 LSI_SCSI - ok
13:13:38.0031 4016 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:13:38.0032 4016 luafv - ok
13:13:38.0078 4016 Maplom (05c4a825c75ff705fe8e987a2f1cc11c) C:\Windows\system32\drivers\Maplom.sys
13:13:38.0079 4016 Maplom - ok
13:13:38.0124 4016 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:13:38.0126 4016 megasas - ok
13:13:38.0137 4016 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:13:38.0141 4016 MegaSR - ok
13:13:38.0165 4016 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:13:38.0167 4016 Modem - ok
13:13:38.0184 4016 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:13:38.0185 4016 monitor - ok
13:13:38.0194 4016 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:13:38.0196 4016 mouclass - ok
13:13:38.0206 4016 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:13:38.0208 4016 mouhid - ok
13:13:38.0226 4016 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
13:13:38.0227 4016 mountmgr - ok
13:13:38.0251 4016 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
13:13:38.0253 4016 mpio - ok
13:13:38.0268 4016 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:13:38.0269 4016 mpsdrv - ok
13:13:38.0283 4016 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
13:13:38.0285 4016 MRxDAV - ok
13:13:38.0327 4016 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:13:38.0343 4016 mrxsmb - ok
13:13:38.0379 4016 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:13:38.0384 4016 mrxsmb10 - ok
13:13:38.0420 4016 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:13:38.0423 4016 mrxsmb20 - ok
13:13:38.0449 4016 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
13:13:38.0450 4016 msahci - ok
13:13:38.0472 4016 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
13:13:38.0474 4016 msdsm - ok
13:13:38.0489 4016 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:13:38.0490 4016 Msfs - ok
13:13:38.0507 4016 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:13:38.0508 4016 mshidkmdf - ok
13:13:38.0531 4016 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
13:13:38.0531 4016 msisadrv - ok
13:13:38.0555 4016 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:13:38.0557 4016 MSKSSRV - ok
13:13:38.0570 4016 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:13:38.0571 4016 MSPCLOCK - ok
13:13:38.0587 4016 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:13:38.0589 4016 MSPQM - ok
13:13:38.0612 4016 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:13:38.0614 4016 MsRPC - ok
13:13:38.0632 4016 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
13:13:38.0632 4016 mssmbios - ok
13:13:38.0646 4016 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:13:38.0647 4016 MSTEE - ok
13:13:38.0681 4016 msvad_simple (00c7b2306f1ca5389a1ac6d1df9c2e25) C:\Windows\system32\drivers\povrtdev.sys
13:13:38.0698 4016 msvad_simple - ok
13:13:38.0721 4016 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:13:38.0722 4016 MTConfig - ok
13:13:38.0746 4016 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:13:38.0747 4016 Mup - ok
13:13:38.0766 4016 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:13:38.0769 4016 NativeWifiP - ok
13:13:38.0797 4016 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
13:13:38.0804 4016 NDIS - ok
13:13:38.0821 4016 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:13:38.0823 4016 NdisCap - ok
13:13:38.0842 4016 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:13:38.0843 4016 NdisTapi - ok
13:13:38.0866 4016 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
13:13:38.0867 4016 Ndisuio - ok
13:13:38.0884 4016 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
13:13:38.0886 4016 NdisWan - ok
13:13:38.0899 4016 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
13:13:38.0900 4016 NDProxy - ok
13:13:38.0938 4016 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:13:38.0940 4016 NetBIOS - ok
13:13:38.0973 4016 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
13:13:38.0989 4016 NetBT - ok
13:13:39.0053 4016 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:13:39.0055 4016 nfrd960 - ok
13:13:39.0078 4016 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:13:39.0080 4016 Npfs - ok
13:13:39.0094 4016 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:13:39.0096 4016 nsiproxy - ok
13:13:39.0141 4016 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
13:13:39.0155 4016 Ntfs - ok
13:13:39.0173 4016 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:13:39.0174 4016 Null - ok
13:13:39.0214 4016 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
13:13:39.0220 4016 NVENETFD - ok
13:13:39.0746 4016 nvlddmkm (6ef47521dce982602a25afb41dd13d4f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:13:39.0910 4016 nvlddmkm - ok
13:13:39.0937 4016 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
13:13:39.0939 4016 nvraid - ok
13:13:39.0959 4016 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
13:13:39.0961 4016 nvstor - ok
13:13:39.0977 4016 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
13:13:39.0979 4016 nv_agp - ok
13:13:39.0988 4016 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
13:13:39.0990 4016 ohci1394 - ok
13:13:40.0024 4016 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:13:40.0026 4016 Parport - ok
13:13:40.0043 4016 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
13:13:40.0044 4016 partmgr - ok
13:13:40.0064 4016 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:13:40.0065 4016 Parvdm - ok
13:13:40.0090 4016 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
13:13:40.0092 4016 pci - ok
13:13:40.0106 4016 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
13:13:40.0107 4016 pciide - ok
13:13:40.0126 4016 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:13:40.0129 4016 pcmcia - ok
13:13:40.0150 4016 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:13:40.0151 4016 pcw - ok
13:13:40.0177 4016 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:13:40.0184 4016 PEAUTH - ok
13:13:40.0234 4016 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:13:40.0246 4016 PptpMiniport - ok
13:13:40.0264 4016 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:13:40.0266 4016 Processor - ok
13:13:40.0289 4016 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:13:40.0290 4016 Psched - ok
13:13:40.0334 4016 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:13:40.0349 4016 ql2300 - ok
13:13:40.0370 4016 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:13:40.0372 4016 ql40xx - ok
13:13:40.0395 4016 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:13:40.0397 4016 QWAVEdrv - ok
13:13:40.0420 4016 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:13:40.0421 4016 RasAcd - ok
13:13:40.0438 4016 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:13:40.0440 4016 RasAgileVpn - ok
13:13:40.0457 4016 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:40.0458 4016 Rasl2tp - ok
13:13:40.0487 4016 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:40.0488 4016 RasPppoe - ok
13:13:40.0511 4016 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:13:40.0513 4016 RasSstp - ok
13:13:40.0552 4016 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
13:13:40.0556 4016 rdbss - ok
13:13:40.0569 4016 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:13:40.0571 4016 rdpbus - ok
13:13:40.0585 4016 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:40.0586 4016 RDPCDD - ok
13:13:40.0599 4016 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
13:13:40.0602 4016 RDPDR - ok
13:13:40.0615 4016 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:13:40.0616 4016 RDPENCDD - ok
13:13:40.0628 4016 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:13:40.0629 4016 RDPREFMP - ok
13:13:40.0653 4016 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
13:13:40.0656 4016 RDPWD - ok
13:13:40.0678 4016 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
13:13:40.0680 4016 rdyboost - ok
13:13:40.0710 4016 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:13:40.0712 4016 rspndr - ok
13:13:40.0756 4016 RTL8187B (ca5a4fbfe341f13733955b8aac98f0b5) C:\Windows\system32\DRIVERS\RTL8187B.sys
13:13:40.0761 4016 RTL8187B - ok
13:13:40.0787 4016 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
13:13:40.0788 4016 s3cap - ok
13:13:40.0823 4016 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
13:13:40.0824 4016 sbp2port - ok
13:13:40.0837 4016 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
13:13:40.0838 4016 scfilter - ok
13:13:40.0874 4016 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:13:40.0875 4016 secdrv - ok
13:13:40.0910 4016 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:13:40.0911 4016 Serenum - ok
13:13:40.0921 4016 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:13:40.0923 4016 Serial - ok
13:13:40.0942 4016 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:13:40.0944 4016 sermouse - ok
13:13:40.0972 4016 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
13:13:40.0973 4016 sffdisk - ok
13:13:40.0983 4016 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:13:40.0984 4016 sffp_mmc - ok
13:13:40.0994 4016 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:13:40.0995 4016 sffp_sd - ok
13:13:41.0006 4016 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:13:41.0007 4016 sfloppy - ok
13:13:41.0071 4016 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:13:41.0082 4016 Sftfs - ok
13:13:41.0129 4016 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:13:41.0134 4016 Sftplay - ok
13:13:41.0153 4016 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:13:41.0154 4016 Sftredir - ok
13:13:41.0165 4016 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:13:41.0167 4016 Sftvol - ok
13:13:41.0197 4016 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
13:13:41.0206 4016 sisagp - ok
13:13:41.0230 4016 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:13:41.0233 4016 SiSRaid2 - ok
13:13:41.0258 4016 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:13:41.0260 4016 SiSRaid4 - ok
13:13:41.0272 4016 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:13:41.0274 4016 Smb - ok
13:13:41.0302 4016 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:13:41.0303 4016 spldr - ok
13:13:41.0376 4016 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
13:13:41.0376 4016 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
13:13:41.0379 4016 sptd ( LockedFile.Multi.Generic ) - warning
13:13:41.0379 4016 sptd - detected LockedFile.Multi.Generic (1)
13:13:41.0423 4016 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
13:13:41.0427 4016 srv - ok
13:13:41.0474 4016 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
13:13:41.0478 4016 srv2 - ok
13:13:41.0521 4016 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
13:13:41.0524 4016 srvnet - ok
13:13:41.0592 4016 stdriver (5c031c715e14f10dfc9395004f54ee21) C:\Windows\system32\DRIVERS\stdriver32.sys
13:13:41.0594 4016 stdriver - ok
13:13:41.0616 4016 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:13:41.0620 4016 stexstor - ok
13:13:41.0652 4016 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
13:13:41.0653 4016 storflt - ok
13:13:41.0662 4016 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
13:13:41.0664 4016 storvsc - ok
13:13:41.0675 4016 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
13:13:41.0676 4016 swenum - ok
13:13:41.0753 4016 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
13:13:41.0767 4016 Tcpip - ok
13:13:41.0792 4016 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
13:13:41.0800 4016 TCPIP6 - ok
13:13:41.0821 4016 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
13:13:41.0822 4016 tcpipreg - ok
13:13:41.0835 4016 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
13:13:41.0836 4016 TDPIPE - ok
13:13:41.0855 4016 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
13:13:41.0856 4016 TDTCP - ok
13:13:41.0889 4016 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
13:13:41.0891 4016 tdx - ok
13:13:41.0904 4016 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
13:13:41.0905 4016 TermDD - ok
13:13:41.0933 4016 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:13:41.0935 4016 tssecsrv - ok
13:13:41.0963 4016 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
13:13:41.0965 4016 tunnel - ok
13:13:41.0982 4016 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:13:41.0984 4016 uagp35 - ok
13:13:42.0008 4016 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
13:13:42.0011 4016 udfs - ok
13:13:42.0039 4016 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:13:42.0041 4016 uliagpkx - ok
13:13:42.0065 4016 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
13:13:42.0066 4016 umbus - ok
13:13:42.0081 4016 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:13:42.0082 4016 UmPass - ok
13:13:42.0125 4016 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
13:13:42.0126 4016 USBAAPL - ok
13:13:42.0165 4016 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
13:13:42.0166 4016 usbaudio - ok
13:13:42.0210 4016 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
13:13:42.0213 4016 usbccgp - ok
13:13:42.0228 4016 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
13:13:42.0232 4016 usbcir - ok
13:13:42.0249 4016 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
13:13:42.0251 4016 usbehci - ok
13:13:42.0278 4016 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
13:13:42.0285 4016 usbhub - ok
13:13:42.0299 4016 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
13:13:42.0300 4016 usbohci - ok
13:13:42.0325 4016 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:13:42.0326 4016 usbprint - ok
13:13:42.0355 4016 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
13:13:42.0357 4016 usbscan - ok
13:13:42.0374 4016 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:13:42.0376 4016 USBSTOR - ok
13:13:42.0397 4016 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
13:13:42.0399 4016 usbuhci - ok
13:13:42.0427 4016 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:13:42.0429 4016 vdrvroot - ok
13:13:42.0452 4016 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:13:42.0454 4016 vga - ok
13:13:42.0465 4016 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:13:42.0467 4016 VgaSave - ok
13:13:42.0481 4016 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
13:13:42.0484 4016 vhdmp - ok
13:13:42.0499 4016 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
13:13:42.0501 4016 viaagp - ok
13:13:42.0518 4016 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:13:42.0520 4016 ViaC7 - ok
13:13:42.0531 4016 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
13:13:42.0532 4016 viaide - ok
13:13:42.0563 4016 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
13:13:42.0567 4016 vmbus - ok
13:13:42.0578 4016 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
13:13:42.0579 4016 VMBusHID - ok
13:13:42.0599 4016 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
13:13:42.0600 4016 volmgr - ok
13:13:42.0624 4016 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:13:42.0628 4016 volmgrx - ok
13:13:42.0650 4016 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
13:13:42.0652 4016 volsnap - ok
13:13:42.0686 4016 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:13:42.0689 4016 vsmraid - ok
13:13:42.0701 4016 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
13:13:42.0703 4016 vwifibus - ok
13:13:42.0723 4016 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:13:42.0725 4016 WacomPen - ok
13:13:42.0743 4016 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
13:13:42.0745 4016 WANARP - ok
13:13:42.0749 4016 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
13:13:42.0750 4016 Wanarpv6 - ok
13:13:42.0775 4016 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:13:42.0777 4016 Wd - ok
13:13:42.0800 4016 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:13:42.0805 4016 Wdf01000 - ok
13:13:42.0838 4016 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:13:42.0839 4016 WfpLwf - ok
13:13:42.0859 4016 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:13:42.0860 4016 WIMMount - ok
13:13:42.0924 4016 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
13:13:42.0927 4016 WinUsb - ok
13:13:42.0961 4016 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:13:42.0963 4016 WmiAcpi - ok
13:13:43.0040 4016 WRfiltv (abc8bbea8f643e200508c3a2a8e475a9) C:\Windows\system32\drivers\WRfiltv.sys
13:13:43.0042 4016 WRfiltv - ok
13:13:43.0053 4016 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:13:43.0054 4016 ws2ifsl - ok
13:13:43.0087 4016 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
13:13:43.0089 4016 WudfPf - ok
13:13:43.0114 4016 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:13:43.0116 4016 WUDFRd - ok
13:13:43.0144 4016 XBCD - ok
13:13:43.0187 4016 xnacc (ce0c846127d6abb1e2a22e59682b2527) C:\Windows\system32\DRIVERS\xnacc.sys
13:13:43.0193 4016 xnacc - ok
13:13:43.0243 4016 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys
13:13:43.0245 4016 xusb21 - ok
13:13:43.0269 4016 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:13:43.0274 4016 \Device\Harddisk0\DR0 - ok
13:13:43.0278 4016 Boot (0x1200) (8e15cb12d869e8c5a4df0c6a6a0e6847) \Device\Harddisk0\DR0\Partition0
13:13:43.0279 4016 \Device\Harddisk0\DR0\Partition0 - ok
13:13:43.0280 4016 ============================================================
13:13:43.0281 4016 Scan finished
13:13:43.0281 4016 ============================================================
13:13:43.0293 1616 Detected object count: 1
13:13:43.0293 1616 Actual detected object count: 1
13:13:58.0664 1616 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
13:13:58.0683 1616 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
13:13:58.0702 1616 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
13:13:58.0702 1616 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
 
Not sure if I should've deleted those, I reacted to quickly instead of asking.... Dumb.

One seems to have effected burning software (Daemontools) SPTD 1.60 I believe, but I'm sure it's just a quick component fix.
 
Combfix ran successfully, went through all stages starting from 1, as where before it would start at 49. Lots of the virus that I recognize by name (AVG 2011) was cleared. Here's the log.

ComboFix 11-12-03.01 - gamers 12/03/2011 13:20:33.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3072.1995 [GMT -5:00]
Running from: c:\users\gamers\Desktop\Yourname.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AMMYY
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\settings.bin
c:\users\gamers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Protection 2011
c:\users\gamers\Documents\~WRL0003.tmp
c:\users\gamers\Documents\~WRL1992.tmp
c:\users\gamers\Documents\~WRL3552.tmp
.
---- Previous Run -------
.
c:\users\gamers\AppData\Local\Temp\nsmF642.tmp\SWREG.DAT
c:\users\gamers\AppData\Local\Temp\nsmF642.tmp\System.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-03 to 2011-12-03 )))))))))))))))))))))))))))))))
.
.
2011-12-03 18:28 . 2011-12-03 18:28 -------- d-----w- c:\users\gamers\AppData\Local\temp
2011-12-03 18:18 . 2011-12-03 18:18 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{154C79A3-A819-45FF-99F1-DE9028666280}\offreg.dll
2011-12-03 18:16 . 2011-12-03 18:16 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-12-03 18:16 . 2011-12-03 18:16 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-12-03 18:16 . 2011-12-03 18:16 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-12-03 00:53 . 2011-12-03 18:11 -------- d-----w- C:\FRST
2011-12-02 01:38 . 2009-07-13 23:12 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-24 19:53 . 2011-10-18 06:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{154C79A3-A819-45FF-99F1-DE9028666280}\mpengine.dll
2011-11-23 18:22 . 2011-11-23 18:22 -------- d-----w- c:\windows\system32\wbem\Logs
2011-11-23 17:11 . 2011-11-23 17:11 -------- d-----w- c:\program files\somototoolbar
2011-11-23 17:10 . 2011-11-23 17:10 -------- d-----w- c:\program files\Temp File Cleaner
2011-11-23 12:29 . 2011-11-23 12:36 -------- d-----w- c:\users\gamers\AppData\Roaming\AVG
2011-11-23 11:45 . 2011-11-23 11:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-23 11:42 . 2011-11-23 11:42 -------- d-----w- c:\users\gamers\AppData\Roaming\QuickScan
2011-11-23 11:39 . 2011-11-23 11:39 -------- d-----w- c:\programdata\boost_interprocess
2011-11-23 11:02 . 2011-11-23 11:02 388096 ----a-r- c:\users\gamers\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-23 11:02 . 2011-11-23 11:02 -------- d-----w- c:\program files\Trend Micro
2011-11-21 22:57 . 2011-11-21 22:57 -------- d-----w- c:\users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 22:56 . 2011-11-21 22:56 -------- d-----w- c:\programdata\Malwarebytes
2011-11-21 22:56 . 2011-11-21 22:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-20 14:17 . 2011-11-20 14:17 -------- d-----w- C:\$AVG
2011-11-20 13:40 . 2011-11-24 19:27 -------- d-----w- c:\programdata\AVG2012
2011-11-20 13:37 . 2011-11-24 19:25 -------- d-----w- c:\programdata\MFAData
2011-11-20 13:18 . 2011-11-20 13:21 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-11-19 11:16 . 2011-11-19 11:16 -------- d--h--w- c:\programdata\Common Files
2011-11-19 11:13 . 2011-11-24 19:27 -------- d-----w- c:\program files\AVG
2011-11-19 10:33 . 2011-11-19 14:18 -------- d-----w- c:\programdata\AVAST Software
2011-11-19 10:33 . 2011-11-19 10:33 -------- d-----w- c:\program files\AVAST Software
2011-11-19 09:17 . 2011-11-19 09:17 -------- d-----w- c:\users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
2011-11-19 08:59 . 2011-11-19 08:59 -------- d-----w- c:\users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
2011-11-19 08:10 . 2011-11-19 09:30 -------- d-----w- c:\users\gamers\AppData\Roaming\B424F
2011-11-19 08:10 . 2011-11-19 08:10 -------- d-----w- c:\users\gamers\AppData\Roaming\FiiibFF3pnGa
2011-11-19 08:10 . 2011-11-19 08:10 -------- d-----w- c:\users\gamers\AppData\Roaming\wcccS11ivD
2011-11-19 08:10 . 2011-11-19 08:10 -------- d-----w- c:\users\gamers\AppData\Roaming\kttxxP0uuS1
2011-11-16 18:20 . 2011-11-19 09:28 -------- d-----w- c:\users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-16 18:20 . 2011-11-23 21:36 -------- d-----w- c:\program files\Nexus Mod Manager
2011-11-15 22:24 . 2011-11-15 22:24 -------- d-----w- c:\programdata\NCH Software
2011-11-10 21:16 . 2011-11-10 21:16 -------- d--h--w- c:\users\gamers\AppData\Local\Skyrim
2011-11-10 20:50 . 2011-11-29 06:40 -------- d-----w- c:\program files\The Elder Scrolls V Skyrim
2011-11-10 20:45 . 2011-11-19 09:31 -------- d-----w- C:\Elder Scrolls
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-28 16:21 . 2011-08-12 15:27 1187840 ----a-w- c:\program files\Hook.dll
2008-09-06 21:00 . 2011-08-12 15:27 224256 ----a-w- c:\program files\launcher_gui.exe
2008-01-29 14:29 . 2011-08-12 15:27 385536 ----a-w- c:\program files\launcher.exe
2011-11-05 06:53 . 2011-11-09 17:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-03-14 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-10 39408]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Steam"="c:\program files\Steam\steam.exe" [2011-08-12 1242448]
"EADM"="c:\program files\Electronic Arts\EADM\EADMUI.exe" [2011-03-19 11857920]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PlayOn"="c:\program files\MediaMall\PlayOn.exe" [2011-05-30 53248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" [2010-02-12 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2011-03-30 1298436]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\users\gamers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-12-28 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 135664]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-03-29 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-29 79360]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 135664]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-01 1343400]
S0 amacpi;Microsoft Away Mode System;c:\windows\system32\DRIVERS\null.sys [2009-07-13 4608]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 MediaMall Server;MediaMall Server;c:\program files\MediaMall\MediaMallServer.exe [2011-05-30 4208496]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [2011-03-30 49240]
S3 WRfiltv;WRfiltv;c:\windows\system32\drivers\WRfiltv.sys [2009-07-31 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 06191137
*Deregistered* - 06191137
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 15:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 02:20]
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 02:20]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\gamers\AppData\Roaming\Mozilla\Firefox\Profiles\jxpiwbqm.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z133&form=ZGAADF&install_date=20111123&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)
Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
SafeBoot-06191137.sys
AddRemove-DealBulldog Toolbar - c:\program files\DealBulldog Toolbar\UninstallToolbar.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(548)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
Completion time: 2011-12-03 13:32:41
ComboFix-quarantined-files.txt 2011-12-03 18:32
.
Pre-Run: 96,885,346,304 bytes free
Post-Run: 96,746,856,448 bytes free
.
- - End Of File - - A7423DCFEBED82B3E3E4328AD7C38950
 
Very well done :)....and good news :)

Uninstall Eusing Free Registry Cleaner.
Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


==============================================================

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
FCopy::
c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll | c:\windows\System32\user32.dll

Folder::
c:\users\gamers\AppData\Roaming\kttxxP0uuS1
c:\users\gamers\AppData\Roaming\wcccS11ivD
c:\users\gamers\AppData\Roaming\FiiibFF3pnGa
c:\users\gamers\AppData\Roaming\B424F
c:\users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
c:\users\gamers\AppData\Roaming\jFF44pmG5sQJdE8


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
ComboFix 11-12-03.01 - gamers 12/03/2011 17:03:44.5.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3072.1782 [GMT -5:00]
Running from: c:\users\gamers\Desktop\Yourname.exe
Command switches used :: c:\users\gamers\Documents\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\gamers\AppData\Roaming\B424F
c:\users\gamers\AppData\Roaming\B424F\FBEC.424
c:\users\gamers\AppData\Roaming\FiiibFF3pnGa
c:\users\gamers\AppData\Roaming\jFF44pmG5sQJdE8
c:\users\gamers\AppData\Roaming\kttxxP0uuS1
c:\users\gamers\AppData\Roaming\tppmmG55aJ6KfLh
c:\users\gamers\AppData\Roaming\wcccS11ivD
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll --> c:\windows\System32\user32.dll
.
((((((((((((((((((((((((( Files Created from 2011-11-03 to 2011-12-03 )))))))))))))))))))))))))))))))
.
.
2011-12-03 22:10 . 2011-12-03 22:10 -------- d-----w- c:\users\gamers\AppData\Local\temp
2011-12-03 22:10 . 2011-12-03 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-03 22:10 . 2011-12-03 22:10 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-12-03 18:18 . 2011-12-03 18:18 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{154C79A3-A819-45FF-99F1-DE9028666280}\offreg.dll
2011-12-03 18:16 . 2011-12-03 18:16 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-12-03 18:16 . 2011-12-03 18:16 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-12-03 18:16 . 2011-12-03 18:16 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-12-03 00:53 . 2011-12-03 18:11 -------- d-----w- C:\FRST
2011-12-02 01:38 . 2009-07-13 23:12 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-24 19:53 . 2011-10-18 06:28 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{154C79A3-A819-45FF-99F1-DE9028666280}\mpengine.dll
2011-11-23 18:22 . 2011-11-23 18:22 -------- d-----w- c:\windows\system32\wbem\Logs
2011-11-23 17:11 . 2011-11-23 17:11 -------- d-----w- c:\program files\somototoolbar
2011-11-23 17:10 . 2011-11-23 17:10 -------- d-----w- c:\program files\Temp File Cleaner
2011-11-23 12:29 . 2011-11-23 12:36 -------- d-----w- c:\users\gamers\AppData\Roaming\AVG
2011-11-23 11:45 . 2011-11-23 11:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-23 11:42 . 2011-11-23 11:42 -------- d-----w- c:\users\gamers\AppData\Roaming\QuickScan
2011-11-23 11:39 . 2011-11-23 11:39 -------- d-----w- c:\programdata\boost_interprocess
2011-11-23 11:02 . 2011-11-23 11:02 388096 ----a-r- c:\users\gamers\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-23 11:02 . 2011-11-23 11:02 -------- d-----w- c:\program files\Trend Micro
2011-11-21 22:57 . 2011-11-21 22:57 -------- d-----w- c:\users\gamers\AppData\Roaming\Malwarebytes
2011-11-21 22:56 . 2011-11-21 22:56 -------- d-----w- c:\programdata\Malwarebytes
2011-11-21 22:56 . 2011-11-21 22:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-20 14:17 . 2011-11-20 14:17 -------- d-----w- C:\$AVG
2011-11-20 13:40 . 2011-11-24 19:27 -------- d-----w- c:\programdata\AVG2012
2011-11-20 13:37 . 2011-11-24 19:25 -------- d-----w- c:\programdata\MFAData
2011-11-20 13:18 . 2011-11-20 13:21 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-11-19 11:16 . 2011-11-19 11:16 -------- d--h--w- c:\programdata\Common Files
2011-11-19 11:13 . 2011-11-24 19:27 -------- d-----w- c:\program files\AVG
2011-11-19 10:33 . 2011-11-19 14:18 -------- d-----w- c:\programdata\AVAST Software
2011-11-19 10:33 . 2011-11-19 10:33 -------- d-----w- c:\program files\AVAST Software
2011-11-16 18:20 . 2011-11-19 09:28 -------- d-----w- c:\users\gamers\AppData\Local\Black_Tree_Gaming
2011-11-16 18:20 . 2011-11-23 21:36 -------- d-----w- c:\program files\Nexus Mod Manager
2011-11-15 22:24 . 2011-11-15 22:24 -------- d-----w- c:\programdata\NCH Software
2011-11-10 21:16 . 2011-11-10 21:16 -------- d--h--w- c:\users\gamers\AppData\Local\Skyrim
2011-11-10 20:50 . 2011-11-29 06:40 -------- d-----w- c:\program files\The Elder Scrolls V Skyrim
2011-11-10 20:45 . 2011-11-19 09:31 -------- d-----w- C:\Elder Scrolls
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-28 16:21 . 2011-08-12 15:27 1187840 ----a-w- c:\program files\Hook.dll
2008-09-06 21:00 . 2011-08-12 15:27 224256 ----a-w- c:\program files\launcher_gui.exe
2008-01-29 14:29 . 2011-08-12 15:27 385536 ----a-w- c:\program files\launcher.exe
2011-11-05 06:53 . 2011-11-09 17:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-10 39408]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Steam"="c:\program files\Steam\steam.exe" [2011-08-12 1242448]
"EADM"="c:\program files\Electronic Arts\EADM\EADMUI.exe" [2011-03-19 11857920]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PlayOn"="c:\program files\MediaMall\PlayOn.exe" [2011-05-30 53248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe" [2010-02-12 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2011-03-30 1298436]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\users\gamers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-12-28 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 135664]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-03-29 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-29 79360]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 135664]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-01 1343400]
S0 amacpi;Microsoft Away Mode System;c:\windows\system32\DRIVERS\null.sys [2009-07-13 4608]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 MediaMall Server;MediaMall Server;c:\program files\MediaMall\MediaMallServer.exe [2011-05-30 4208496]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [2011-03-30 49240]
S3 WRfiltv;WRfiltv;c:\windows\system32\drivers\WRfiltv.sys [2009-07-31 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 06191137
*Deregistered* - 06191137
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 15:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 02:20]
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-10 02:20]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\gamers\AppData\Roaming\Mozilla\Firefox\Profiles\jxpiwbqm.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z133&form=ZGAADF&install_date=20111123&q=
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(548)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
Completion time: 2011-12-03 17:14:19
ComboFix-quarantined-files.txt 2011-12-03 22:14
ComboFix2.txt 2011-12-03 18:32
.
Pre-Run: 96,810,344,448 bytes free
Post-Run: 96,756,523,008 bytes free
.
- - End Of File - - 286128597FA5717CC64FE074FDFD3302
 
I uninstalled the registry cleaner AFTER running CF using the new script you gave me, that was a separate process, correct?

I only installed the registry cleaner due to the virus. I was taking extreme measures for the greater good, but that was before I put my head on straight and started seeking out help. Definitely good information to know.
 
Combofix log looks good.

Any current issues?

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
I can't take the next step just yet. I seem to have connectivity issues ever since the last time I ran Combofix. It's basically telling me windows cannot automatically detect the proxy settings on the connection. I believe it may have deleted my nForce drivers, although I'm completely unsure, I've never had this issue before. I'm posting from my laptop at the moment, it has no issues on the exact same connection. I've been trying to download drivers however I'm having troub le identifying which nForce controller I have.
 
I'm sure a restore would fix it, but it may restore some of the virus if that's possible. I'll await a response before I bother, I'm once again out of my league.
 
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Check "Include All Files" option.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
 
I managed to update my drivers to the most current editions after finding a program that could read nForce controller versions. This didn't resolve the issue.

I used a disk that is in flashdrive mode to copy Farbar Service Scanner over to the troubled PC, however I recieved an error. It reads:

Line 2342 (File "C:\Users\gamers\Desktop\FSS.exe"):

Error: Error in expression.
 
I'll re-download it and transfer it over again.

I got it after hitting the "Scan" button. The program opens without a problem.
 
Different disk this time, closed the session to ensure that transferring from the open disk wasn't effecting things. Same error.

It also happens if I run the program directly from the disk, the error just changes to the D:\ drive.
 
Very strange...

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
Click Go and post the result.
 
Ran successfully, here's the log:


MiniToolBox by Farbar
Ran by gamers (administrator) on 04-12-2011 at 00:20:52
Windows 7 Ultimate (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Connecting)
NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection 2 (Connecting)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ElNegroBrutal
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-15-58-3A-15-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::560:d16c:b62d:bde4%20(Deprecated)
Autoconfiguration IPv4 Address. . : 169.254.189.228(Deprecated)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet #2
Physical Address. . . . . . . . . : 00-15-58-3A-15-C1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::491:270e:7478:f87a%11(Deprecated)
Autoconfiguration IPv4 Address. . : 169.254.248.122(Tentative)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7B1F357B-AF16-444B-B5D6-BAC1D11A381D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 75.75.75.75

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 75.75.75.75

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 75.75.75.75

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 15 58 3a 15 c2 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
11...00 15 58 3a 15 c1 ......NVIDIA nForce 10/100/1000 Mbps Ethernet #2
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Catalog9 46 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/03/2011 11:46:07 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.

Error: (12/03/2011 11:34:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/03/2011 11:34:33 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/03/2011 11:34:27 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (12/03/2011 11:31:36 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d60268a9-08b8-4212-8134-ffb0cb35a523}

Error: (12/03/2011 10:50:31 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.

Error: (12/03/2011 10:39:15 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (12/03/2011 10:39:01 PM) (Source: CVHSVC) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/03/2011 10:38:54 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (12/03/2011 10:20:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.


System errors:
=============
Error: (12/04/2011 00:21:04 AM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (12/04/2011 00:21:04 AM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (12/04/2011 00:04:28 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10050

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10050

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1068

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1068

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The Server SMB 1.xxx Driver service depends on the Server SMB 2.xxx Driver service which failed to start because of the following error:
%%1068

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The Workstation service depends on the SMB 2.0 MiniRedirector service which failed to start because of the following error:
%%1068

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The Server SMB 2.xxx Driver service depends on the srvnet service which failed to start because of the following error:
%%22

Error: (12/04/2011 00:04:26 AM) (Source: Service Control Manager) (User: )
Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%22


Microsoft Office Sessions:
=========================
Error: (12/03/2011 11:46:07 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.

Error: (12/03/2011 11:34:36 PM) (Source: CVHSVC)(User: )
Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/03/2011 11:34:33 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (12/03/2011 11:34:27 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (12/03/2011 11:31:36 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d60268a9-08b8-4212-8134-ffb0cb35a523}

Error: (12/03/2011 10:50:31 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.

Error: (12/03/2011 10:39:15 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (12/03/2011 10:39:01 PM) (Source: CVHSVC)(User: )
Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (12/03/2011 10:38:54 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (12/03/2011 10:20:36 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80080005 Type: 88::UnexpectedError.


**** End of log ****
 
This has been quite the mission for you and me both, I'd like to take another moment to thank you for your patience in helping me with this apparently unique problem. If there is such a thing as Saints among techies, you definitely qualify.
 
Back