TechSpot

Possible Virus,no longer have access to Internet

Solved
By JBEEZY
Jun 10, 2011
Topic Status:
Not open for further replies.
  1. Hi guys. I had previously posted in here but my inquiry was moved to another thread and after dealing with a couple of helpful guys who hadn't been able to fix my problem they suggested that maybe I should post in here again. basically this is what happened..I ran a boot time scan with Avast and it did its thing,it moved a couple of items to the virus chest and then once it had finished and my PC had restarted my connection was fine,but when I tried to log in to Firefox I could not connect to the internet?

    I have two computers,one laptop (which I am on right now) and a PC which are both using wireless. The laptop has inbuilt wireless but my PC uses a USB wireless adapter that I have since found out is okay as I was advised to disable it and try it in this laptop which was successful.
    Can someone help me out please as I am clueless to what to do.

    I'm pretty much stuck and no idea what happened or why. The little wireless icon in the corner says that I'm connected but it has a exclamation mark in a yellow triangle saying no internet/no network access.

    I had followed previous suggestions in the other forum (ipconfigs, IPv6 disable, winsockfix etc) to no success so I'm back here at square one. Would very much appreciate if someone could help me fix this problem.

    I am on Windows 7 Home Premium 32bit.
  2. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Did you try to hardwire your desktop to the router to see, if you can connect that way?
  3. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Tried that and no luck. Sorry,am I supposed to have posted some logs up or something? I had an issue a while ago and you helped fix it,was with Win 7 virus i think,and since then everything has been great. I had been doing the regular scans,checks and cleans with the programs you gave me. But yeah,like my first post says,that is the issue I have now.
  4. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Please download MiniToolBox and run it.

    Checkmark following boxes:
    • Report IE Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List last 10 Event Viewer log
    • List Users, Partitions and Memory size
    Click Go and post the result.
  5. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    MiniToolBox by Farbar
    Ran by RaeJae (administrator) on 12-06-2011 at 16:17:37
    Windows 7 Home Premium Service Pack 1 (X86)

    ***************************************************************************


    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    ========================= End of IE Proxy Settings ========================
    =============== Hosts content: ============================================

    127.0.0.1 localhost

    =============== End of Hosts ==============================================

    ================= IP Configuration: =======================================

    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : RaeJae-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : home

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . : home
    Description . . . . . . . . . . . : 802.11 USB Wireless LAN Card
    Physical Address. . . . . . . . . : 00-60-64-33-B6-BC
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Autoconfiguration IPv4 Address. . : 169.254.82.159(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.0.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : home
    Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
    Physical Address. . . . . . . . . : 00-24-21-AB-33-D3
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.home:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 192.168.1.1

    Ping request could not find host google.com. Please check the name and try again.
    Server: UnKnown
    Address: 192.168.1.1

    Ping request could not find host yahoo.com. Please check the name and try again.

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    11...00 60 64 33 b6 bc ......802.11 USB Wireless LAN Card
    10...00 24 21 ab 33 d3 ......Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
    1...........................Software Loopback Interface 1
    13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    169.254.0.0 255.255.0.0 On-link 169.254.82.159 281
    169.254.82.159 255.255.255.255 On-link 169.254.82.159 281
    169.254.255.255 255.255.255.255 On-link 169.254.82.159 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 169.254.82.159 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 169.254.82.159 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    1 306 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None

    ================= End of IP Configuration =================================

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (06/12/2011 03:11:06 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/12/2011 02:53:17 PM) (Source: SignInAssistant) (User: )
    Description: OpenServiceW failed with hr = 0x80070424

    Error: (06/12/2011 02:53:15 PM) (Source: SignInAssistant) (User: )
    Description: OpenServiceW failed with hr = 0x80070424

    Error: (06/12/2011 02:49:20 PM) (Source: Customer Experience Improvement Program) (User: )
    Description: 80004005

    Error: (06/12/2011 05:18:56 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/12/2011 05:09:15 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/12/2011 05:09:15 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/11/2011 11:48:17 AM) (Source: SignInAssistant) (User: )
    Description: OpenServiceW failed with hr = 0x80070424

    Error: (06/11/2011 11:02:45 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/10/2011 02:53:23 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (06/12/2011 04:17:26 PM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
    %%1075

    Error: (06/12/2011 04:17:26 PM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

    Error: (06/12/2011 04:17:22 PM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
    %%1075

    Error: (06/12/2011 04:17:22 PM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
    %%1075

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
    %%1075

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
    %%1075

    Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.


    Microsoft Office Sessions:
    =========================

    ========================= End of Event log errors =========================

    ========================= Memory info: ====================================

    Percentage of memory in use: 30%
    Total physical RAM: 2037.18 MB
    Available physical RAM: 1405.95 MB
    Total Pagefile: 4074.36 MB
    Available Pagefile: 2846.57 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1953.47 MB

    ======================= Partitions: =======================================

    1 Drive c: (COMPAQ) (Fixed) (Total:455.36 GB) (Free:148.22 GB) NTFS
    2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.4 GB) (Free:1.46 GB) NTFS
    4 Drive f: () (Removable) (Total:3.72 GB) (Free:3.27 GB) FAT32
    5 Drive g: (Elements) (Fixed) (Total:931.51 GB) (Free:118.25 GB) NTFS

    ================= Users: ==================================================

    User accounts for \\RAEJAE-PC

    -------------------------------------------------------------------------------
    Administrator Guest RaeJae
    The command completed successfully.

    ================= End of Users ============================================
  6. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Can you hardwire that computer to the router, using ethernet cable and see, if you can get connected?

    Do you have any errors in Device Manager, especially regarding network adapters?
  7. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    I tried that after your first suggestion and no luck. i also have taken the USB wireless adapter and tried it in my laptop and it worked and connected to the internet fine. But back in my PC it is a no go. In the device manager settings for the USB adapter it says that 'this device is working properly'.
  8. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
  9. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Malwarebytes Log Report

    Malwarebytes' Anti-Malware 1.51.0.1200
    www.malwarebytes.org

    Database version: 6705

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    13/06/2011 6:45:29 p.m.
    mbam-log-2011-06-13 (18-45-29).txt

    Scan type: Quick scan
    Objects scanned: 205765
    Time elapsed: 3 minute(s), 29 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  10. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    GMER Report

    GMER 1.0.15.15640 - http://www.gmer.net
    Rootkit quick scan 2011-06-13 20:04:17
    Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD502IJ rev.1AA01117
    Running: kelob5qu.exe; Driver: C:\Users\RaeJae\AppData\Local\Temp\kxdiqpow.sys


    ---- System - GMER 1.0.15 ----

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8FCAB902]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
  11. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    DDS Report

    .
    DDS (Ver_2011-06-12.02) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
    Run by RaeJae at 20:07:48 on 2011-06-13
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1191 [GMT 12:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k NetworkService
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Freecorder\FLVSrvc.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Windows\System32\M-AudioTaskBarIcon.exe
    C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\AnVir Task Manager Free\AnVir.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\YouSendIt\Express\YouSendIt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Logitech\Vid HD\Vid.exe
    C:\Program Files\Dexpot\dexpot.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\NetComm\Common\RaUI.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    C:\Program Files\Rainmeter\Rainmeter.exe
    C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
    c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
    c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Hewlett-Packard\KBD\kbd.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.co.nz/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
    mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
    BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
    BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - No File
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
    BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
    BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
    TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
    TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
    uRun: [AnVir Task Manager Free] "c:\program files\anvir task manager free\AnVir.exe" Minimized
    uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe view=DOCKVIEW
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
    uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
    uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
    uRun: [YouSendIt.exe] c:\program files\yousendit\express\YouSendIt.exe -ui none
    uRun: [Google Update] "c:\users\raejae\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
    uRun: [Dexpot] c:\program files\dexpot\dexpot.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
    mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
    mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
    mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\cyberlink dvd suite deluxe" updatewithcreateonce "software\cyberlink\PowerStarter"
    mRun: [KBD] c:\program files\hewlett-packard\kbd\KbdStub.EXE
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
    mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
    mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\users\raejae\desktop\all folders\jb\maintenance tools\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\ereg\eReg.exe
    StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
    StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdockfree\ObjectDock.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ncprot~1.lnk - c:\program files\sec\natural color pro\NCProTray.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netcom~1.lnk - c:\program files\netcomm\common\RaUI.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\dap\dapextie.htm
    IE: &Envoyer à OneNote - /105
    IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.8.05.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-nz.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{1677831E-E9E4-480D-9810-5348E2C31576} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{433D1A47-6772-4358-A366-46217D3E25A4} : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
    Notify: igfxcui - igfxdev.dll
    STS: ObjectDockShlExt Class: {1984d045-52cf-49cd-db77-08f378fea4db} - c:\program files\stardock\objectdockfree\ODMenu.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-21 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-21 307928]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-21 19544]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-21 53592]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-22 42184]
    R2 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-28 39272]
    R2 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
    R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\drivers\MAudioFastTrackPro.sys [2009-11-9 158600]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 GTLJ;GTLJ;c:\users\raejae\appdata\local\temp\gtlj.exe --> c:\users\raejae\appdata\local\temp\GTLJ.exe [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
    S3 HCH;HCH;c:\users\raejae\appdata\local\temp\hch.exe --> c:\users\raejae\appdata\local\temp\HCH.exe [?]
    S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2007-3-29 21984]
    S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2011-3-23 724992]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]
    S3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\drivers\MAudioOxygen.sys [2010-3-4 112136]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    S3 RE;RE;c:\users\raejae\appdata\local\temp\re.exe --> c:\users\raejae\appdata\local\temp\RE.exe [?]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-23 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-2 1343400]
    .
    =============== Created Last 30 ================
    .
    2011-06-12 02:52:41 -------- d-----w- c:\programdata\Evonsoft
    2011-06-12 02:52:36 -------- d-----w- c:\program files\Advanced System Restore
    2011-06-07 06:40:14 -------- d-----w- c:\users\raejae\DoctorWeb
    2011-06-06 12:13:16 54016 ----a-w- c:\windows\system32\drivers\tpmi.sys
    2011-06-06 09:55:13 -------- d-----w- c:\users\raejae\appdata\roaming\IK Multimedia
    2011-06-06 08:50:09 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
    2011-06-06 08:50:08 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
    2011-06-06 08:50:08 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
    2011-06-06 08:50:07 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
    2011-06-06 08:50:07 6944944 ----a-w- c:\windows\system32\mkl_core.dll
    2011-06-06 08:50:07 530608 ----a-w- c:\windows\system32\libiomp5md.dll
    2011-06-06 08:50:07 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
    2011-06-06 08:50:05 499712 ----a-w- c:\windows\msvcp71.dll
    2011-06-06 08:50:05 348160 ----a-w- c:\windows\msvcr71.dll
    2011-06-05 11:40:19 -------- d-----w- c:\program files\Waves
    2011-06-01 06:02:45 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
    2011-06-01 03:38:48 -------- d-----w- c:\program files\PSPaudioware
    2011-05-31 20:57:50 -------- d-----w- c:\program files\iPod
    2011-05-31 20:57:49 -------- d-----w- c:\program files\iTunes
    2011-05-31 20:54:33 -------- d-----w- c:\program files\Bonjour
    2011-05-28 13:28:14 -------- d-----w- c:\users\raejae\appdata\roaming\Image-Line
    2011-05-27 05:37:15 -------- d-----w- c:\users\raejae\appdata\local\ODUI
    2011-05-27 05:37:06 -------- d-----w- c:\users\raejae\appdata\local\Stardock
    2011-05-27 05:36:13 -------- d-----w- c:\users\raejae\appdata\roaming\Stardock
    2011-05-27 05:36:07 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
    2011-05-27 05:35:57 -------- d-----w- c:\program files\Stardock
    2011-05-27 05:34:11 -------- d-----w- c:\users\raejae\appdata\local\PackageAware
    2011-05-27 02:16:29 -------- d-----w- c:\users\raejae\appdata\roaming\Rainmeter
    2011-05-27 02:16:23 -------- d-----w- c:\program files\Rainmeter
    2011-05-26 12:18:50 -------- d-----w- c:\users\raejae\appdata\roaming\OpenCandy
    2011-05-26 12:18:46 -------- d-----w- c:\program files\Dexpot
    2011-05-24 15:13:47 -------- d-----w- c:\users\raejae\appdata\local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
    2011-05-24 02:33:33 -------- d-----w- c:\programdata\DShield
    2011-05-24 02:33:32 -------- d-----w- c:\programdata\DVDRanger
    2011-05-24 02:33:32 -------- d-----w- C:\DVDRanger
    2011-05-24 02:33:27 -------- d-----w- c:\program files\Pixbyte
    2011-05-23 09:41:27 819200 ----a-w- c:\windows\system32\xvidcore.dll
    2011-05-23 09:41:27 77824 ----a-w- c:\windows\system32\xvid.ax
    2011-05-23 09:41:26 180224 ----a-w- c:\windows\system32\xvidvfw.dll
    2011-05-23 09:41:26 -------- d-----w- c:\program files\Xvid
    2011-05-18 14:38:14 -------- d-----w- c:\program files\TweetDeck
    2011-05-16 20:26:23 -------- d-----w- c:\users\raejae\appdata\local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
    2011-05-16 09:49:53 53248 ----a-r- c:\users\raejae\appdata\roaming\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
    2011-05-16 02:49:10 -------- d-----w- c:\program files\Mozilla Aurora
    2011-05-16 01:59:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-05-16 01:59:33 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-05-16 01:59:33 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-05-16 01:59:33 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-05-16 01:59:33 2145240 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-05-16 01:59:33 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-05-16 01:59:33 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    2011-05-16 01:59:33 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-05-16 01:50:35 -------- d-----w- c:\users\raejae\appdata\local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
    2011-05-16 00:34:14 -------- d-----w- c:\users\raejae\appdata\local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
    2011-05-15 16:58:30 -------- d-----w- c:\users\raejae\appdata\local\112dB
    2011-05-15 16:57:12 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
    2011-05-15 13:27:42 123904 ----a-w- c:\windows\system32\poqexec.exe
    2011-05-14 13:03:43 -------- d-----w- c:\users\raejae\appdata\local\{EEA91B22-C15F-41A4-AEDD-E42141A140F8}
    .
    ==================== Find3M ====================
    .
    2011-05-28 21:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-28 21:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-24 02:20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
    2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-04-24 14:51:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-04-23 04:43:08 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-04-09 06:02:25 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-04-09 06:02:25 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-04-06 04:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 04:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-04-06 04:13:35 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    2011-03-31 17:11:10 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
    2011-03-31 17:10:46 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
    2011-03-31 17:10:24 543328 ----a-w- c:\windows\system32\LVUI2.dll
    2011-03-31 17:09:48 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2011-03-31 17:08:56 195168 ----a-w- c:\windows\system32\lvci13251014.dll
    2011-03-31 17:08:36 301664 ----a-w- c:\windows\system32\lvcodec2.dll
    2011-03-31 17:07:02 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
    2011-03-31 17:07:02 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
    2011-03-31 17:06:56 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
    2011-03-31 16:56:20 39318 ----a-w- c:\windows\system32\Repository.reg
    2011-03-25 02:58:37 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
    2011-03-25 02:58:07 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
    2011-03-25 02:58:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2011-03-25 02:57:58 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
    2011-03-25 02:57:56 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
    2011-03-25 02:57:53 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
    2011-03-22 11:58:22 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
    .
    ============= FINISH: 20:10:59.12 ===============
     
  12. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    DDS Attachment Report

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-12.02)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 18/01/2010 12:19:44 a.m.
    System Uptime: 13/06/2011 7:38:24 p.m. (1 hours ago)
    .
    Motherboard: MSI | | Boston
    Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2800/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 455 GiB total, 147.195 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 1.461 GiB free.
    E: is CDROM ()
    F: is Removable
    H: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: AVG Free8 Network Redirector
    Device ID: ROOT\LEGACY_AVGTDIX\0000
    Manufacturer:
    Name: AVG Free8 Network Redirector
    PNP Device ID: ROOT\LEGACY_AVGTDIX\0000
    Service: AvgTdiX
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: USB FLASH DRIVE
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_USB_FLASH_DRIVE&REV_PMAP#199C1007640A0AEF&0#
    Manufacturer:
    Name: F:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_USB_FLASH_DRIVE&REV_PMAP#199C1007640A0AEF&0#
    Service: WUDFRd
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: 802.11 USB Wireless LAN Card
    Device ID: USB\VID_148F&PID_3070\1.0
    Manufacturer: Ralink Technology, Corp.
    Name: 802.11 USB Wireless LAN Card
    PNP Device ID: USB\VID_148F&PID_3070\1.0
    Service: netr28u
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: Flash Reader
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&0#
    Manufacturer: Multi
    Name: H:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&0#
    Service: WUDFRd
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: AVG Free AVI Loader Driver x86
    Device ID: ROOT\LEGACY_AVGLDX86\0000
    Manufacturer:
    Name: AVG Free AVI Loader Driver x86
    PNP Device ID: ROOT\LEGACY_AVGLDX86\0000
    Service: AvgLdx86
    .
    ==== System Restore Points ===================
    .
    RP252: 11/06/2011 11:17:00 a.m. - Windows Backup
    RP253: 13/06/2011 10:06:11 a.m. - Windows Backup
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    2007 Microsoft Office system
    AAC Decoder
    Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
    Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0
    Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
    Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
    Acrobat.com
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Shockwave Player 11.5
    Advanced System Restore
    Antares Autotune VST RTAS TDM v5.08
    Antares Filter VST DX v1.01
    Antares Harmony Engine VST RTAS v1.0
    Antares Microphone Modeler DX v1.32
    AnVir Task Manager Free
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Arturia Arp2600 V v1.0
    Arturia CS-80V v1.6
    Arturia minimoog V v1.6
    Ashampoo Burning Studio 2010
    Ashampoo Cover Studio 2.2.0
    Ashampoo Internet Accelerator 3.20
    Ashampoo Magical Snap 2.31
    Ashampoo Music Studio 2009
    Ashampoo Slideshow Studio 2010
    ASIO4ALL
    AutoUpdate
    avast! Free Antivirus
    AVS Image Converter 1.3.3.146
    AVS Update Manager 1.0
    AVS4YOU Software Navigator 1.4
    Bass Station 1.50
    BitTorrent
    Bonjour
    bx_shredspread Native 1.0.3
    CameraHelperMsi
    CCleaner
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Clean! v1.0
    Compatibility Pack for the 2007 Office system
    Conduit Engine
    ConvertHelper 2.2
    CyberLink DVD Suite Deluxe
    D3DX10
    DAEMON Tools Lite
    Dexpot
    Digidesign Shared Plug-Ins 7.4
    DirectX for Managed Code Update (Summer 2004)
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Plus Web Player
    DivX Version Checker
    Download Accelerator Plus (DAP)
    DVD-Ranger
    Elementals - The Magic Key
    eLicenser Control
    Enhanced Multimedia Keyboard Solution
    erLT
    ESET Online Scanner v3
    FileHippo.com Update Checker
    FL Studio 9
    FlashFXP v3
    Focusrite Midnignt Suite VST RTAS v1.1
    Focusrite Scarlett Plug-in Suite 1.1
    Foxit Reader
    Freecorder 4.0 Application
    Freecorder Toolbar
    Game Booster
    GEAR driver installer for x86 Win2K
    GForce - impOSCar
    GForce - Oddity
    GMediaMusic - Oddity VST2
    Google Earth
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    H.264 Decoder
    Hardcore
    Hardware Diagnostic Tools
    HP Active Support Library
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP Odometer
    HP Picasso Media Center Add-In
    HP Recovery Manager RSS
    HP Support Information
    HP Total Care Setup
    HP Update
    HPAsset component for HP Active Support Library
    IL Download Manager
    ImgBurn
    Intel(R) Graphics Media Accelerator Driver
    Interlok driver setup x32
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 25
    Junk Mail filter update
    KORG padKONTROL Editor Librarian
    KORG USB-MIDI Driver Tools for Windows
    LabelPrint
    LightScribe System Software
    Live 6.0.1
    Live 8.1.3
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    M-Audio FastTrackPro Driver 6.0.2 (x86)
    M-Audio Oxygen Driver 1.2.1 (x86)
    Malwarebytes' Anti-Malware version 1.51.0.1200
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Chart Controls for Microsoft .NET Framework 3.5
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access MUI (French) 2010 (Beta)
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Excel MUI (French) 2010 (Beta)
    Microsoft Office Live Add-in 1.4
    Microsoft Office OneNote MUI (French) 2010 (Beta)
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office Outlook MUI (French) 2010 (Beta)
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint MUI (French) 2010 (Beta)
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Hybrid 2007
    Microsoft Office Professionnel 2010
    Microsoft Office Proof (Arabic) 2010 (Beta)
    Microsoft Office Proof (Dutch) 2010 (Beta)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (English) 2010 (Beta)
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (French) 2010 (Beta)
    Microsoft Office Proof (German) 2010 (Beta)
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proof (Spanish) 2010 (Beta)
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing (French) 2010 (Beta)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Publisher MUI (French) 2010 (Beta)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared MUI (French) 2010 (Beta)
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Single Image 2010 (Beta)
    Microsoft Office Word MUI (English) 2007
    Microsoft Office Word MUI (French) 2010 (Beta)
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Works
    MixMeister BPM Analyzer 1.0
    MKV Splitter
    MobileMe Control Panel
    Mozilla Firefox 4.0.1 (x86 en-US)
    Mozilla Firefox 5.0 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Murder She Wrote
    Native Instruments Absynth 4
    Native Instruments Battery 3
    Native Instruments Controller Editor
    Native Instruments FM8
    Native Instruments Guitar Rig 4
    Native Instruments Komplete 7 Players
    Native Instruments Kontakt 4
    Native Instruments Kontakt Factory Selection
    Native Instruments Kore Player
    Native Instruments Maschine
    Native Instruments Maschine Controller Driver
    Native Instruments Maschine Factory Content
    Native Instruments Maschine Factory Content 1.5
    Native Instruments Massive
    Native Instruments Mikro Prism
    Native Instruments Reaktor 5
    Native Instruments Reaktor Factory Selection
    Native Instruments Service Center
    Native Instruments Traktor
    Natural Color Pro
    NetComm NetComm 900n Series Wireless USB Adapter
    Numedia CD-DVD writing as non-admin user
    NVIDIA PhysX v8.10.29
    ObjectDock Free
    OGA Notifier 2.0.0048.0
    Paint.NET v3.5.8
    PhotoStage Slideshow Producer
    PoiZone
    Power2Go
    PowerDirector
    PreSonus Studio One
    Prosoniq OrangeVocoder v1.4
    PSP Xenon 1.3.0 32bit
    Python 2.6 pywin32-212
    Python 2.6.1
    QuickTime
    Rainmeter
    RB MOLOTOF V1
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Reason 5.0
    Rob Papen Albino 2
    RocketDock 1.3.5
    Sakura
    Sawer
    Search Settings v1.2.3
    Secunia PSI (2.0.0.3003)
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2466156)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2464583)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skype Toolbars
    Skype™ 5.3
    SONiVOX DVI Creamy Fuzz Guitar
    Steinberg DeClicker v1.21
    Steinberg Mastering Edition v1.0
    System Requirements Lab
    T-RackS 3 Deluxe
    Toxic Biohazard
    TruePianos 1.4.1
    TruePianos: Amber Module 1.4.0
    TruePianos: Diamond Module 1.4.0
    TruePianos: Emerald Module 1.4.0
    TruePianos: Sapphire Module 1.4.0
    TweetDeck
    Universal Audio v4.4.0 Native
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2509470)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2536413)
    V-Station
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.1.9
    VST Compressor
    WavePad Sound Editor
    Waves Mercury Bundle
    Windows 7 Manager
    Windows 7 Upgrade Advisor
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.00 (32-bit)
    WOT for Internet Explorer
    Xilisoft Video Converter Ultimate
    Xvid 1.2.2 final uninstall
    Yahoo! Install Manager
    YouSendIt Express
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/06/2011 9:04:08 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    7/06/2011 6:51:14 p.m., Error: Service Control Manager [7030] - The HCH service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    7/06/2011 6:41:49 p.m., Error: Service Control Manager [7030] - The RE service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    7/06/2011 6:41:41 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GTLJ service to connect.
    7/06/2011 6:41:41 p.m., Error: Service Control Manager [7000] - The GTLJ service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/06/2011 6:41:10 p.m., Error: Service Control Manager [7030] - The GTLJ service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    7/06/2011 2:37:46 p.m., Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    7/06/2011 2:37:41 p.m., Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\RAIHV.dll Error Code: 21
    7/06/2011 12:54:38 a.m., Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    7/06/2011 1:38:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/06/2011 1:38:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/06/2011 1:38:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/06/2011 1:37:56 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/06/2011 1:36:53 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi AvgLdx86 AvgMfx86 AvgTdiX discache spldr Wanarpv6
    6/06/2011 12:56:21 p.m., Error: Service Control Manager [7034] - The UMVPFSrv service terminated unexpectedly. It has done this 1 time(s).
    6/06/2011 11:24:47 p.m., Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
    6/06/2011 11:23:06 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
    6/06/2011 11:23:06 p.m., Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/06/2011 11:03:08 p.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The system cannot find the file specified.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The system cannot find the file specified.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Secunia PSI Agent service failed to start due to the following error: The system cannot find the file specified.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the file specified.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Oxygen Audio Device Monitor service failed to start due to the following error: The system cannot find the file specified.
    6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The NMSAccessU service failed to start due to the following error: The system cannot find the file specified.
    13/06/2011 8:04:53 p.m., Error: Service Control Manager [7003] - The DNS Client service depends the following service: Tdx. This service might not be installed.
    13/06/2011 7:41:41 p.m., Error: Service Control Manager [7003] - The DHCP Client service depends the following service: Tdx. This service might not be installed.
    13/06/2011 7:41:41 p.m., Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
    13/06/2011 7:38:59 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 AvgTdiX
    13/06/2011 7:38:55 p.m., Error: Service Control Manager [7003] - The IP Helper service depends the following service: Tdx. This service might not be installed.
    13/06/2011 7:38:49 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c5 (0x00020070, 0x00000002, 0x00000000, 0x83b58795). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061311-18392-01.
    13/06/2011 10:51:45 a.m., Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    13/06/2011 10:05:41 a.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
    10/06/2011 9:25:00 a.m., Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.1 with the system having network hardware address E8-39-DF-77-B0-EA. Network operations on this system may be disrupted as a result.
    10/06/2011 1:58:27 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x00000003, 0x8707f030, 0x83b30ae0, 0x8612cce8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061011-16801-01.
    .
    ==== End Of File ===========================
  13. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    Click the "Scan" button to start scan:
    [​IMG]

    On completion of the scan click "Save log", save it to your desktop and post in your next reply:
    [​IMG]

    =====================================================================

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
  14. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    aswMBR Log

    aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
    Run date: 2011-06-14 08:36:16
    -----------------------------
    08:36:16.671 OS Version: Windows 6.1.7601 Service Pack 1
    08:36:16.671 Number of processors: 2 586 0x170A
    08:36:16.686 ComputerName: RAEJAE-PC UserName: RaeJae
    08:36:18.356 AVAST engine 6.0.1125 defs: 11060600
    08:36:18.356 Initialize success
    08:36:44.579 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    08:36:44.595 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01117 Size: 476940MB BusType: 3
    08:36:46.638 Disk 0 MBR read successfully
    08:36:46.638 Disk 0 MBR scan
    08:36:46.654 Disk 0 unknown MBR code
    08:36:48.666 Disk 0 scanning sectors +976767120
    08:36:48.682 Disk 0 scanning C:\Windows\system32\drivers
    08:36:58.838 Service scanning
    08:36:59.945 Disk 0 trace - called modules:
    08:36:59.945 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
    08:36:59.961 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866225c0]
    08:36:59.961 3 CLASSPNP.SYS[89bb659e] -> nt!IofCallDriver -> [0x861cb918]
    08:36:59.961 5 ACPI.sys[896a43d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85886030]
    08:37:00.476 AVAST engine scan C:\Windows\system32
    08:38:54.340 Scan finished successfully
    08:42:25.284 Disk 0 MBR has been saved successfully to "C:\Users\RaeJae\Desktop\MBR.dat"
    08:42:25.284 The log file has been saved successfully to "C:\Users\RaeJae\Desktop\aswMBR.txt"
  15. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Combofix Log

    ComboFix 11-06-13.01 - RaeJae 14/06/2011 8:52.2.2 - x86
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1159 [GMT 12:00]
    Running from: c:\users\RaeJae\Desktop\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\RaeJae\AppData\Roaming\completescan
    c:\users\RaeJae\AppData\Roaming\install
    c:\windows\assembly\GAC_MSIL\desktop.ini
    c:\windows\system32\Drivers\tpmi.sys
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))))
    .
    .
    2011-06-13 21:02 . 2011-06-13 21:02 -------- d-----w- c:\users\Public\AppData\Local\temp
    2011-06-13 21:02 . 2011-06-13 21:02 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
    2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
    2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
    2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
    2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
    2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
    2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
    2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
    2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
    2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
    2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
    2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
    2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
    2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
    2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
    2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
    2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
    2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
    2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
    2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
    2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
    2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
    2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
    2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
    2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
    2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
    2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
    2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
    2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
    2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
    2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
    2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
    2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
    2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
    2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
    2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
    2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
    2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
    2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
    2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
    2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
    2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
    2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
    2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
    2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
    2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
    2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
    2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
    2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
    2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
    2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
    2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
    2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\users\RaeJae\AppData\Local\112dB
    2011-05-15 16:57 . 2011-05-15 16:57 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
    2011-05-15 13:27 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
    2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
    2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
    2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
    2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
    2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
    2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
    2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
    2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
    2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
    2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
    2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
    2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
    2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
    2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
    2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
    2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
    2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
    2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
    2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
    2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
    2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
    2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
    2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
    2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
    2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
    2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
    2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
    2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
    2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
    2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
    2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
    "HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
    "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
    "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
    "YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
    "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
    "Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
    "hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
    "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
    "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
    "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
    "UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
    "KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
    "Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
    "M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
    "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
    "Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
    .
    c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
    Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
    Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
    NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
    Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
    "{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "midi1"=KORGUMDD.DRV
    "midi7"=KORGUMDD.DRV
    "aux2"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
    2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [x]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
    R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
    R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
    R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
    R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
    R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
    R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
    R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
    S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ASWMBR
    *Deregistered* - aswMBR
    *Deregistered* - kxdiqpow
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
    .
    2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
    .
    2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
    - c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
    .
    2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
    - c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
    .
    2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
    - c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.co.nz/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
    uInternet Settings,ProxyOverride = *.local
    IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
    IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
    IE: &Envoyer à OneNote - /105
    IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
    MSConfigStartUp-Logitech Vid - c:\program files\Logitech\Vid\vid.exe
    MSConfigStartUp-Logitech Vid HD - c:\program files\Logitech\Vid\vid.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-06-14 09:04:01
    ComboFix-quarantined-files.txt 2011-06-13 21:04
    .
    Pre-Run: 158,018,084,864 bytes free
    Post-Run: 157,949,091,840 bytes free
    .
    - - End Of File - - 5B289EA0216019FD0095BE77995115A0
  16. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Rkill Log

    This log file is located at C:\rkill.log.
    Please post this only if requested to by the person helping you.
    Otherwise you can close this log when you wish.

    Rkill was run on 14/06/2011 at 9:10:13.
    Operating System: Windows 7 Home Premium


    Processes terminated by Rkill or while it was running:



    Rkill completed on 14/06/2011 at 9:10:16.
  17. Broni

    Broni Malware Annihilator Posts: 46,725   +254

  18. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Ran the AVG Remover. Also tried the DHCP link you provided and this is the report from that suggestion:


    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation. All rights reserved.

    C:\Windows\system32>NET START NSI
    The requested service has already been started.

    More help is available by typing NET HELPMSG 2182.


    C:\Windows\system32>NET START TDX
    The service name is invalid.

    More help is available by typing NET HELPMSG 2185.


    C:\Windows\system32>NET START AFD
    The requested service has already been started.

    More help is available by typing NET HELPMSG 2182.


    C:\Windows\system32>NET START DHCP
    System error 1075 has occurred.

    The dependency service does not exist or has been marked for deletion.


    C:\Windows\system32>
  19. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Restarted my computer and still cannot access the internet.
  20. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    It looks like you may have some system files problem.

    Let's try couple of things...

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    64-bit users go HERE
    • Double-click SystemLook.exe to run it.
    • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box into the main textfield:
      Code:
      :filefind
      TDX*
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
  21. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Downloaded both of those systemlook files and could not get either of them to run,double clicking or right clicking and running as administrator. Got error saying 'systemlook.exe is not a valid Win32 application'
  22. Broni

    Broni Malware Annihilator Posts: 46,725   +254

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    tdx.sys
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  23. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    OTL Log Report

    OTL logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
    OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

    1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
    3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
    Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
    Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

    Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
    PRC - [2011/05/28 10:52:14 | 001,290,240 | ---- | M] (Dexpot GbR) -- C:\Program Files\Dexpot\dexpot.exe
    PRC - [2011/05/23 04:15:08 | 000,103,424 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
    PRC - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011/04/19 18:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
    PRC - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
    PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    PRC - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/21 00:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2010/11/21 00:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2010/10/07 08:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
    PRC - [2010/03/12 11:00:23 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    PRC - [2009/11/16 08:59:11 | 000,158,752 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
    PRC - [2009/11/09 13:56:38 | 000,643,592 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\System32\M-AudioTaskBarIcon.exe
    PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
    PRC - [2009/08/28 11:53:00 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    PRC - [2009/06/29 09:29:48 | 001,830,912 | ---- | M] (NetComm Limited) -- C:\Program Files\NetComm\Common\RaUI.exe
    PRC - [2009/03/09 12:50:50 | 001,563,360 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager Free\AnVir.exe
    PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
    MOD - [2011/05/11 00:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
    MOD - [2010/11/20 23:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- -- (RE)
    SRV - File not found [On_Demand | Stopped] -- -- (HCH)
    SRV - File not found [On_Demand | Stopped] -- -- (GTLJ)
    SRV - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010/03/02 14:08:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/01/05 06:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 13:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


    ========== Driver Services (SafeList) ==========

    DRV - [2011/05/11 00:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2011/05/11 00:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011/05/11 00:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011/05/10 23:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011/05/10 23:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2011/05/10 23:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011/04/01 05:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 200(UVC)
    DRV - [2011/04/01 05:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
    DRV - [2010/11/20 22:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/09/01 20:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
    DRV - [2010/03/04 06:31:28 | 000,112,136 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MAudioOxygen.sys -- (OXYGEN)
    DRV - [2009/12/02 12:56:16 | 000,092,792 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
    DRV - [2009/11/09 13:56:10 | 000,158,600 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
    DRV - [2009/04/28 17:23:52 | 000,724,992 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
    DRV - [2009/01/21 02:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2007/03/29 01:11:00 | 000,021,984 | ---- | M] (KORG Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KORGUMDS.SYS -- (KORGUMDS)
    DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
    DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
    DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
    DRV - [2004/04/01 15:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
    IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
    IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/"
    FF - prefs.js..extensions.enabledItems: apptabs@frankyan.com:0.6.2
    FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
    FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
    FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
    FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:3.2.5.2
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
    FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
    FF - prefs.js..extensions.enabledItems: tabberwocky@studio17.wordpress.com:1.1
    FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.6.2
    FF - prefs.js..extensions.enabledItems: {eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}:2.0.2
    FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
    FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
    FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
    FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.4
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Components: C:\Program Files\Aurora\components
    FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 11:01:28 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/22 16:45:33 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 10\components [2011/04/16 16:01:56 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugins
    FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/16 13:59:34 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/02 23:06:45 | 000,000,000 | ---D | M]

    [2010/01/17 23:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Extensions
    [2011/05/31 19:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions
    [2010/10/28 08:59:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
    [2010/04/28 07:46:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
    [2011/04/28 02:07:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2011/04/01 09:59:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2011/03/22 15:10:13 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
    [2011/02/03 00:51:40 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
    [2010/03/02 14:19:26 | 000,000,000 | ---D | M] (App Tabs) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\apptabs@frankyan.com
    [2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\engine@conduit.com
    [2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Personas) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\personas@christopher.beard
    [2010/03/02 14:19:26 | 000,000,000 | ---D | M] (Tabberwocky) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\tabberwocky@studio17.wordpress.com
    [2011/05/12 19:27:04 | 000,002,306 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Mozilla\Firefox\Profiles\5w8gsb98.default\searchplugins\wot-safe-search.xml
    [2011/04/21 15:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/05/16 13:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
    File not found (No name found) --
    () (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
    () (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
    [2011/04/29 06:01:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
    [2010/01/05 10:34:19 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
    [2007/03/10 11:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
    [2010/01/01 20:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

    O1 HOSTS File: ([2011/06/14 09:02:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
    O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
    O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
    O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
    O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [hpsysdrv] c:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
    O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [AnVir Task Manager Free] C:\Program Files\AnVir Task Manager Free\AnVir.exe (AnVir Software)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Dexpot] C:\Program Files\Dexpot\dexpot.exe (Dexpot GbR)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
    O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [YouSendIt.exe] C:\Program Files\YouSendIt\Express\YouSendIt.exe (YouSendIt)
    O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
    O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
    O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.8.05.cab (Bebo Uploader Control)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-nz.cab (Windows Live Hotmail Photo Upload Tool)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
    O24 - Desktop WallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
    O24 - Desktop BackupWallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/11 09:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    Drivers32: midi1 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
    Drivers32: midi7 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
    Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
    Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
    Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
  24. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    continued...

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/06/14 14:34:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
    [2011/06/14 09:55:06 | 000,000,000 | ---D | C] -- C:\Windows\TEMP
    [2011/06/14 09:04:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2011/06/14 08:49:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2011/06/14 08:49:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2011/06/14 08:49:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2011/06/14 08:49:12 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2011/06/14 08:49:10 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2011/06/14 08:35:56 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
    [2011/06/14 08:35:55 | 004,120,909 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
    [2011/06/13 18:35:04 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
    [2011/06/13 18:35:04 | 000,607,310 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
    [2011/06/12 14:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Evonsoft
    [2011/06/12 14:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Restore
    [2011/06/12 14:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Restore
    [2011/06/10 10:48:16 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Today VST
    [2011/06/09 03:22:04 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Set
    [2011/06/09 02:16:44 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Ol Skool
    [2011/06/07 18:40:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\DoctorWeb
    [2011/06/06 21:55:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
    [2011/06/06 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\IK Multimedia
    [2011/06/05 23:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Waves
    [2011/06/01 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
    [2011/06/01 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\DVD-Ranger 3.5.1.3
    [2011/06/01 15:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPaudioware
    [2011/06/01 15:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\PSPaudioware
    [2011/06/01 08:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2011/06/01 08:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2011/06/01 08:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2011/06/01 08:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2011/05/29 01:28:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
    [2011/05/27 18:18:00 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\All Folders
    [2011/05/27 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\ODUI
    [2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Stardock
    [2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\Stardock
    [2011/05/27 17:36:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Stardock
    [2011/05/27 17:36:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
    [2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
    [2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
    [2011/05/27 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\PackageAware
    [2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Rainmeter
    [2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
    [2011/05/27 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainmeter
    [2011/05/27 14:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
    [2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
    [2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
    [2011/05/27 00:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Dexpot
    [2011/05/25 17:07:22 | 000,000,000 | R--D | C] -- C:\Users\RaeJae\Documents\Scanned Documents
    [2011/05/25 17:07:20 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Fax
    [2011/05/25 12:15:57 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Pluggers
    [2011/05/25 03:13:47 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
    [2011/05/24 14:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Ranger
    [2011/05/24 14:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DShield
    [2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DVDRanger
    [2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\DVDRanger
    [2011/05/24 14:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\Pixbyte
    [2011/05/23 21:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
    [2011/05/23 21:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
    [2011/05/22 16:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2011/05/19 02:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
    [2011/05/17 08:26:23 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
    [2011/05/16 14:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Aurora
    [2011/05/16 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
    [2011/05/16 12:34:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
    [2011/05/16 04:58:30 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\112dB
    [2011/05/16 04:57:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
    [2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\112dB
    [2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\112dB
    [2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\G-Sonique
    [2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Sonique

    ========== Files - Modified Within 30 Days ==========

    [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
    [2011/06/14 14:31:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/06/14 14:31:10 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
    [2011/06/14 14:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
    [2011/06/14 10:14:50 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/06/14 10:14:49 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/06/14 10:05:53 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
    [2011/06/14 09:02:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2011/06/14 08:42:25 | 000,000,512 | ---- | M] () -- C:\Users\RaeJae\Desktop\MBR.dat
    [2011/06/14 08:33:06 | 001,007,120 | ---- | M] () -- C:\Users\RaeJae\Desktop\rkill.com
    [2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
    [2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
    [2011/06/13 19:38:38 | 583,577,194 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2011/06/13 19:27:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
    [2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
    [2011/06/13 15:08:42 | 000,607,310 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
    [2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
    [2011/06/12 15:19:55 | 000,659,294 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/06/12 15:19:55 | 000,140,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/06/12 14:52:38 | 000,000,987 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
    [2011/06/09 08:44:23 | 000,000,017 | ---- | M] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
    [2011/06/08 13:26:37 | 000,001,156 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
    [2011/06/08 11:39:03 | 006,024,971 | ---- | M] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
    [2011/06/07 13:27:29 | 000,000,562 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
    [2011/06/07 02:16:45 | 016,067,570 | ---- | M] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
    [2011/06/07 02:13:41 | 020,755,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
    [2011/06/07 00:40:09 | 000,175,671 | ---- | M] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
    [2011/06/07 00:19:56 | 000,013,268 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
    [2011/06/06 23:02:47 | 000,000,006 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\start
    [2011/06/06 22:09:07 | 000,000,136 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
    [2011/06/06 22:09:06 | 000,000,011 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
    [2011/06/06 20:36:57 | 021,803,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
    [2011/06/06 13:03:20 | 000,008,080 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
    [2011/06/03 20:38:30 | 000,001,084 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
    [2011/06/02 09:24:27 | 000,002,048 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
    [2011/06/01 09:34:01 | 000,001,109 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
    [2011/05/29 21:55:21 | 000,611,784 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
    [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2011/05/28 10:48:39 | 000,457,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2011/05/27 16:09:05 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRaeJae.job
    [2011/05/27 14:16:25 | 000,001,889 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
    [2011/05/25 22:49:25 | 000,002,114 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
    [2011/05/25 20:49:56 | 000,001,851 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2011/05/25 03:03:41 | 000,438,151 | ---- | M] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
    [2011/05/23 21:49:14 | 000,003,838 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
    [2011/05/22 16:45:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011/05/18 17:04:08 | 000,005,040 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
    [2011/05/17 21:29:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
    [2011/05/17 10:46:19 | 007,942,144 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
    [2011/05/17 10:46:19 | 007,938,048 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
    [2011/05/17 08:25:19 | 000,000,632 | RHS- | M] () -- C:\Users\RaeJae\ntuser.pol
    [2011/05/16 13:18:37 | 000,042,540 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg

    ========== Files Created - No Company Name ==========

    [2011/06/14 11:48:36 | 000,000,000 | ---- | C] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
    [2011/06/14 08:49:15 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/06/14 08:49:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/06/14 08:49:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/06/14 08:49:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/06/14 08:49:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/06/14 08:42:25 | 000,000,512 | ---- | C] () -- C:\Users\RaeJae\Desktop\MBR.dat
    [2011/06/14 08:35:51 | 001,007,120 | ---- | C] () -- C:\Users\RaeJae\Desktop\rkill.com
    [2011/06/13 18:35:06 | 000,302,592 | ---- | C] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
    [2011/06/12 14:52:38 | 000,000,987 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
    [2011/06/10 13:58:11 | 583,577,194 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2011/06/09 08:44:23 | 000,000,017 | ---- | C] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
    [2011/06/09 02:30:16 | 004,034,641 | ---- | C] () -- C:\Users\RaeJae\Desktop\The Delfonics - La La Means I Love You [Ghostface - Holla].mp3
    [2011/06/08 13:26:36 | 000,001,156 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
    [2011/06/08 11:37:50 | 006,024,971 | ---- | C] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
    [2011/06/07 13:27:27 | 000,000,562 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
    [2011/06/07 02:11:57 | 016,067,570 | ---- | C] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
    [2011/06/07 02:07:48 | 020,755,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
    [2011/06/07 00:40:04 | 000,175,671 | ---- | C] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
    [2011/06/07 00:19:16 | 000,013,268 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
    [2011/06/06 23:02:47 | 000,000,006 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\start
    [2011/06/06 22:09:07 | 000,000,136 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
    [2011/06/06 22:09:06 | 000,000,011 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
    [2011/06/06 20:31:35 | 021,803,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
    [2011/06/06 13:03:18 | 000,008,080 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
    [2011/06/03 20:38:30 | 000,001,084 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
    [2011/06/02 09:24:27 | 000,002,048 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
    [2011/06/01 09:34:01 | 000,001,109 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
    [2011/05/29 21:55:12 | 000,611,784 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
    [2011/05/27 14:16:25 | 000,001,889 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
    [2011/05/25 22:49:24 | 000,002,114 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
    [2011/05/25 03:09:25 | 000,438,151 | ---- | C] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
    [2011/05/23 21:49:12 | 000,003,838 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
    [2011/05/23 21:41:27 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2011/05/23 21:41:27 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
    [2011/05/23 21:41:26 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2011/05/18 17:04:07 | 000,005,040 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
    [2011/05/17 10:42:22 | 007,942,144 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
    [2011/05/17 10:42:22 | 007,938,048 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
    [2011/05/16 14:49:12 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
    [2011/05/16 13:59:38 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2011/05/16 13:18:36 | 000,042,540 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg
    [2011/04/01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
    [2011/04/01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
    [2011/04/01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
    [2011/04/01 04:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
    [2011/03/23 12:38:49 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
    [2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
    [2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\FxShared.dll
    [2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\com.fxpansion.fxshared.dll
    [2011/01/18 14:25:24 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
    [2010/12/10 12:11:06 | 000,000,004 | ---- | C] () -- C:\ProgramData\sysid100.dat
    [2010/12/01 09:14:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Hyperman.dll
    [2010/12/01 09:11:54 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Wavlbsys.dll
    [2010/11/30 14:04:41 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE
    [2010/11/30 13:58:05 | 000,520,267 | ---- | C] () -- C:\Windows\System32\libmmd.dll
    [2010/11/30 13:23:51 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
    [2010/11/29 11:55:05 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ArtFfct.dll
    [2010/08/25 03:00:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\privatedata.dll
    [2010/08/14 19:14:27 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
    [2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
    [2010/06/02 10:35:15 | 000,217,088 | ---- | C] () -- C:\Windows\System32\qtmlClient.dll
    [2010/06/02 10:35:09 | 001,362,460 | ---- | C] () -- C:\Windows\System32\ExpansionHD_Firmware.bin
    [2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
    [2010/05/03 11:29:33 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
    [2010/05/03 11:27:48 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
    [2010/05/03 11:27:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
    [2010/02/02 01:09:05 | 000,212,992 | ---- | C] () -- C:\Windows\ALCHUNIN.EXE
    [2010/01/24 16:06:36 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
    [2010/01/21 13:38:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/01/17 23:08:10 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
    [2010/01/09 13:40:49 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
    [2010/01/08 12:31:11 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
    [2010/01/05 12:08:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2010/01/04 01:21:38 | 000,000,052 | ---- | C] () -- C:\Windows\Relax.ini
    [2010/01/04 01:13:49 | 000,185,856 | ---- | C] () -- C:\Windows\System32\Bmp2Jpeg.dll
    [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
    [2009/07/14 16:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 16:33:53 | 000,457,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2009/07/14 14:05:48 | 000,659,294 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2009/07/14 14:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2009/07/14 14:05:48 | 000,140,320 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2009/07/14 14:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2009/07/14 14:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2009/07/14 14:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2009/07/14 11:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 11:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 11:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009/06/11 09:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2009/05/05 01:19:59 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
    [2009/05/05 01:19:59 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
    [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2007/04/18 22:07:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll

    ========== LOP Check ==========

    [2010/12/09 11:15:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\4Front
    [2010/06/02 09:13:21 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ableton
    [2011/03/23 15:04:17 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Acoustica
    [2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ambient Design
    [2010/06/01 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ancient Quest of Saqqarah__wildtan
    [2010/11/30 12:32:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Applied Acoustics Systems
    [2010/04/27 07:55:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo
    [2011/04/13 02:57:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo Cover Studio 2
    [2011/06/12 14:49:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\BitTorrent
    [2010/12/27 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Blue Cat Audio
    [2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Bump Technologies, Inc
    [2010/06/17 09:05:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/04/06 16:18:18 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Lite
    [2011/02/02 22:43:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Pro
    [2010/12/03 09:05:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Deckadance16
    [2010/06/29 19:20:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Dexpot
    [2010/11/30 13:39:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FabFilter
    [2010/01/17 23:03:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit
    [2010/03/30 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit Software
    [2010/10/15 11:44:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreeImageConverter
    [2010/04/22 20:52:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreezeTag
    [2010/10/11 10:20:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FrostWire
    [2010/05/11 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\funkitron
    [2011/02/17 23:23:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FXpansion
    [2010/03/05 08:51:26 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\GetRightToGo
    [2011/06/06 21:55:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
    [2011/05/29 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
    [2010/03/31 13:54:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImgBurn
    [2010/08/17 17:45:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImTOO
    [2010/02/03 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IObit
    [2010/06/12 10:16:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iShell
    [2010/12/10 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iZotope
    [2010/06/27 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Leadertech
    [2010/01/20 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\MysteryStudio
    [2010/05/10 20:02:49 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\NCH Swift Sound
    [2011/05/13 18:44:04 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Nomad Factory
    [2011/05/27 00:18:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
    [2011/04/01 01:55:23 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PACE Anti-Piracy
    [2011/05/25 22:35:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PreSonus
    [2011/02/02 22:48:25 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Propellerhead Software
    [2010/02/03 01:00:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Publish Providers
    [2011/05/28 02:32:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
    [2010/01/20 17:28:41 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Recordpad
    [2010/11/11 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Smartelectronix
    [2010/12/20 19:30:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Sony
    [2011/05/27 17:36:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Stardock
    [2010/02/23 12:10:19 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SynthMaker
    [2010/05/07 12:39:07 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SystemRequirementsLab
    [2010/11/02 18:18:29 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweakNow RegCleaner
    [2010/05/10 10:49:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
    [2010/01/17 23:03:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Virtual City
    [2010/02/17 12:15:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\VitySoft
    [2010/12/06 09:57:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Waves Audio
    [2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WildTangent
    [2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WinBatch
    [2011/04/26 13:12:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Windows Live Writer
    [2010/03/05 08:53:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Xilisoft Corporation
    [2011/05/16 12:35:09 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\YouSendIt
    [2011/06/07 13:09:54 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2009/06/11 09:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
    [2010/11/21 00:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
    [2010/01/18 19:41:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2011/06/14 09:04:02 | 000,023,091 | ---- | M] () -- C:\ComboFix.txt
    [2009/06/11 09:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
    [2010/10/15 13:31:44 | 000,001,370 | ---- | M] () -- C:\docuPrinter.log
    [2010/10/21 21:53:27 | 000,002,750 | ---- | M] () -- C:\FINIS_IT.TXT
    [2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
    [2010/12/20 16:25:30 | 000,015,803 | ---- | M] () -- C:\INSTALL.LOG
    [2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2011/06/14 10:05:37 | 2136,137,728 | -HS- | M] () -- C:\pagefile.sys
    [2011/06/14 09:10:16 | 000,000,361 | ---- | M] () -- C:\rkill.log
    [2009/05/05 01:44:16 | 000,000,349 | ---- | M] () -- C:\updatedatfix.log
    [2008/08/27 00:37:52 | 000,000,458 | ---- | M] () -- C:\Windows Sidebar

    < %systemroot%\Fonts\*.com >
    [2009/07/14 16:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/14 16:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/14 16:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/14 16:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2009/06/11 09:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2009/06/22 17:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
    [2009/07/14 13:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
    [2010/11/21 00:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >
    [2011/05/11 00:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2010/11/10 01:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2009/07/14 16:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/01/04 02:44:15 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
    [2011/04/23 17:20:48 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
    [2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
    [2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
    [2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
    [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
    [2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >
    [2009/06/11 09:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2011/04/23 17:20:47 | 000,000,402 | -HS- | M] () -- C:\Users\RaeJae\Favorites\desktop.ini
    [2011/05/13 04:57:30 | 000,000,276 | ---- | M] () -- C:\Users\RaeJae\Favorites\NCH Software Download Site.lnk

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    < MD5 for: TDX.SYS >
    [2009/07/14 11:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:30FD0CBD

    < End of report >
  25. JBEEZY

    JBEEZY TS Rookie Topic Starter Posts: 79

    Extras

    OTL Extras logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
    OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

    1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
    3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
    Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
    Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

    Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
    "{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
    "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
    "{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
    "{0E086923-AAA3-4F98-A6E2-48B64CE27553}" = Native Instruments Reaktor Factory Selection
    "{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
    "{11F703F5-DCAF-49EC-8CD2-488F483E32B0}" = KORG USB-MIDI Driver Tools for Windows
    "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
    "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
    "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
    "{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 (Beta)
    "{20140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 (Beta)
    "{20140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 (Beta)
    "{20140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 (Beta)
    "{20140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 (Beta)
    "{20140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 (Beta)
    "{20140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 (Beta)
    "{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 (Beta)
    "{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta)
    "{20140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 (Beta)
    "{20140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 (Beta)
    "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
    "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{236E0A03-6110-485E-B0F9-399215948BB7}" = M-Audio FastTrackPro Driver 6.0.2 (x86)
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
    "{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller Driver
    "{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
    "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
    "{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
    "{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
    "{316B3C3F-6B5A-DBC3-1398-FBE614ECCAA7}" = TweetDeck
    "{33286B63-B749-4D54-AA04-5631319B168D}" = GEAR driver installer for x86 Win2K
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{348CE492-86E7-4594-9051-2F3DCE39463F}" = V-Station
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
    "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
    "{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
    "{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
    "{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
    "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
    "{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
    "{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4EBE7270-A95A-4A03-82C0-41A6F38A4DB2}" = Native Instruments Maschine Factory Content 1.5
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
    "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
    "{6438691E-D44E-4A18-B6C4-D1EB26281D6A}" = Native Instruments Mikro Prism
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
    "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{7F099B88-FE9D-4287-BE5F-3ED2BD16223C}" = Native Instruments Maschine
    "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{80D3F817-2D33-4643-B900-64AE2C0C4745}" = M-Audio Oxygen Driver 1.2.1 (x86)
    "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = NetComm NetComm 900n Series Wireless USB Adapter
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{94056AE8-EF0F-45E4-A1B4-D754115F8A28}" = Numedia CD-DVD writing as non-admin user
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
    "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
    "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A2DDE39D-BA16-4DBB-9C96-A6703142DCF3}" = Native Instruments Komplete 7 Players
    "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
    "{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1" = Bass Station 1.50
    "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
    "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
    "{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
    "{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
    "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
    "{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
    "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
    "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
    "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
    "{D28571EC-82E4-414D-B09D-BBA1B5B3FE55}" = Native Instruments Maschine Factory Content
    "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
    "{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
    "{D5D3F942-1061-4031-8032-D78728F9A920}" = Windows 7 Manager
    "{D77332DD-FA53-4E49-9F4B-3863B8D56196}" = KORG padKONTROL Editor Librarian
    "{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1" = Focusrite Scarlett Plug-in Suite 1.1
    "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
    "{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
    "{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
    "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
    "{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
    "{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
    "{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1" = Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
    "Abbeyroadplugins EMI RS 124 Compressor VST RTAS_is1" = Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0
    "Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1" = Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
    "Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1" = Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "Advanced System Restore_is1" = Advanced System Restore
    "Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
    "Antares Filter VST DX v1.01" = Antares Filter VST DX v1.01
    "Antares Harmony Engine VST RTAS_is1" = Antares Harmony Engine VST RTAS v1.0
    "Antares Microphone Modeler DX v1.32" = Antares Microphone Modeler DX v1.32
    "AnVir Task Manager Free" = AnVir Task Manager Free
    "Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
    "Arturia CS-80V_is1" = Arturia CS-80V v1.6
    "Arturia minimoog V_is1" = Arturia minimoog V v1.6
    "Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
    "Ashampoo Cover Studio 2_is1" = Ashampoo Cover Studio 2.2.0
    "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
    "Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.31
    "Ashampoo Music Studio 2009_is1" = Ashampoo Music Studio 2009
    "Ashampoo Slideshow Studio 2010_is1" = Ashampoo Slideshow Studio 2010
    "ASIO4ALL" = ASIO4ALL
    "avast" = avast! Free Antivirus
    "AVS Image Converter_is1" = AVS Image Converter 1.3.3.146
    "AVS Update Manager_is1" = AVS Update Manager 1.0
    "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
    "BitTorrent" = BitTorrent
    "bx_shredspread Native_is1" = bx_shredspread Native 1.0.3
    "CCleaner" = CCleaner
    "Clean!" = Clean! v1.0
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "conduitEngine" = Conduit Engine
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "DeClicker" = Steinberg DeClicker v1.21
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
    "DVD-Ranger" = DVD-Ranger
    "eLicenser Control" = eLicenser Control
    "ESET Online Scanner" = ESET Online Scanner v3
    "FileHippo.com" = FileHippo.com Update Checker
    "FL Studio 9" = FL Studio 9
    "Focusrite Midnignt Suite VST RTAS v1.1_is1" = Focusrite Midnignt Suite VST RTAS v1.1
    "Foxit Reader" = Foxit Reader
    "Freecorder Toolbar" = Freecorder Toolbar
    "Freecorder4.0" = Freecorder 4.0 Application
    "Game Booster_is1" = Game Booster
    "Hardcore" = Hardcore
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "IL Download Manager" = IL Download Manager
    "ImgBurn" = ImgBurn
    "impOSCar" = GForce - impOSCar
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
    "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "Live 6.0.1" = Live 6.0.1
    "Live 8.1.3" = Live 8.1.3
    "Logitech Vid" = Logitech Vid HD
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
    "Mastering Edition" = Steinberg Mastering Edition v1.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
    "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
    "Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
    "Native Instruments Absynth 4" = Native Instruments Absynth 4
    "Native Instruments Battery 3" = Native Instruments Battery 3
    "Native Instruments Controller Editor" = Native Instruments Controller Editor
    "Native Instruments FM8" = Native Instruments FM8
    "Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
    "Native Instruments Komplete 7 Players" = Native Instruments Komplete 7 Players
    "Native Instruments Kontakt 4" = Native Instruments Kontakt 4
    "Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
    "Native Instruments Kore Player" = Native Instruments Kore Player
    "Native Instruments Maschine" = Native Instruments Maschine
    "Native Instruments Maschine Controller Driver" = Native Instruments Maschine Controller Driver
    "Native Instruments Maschine Factory Content" = Native Instruments Maschine Factory Content
    "Native Instruments Maschine Factory Content 1.5" = Native Instruments Maschine Factory Content 1.5
    "Native Instruments Massive" = Native Instruments Massive
    "Native Instruments Mikro Prism" = Native Instruments Mikro Prism
    "Native Instruments Reaktor 5" = Native Instruments Reaktor 5
    "Native Instruments Reaktor Factory Selection" = Native Instruments Reaktor Factory Selection
    "Native Instruments Service Center" = Native Instruments Service Center
    "Native Instruments Traktor" = Native Instruments Traktor
    "ObjectDock Free" = ObjectDock Free
    "Oddity" = GForce - Oddity
    "Oddity VST2" = GMediaMusic - Oddity VST2
    "Office14.SingleImage" = Microsoft Office Professionnel 2010
    "PC-Doctor for Windows" = Hardware Diagnostic Tools
    "PhotoStage" = PhotoStage Slideshow Producer
    "PoiZone" = PoiZone
    "PreSonus Studio One" = PreSonus Studio One
    "PROHYBRIDR" = 2007 Microsoft Office system
    "Prosoniq OrangeVocoder v1.4" = Prosoniq OrangeVocoder v1.4
    "PSP Xenon 1.3.0 32bit" = PSP Xenon 1.3.0 32bit
    "pywin32-py2.6" = Python 2.6 pywin32-212
    "Rainmeter" = Rainmeter
    "RB MOLOTOF V11.0.0" = RB MOLOTOF V1
    "RealPlayer 12.0" = RealPlayer
    "Reason5_is1" = Reason 5.0
    "Rob Papen Albino 2" = Rob Papen Albino 2
    "RocketDock_is1" = RocketDock 1.3.5
    "Sakura" = Sakura
    "Sawer" = Sawer
    "Secunia PSI" = Secunia PSI (2.0.0.3003)
    "SONiVOX 2.0 DVI Creamy Fuzz Guitar_is1" = SONiVOX DVI Creamy Fuzz Guitar
    "Toxic Biohazard" = Toxic Biohazard
    "TruePianos: Amber Module_is1" = TruePianos: Amber Module 1.4.0
    "TruePianos: Diamond Module_is1" = TruePianos: Diamond Module 1.4.0
    "TruePianos: Emerald Module_is1" = TruePianos: Emerald Module 1.4.0
    "TruePianos: Sapphire Module_is1" = TruePianos: Sapphire Module 1.4.0
    "TruePianos_is1" = TruePianos 1.4.1
    "TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
    "Universal Audio v4.4.0 Native" = Universal Audio v4.4.0 Native
    "VLC media player" = VLC media player 1.1.9
    "VST" = VST Compressor
    "WavePad" = WavePad Sound Editor
    "Waves Mercury Bundle" = Waves Mercury Bundle
    "WildTangent hp Master Uninstall" = HP Games
    "WinLiveSuite" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 4.00 (32-bit)
    "WT083427" = Elementals - The Magic Key
    "WT083777" = Murder She Wrote
    "Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
    "Xvid_is1" = Xvid 1.2.2 final uninstall
    "YInstHelper" = Yahoo! Install Manager

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dexpot" = Dexpot

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 13/06/2011 2:21:56 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 13/06/2011 3:40:22 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 13/06/2011 4:49:28 p.m. | Computer Name = RaeJae-PC | Source = System Restore | ID = 8193
    Description =

    Error - 13/06/2011 6:07:23 p.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\KORG\KORG
    USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    [ System Events ]
    Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
    Description = The DHCP Client service depends the following service: Tdx. This service
    might not be installed.

    Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1075

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
    Description = The DHCP Client service depends the following service: Tdx. This service
    might not be installed.

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1075

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
    Description = The DHCP Client service depends the following service: Tdx. This service
    might not be installed.

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1075

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
    Description = The DHCP Client service depends the following service: Tdx. This service
    might not be installed.

    Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1075

    Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
    Description = The DHCP Client service depends the following service: Tdx. This service
    might not be installed.

    Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
    Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
    DHCP Client service which failed to start because of the following error: %%1075


    < End of report >
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.