The OTL text exceeds the forum's character limit for a post, so I've had to post it as an attachment.
EDIT: Hmmm, I've tried attaching it a couple of times but no dice. I'll have to split it up into several posts.
PART 1
OTL logfile created on: 10/09/2011 10:15:43 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Robert\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
479.49 Mb Total Physical Memory | 251.88 Mb Available Physical Memory | 52.53% Memory free
1.10 Gb Paging File | 0.85 Gb Available in Paging File | 77.57% Paging File free
Paging file location(s): c:\pagefile.sys 720 1440 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 45.26 Gb Free Space | 60.74% Space Free | Partition Type: NTFS
Drive D: | 8.03 Gb Total Space | 6.14 Gb Free Space | 76.51% Space Free | Partition Type: NTFS
Computer Name: SCRNWRTR-01 | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/10 22:12:26 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 11:35:08 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 20:25:42 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 15:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/16 10:05:30 | 005,095,424 | ---- | M] (Memory Improve Master Studio) -- C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/26 13:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe
PRC - [2007/04/05 14:57:52 | 003,251,800 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
PRC - [2004/04/06 19:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2003/09/12 18:57:12 | 000,078,848 | ---- | M] () -- C:\WINDOWS\system32\hffsrv.exe
PRC - [2002/08/20 10:29:26 | 000,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\system32\ezSP_Px.exe
========== Modules (No Company Name) ==========
MOD - [2011/05/23 03:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/06/17 14:27:24 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009/03/26 06:30:02 | 000,190,976 | ---- | M] () -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2008/09/10 00:20:08 | 000,294,912 | ---- | M] () -- C:\Program Files\Memory Improve Master\MemIM.dll
MOD - [2008/08/08 07:03:36 | 000,126,976 | ---- | M] () -- C:\Program Files\Memory Improve Master\MemIMReg.dll
MOD - [2007/04/05 14:57:52 | 003,251,800 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
MOD - [2007/04/03 12:09:56 | 000,393,728 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll
MOD - [2004/02/26 11:31:24 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2003/09/12 18:57:12 | 000,078,848 | ---- | M] () -- C:\WINDOWS\system32\hffsrv.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (vsmon)
SRV - File not found [Auto | Stopped] -- -- (PavPrSrv)
SRV - File not found [Auto | Stopped] -- -- (KPF4)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (fortknox)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 11:35:08 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 20:25:42 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007/11/26 13:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc)
SRV - [2004/04/06 19:35:10 | 000,929,904 | ---- | M] (Ahead Software AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv)
SRV - [2003/09/12 18:57:12 | 000,078,848 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\hffsrv.exe -- (HideFilesAndFolders_S)
========== Driver Services (SafeList) ==========
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 11:35:10 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/04 11:35:10 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/23 16:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/17 14:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:14 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/14 04:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 04:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/09/17 19:34:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2007/04/26 10:21:34 | 000,072,624 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007/04/26 10:21:30 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007/04/09 19:40:50 | 000,073,216 | ---- | M] (Y0YS Software) [File_System | Boot | Running] -- C:\WINDOWS\System32\secdir.sys -- (secdir)
DRV - [2006/12/02 21:12:48 | 000,076,560 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/10/17 16:08:15 | 000,086,368 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700obex.sys -- (W700obex)
DRV - [2006/10/17 16:08:14 | 000,097,056 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mdm.sys -- (W700mdm)
DRV - [2006/10/17 16:08:14 | 000,088,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mgmt.sys -- (W700mgmt) Sony Ericsson W700 USB WMC Device Management Drivers (WDM)
DRV - [2006/10/17 16:08:14 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mdfl.sys -- (W700mdfl)
DRV - [2006/10/17 16:08:13 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700bus.sys -- (W700bus) Sony Ericsson W700 Driver driver (WDM)
DRV - [2004/04/06 19:40:10 | 000,025,600 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass)
DRV - [2004/04/06 19:39:20 | 000,089,472 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\incdfs.sys -- (InCDfs)
DRV - [2004/02/11 15:51:46 | 000,115,840 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2003/12/05 19:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/09/11 22:13:58 | 000,042,048 | ---- | M] (Silence of Troubles United Company Ltd.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\FDCENT.SYS -- (FDCENT)
DRV - [2003/07/02 06:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2000/07/24 00:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
DRV - [2000/02/04 05:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,
www.plimus.com,regnow.com,www.regnow.com,
IE - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "mipony-plugin Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2465030&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/firefox"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.1
FF - prefs.js..extensions.enabledItems:
firebug@software.joehewitt.com:1.7.3
FF - user.js..browser.search.openintab: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@SuperAdBlocker.com/sabffx: C:\WINDOWS\System32\SuperAdBlocker.com\npsabffx.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 14:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 14:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/09/07 08:42:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/06/18 11:14:48 | 000,000,000 | ---D | M]
[2010/10/01 23:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Extensions
[2010/10/30 01:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/10/01 23:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/09/10 13:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\extensions
[2011/09/06 11:34:43 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/02/19 06:58:08 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2011/07/09 01:42:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/09/01 02:29:43 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\extensions\firebug@software.joehewitt.com
[2010/01/20 11:16:46 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\mf01qvc5.default\searchplugins\conduit.xml
[2011/05/06 22:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/06 19:49:54 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2004/05/07 15:31:40 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\components\MSVCR71.DLL
[2006/11/07 12:58:44 | 000,139,264 | ---- | M] () -- C:\Program Files\mozilla firefox\components\SABFF20.DLL
[2011/02/20 22:52:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/02/21 00:12:07 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll
[2009/01/31 12:30:27 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2007/02/26 13:44:00 | 000,352,256 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsabffx.dll
O1 HOSTS File: ([2011/09/10 12:14:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No CLSID value found.
O3 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [Ashampoo FireWall] C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003..\Run: [Memory Improve Master] C:\Program Files\Memory Improve Master\MemoryImproveMaster.exe (Memory Improve Master Studio)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_24.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Ashampoo\Ashampoo FireWall\spi.dll ()
O15 - HKU\S-1-5-21-1757981266-1123561945-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71}
http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277898266859 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277898242406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B117C82-52DB-4C7A-9DB1-261EE82886DA}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/01/24 00:55:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/12/28 14:59:06 | 000,000,000 | -H-- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SENS - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (
http://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS
http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (
www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Ligos Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: VIDC.VIFP - C:\WINDOWS\System32\VFCodec.dll ()
Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (
www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011/09/10 22:12:17 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe
[2011/09/10 13:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Desktop\Coast to Coast AM - 10-22-10 - Monsters & Creatures
[2011/09/10 13:32:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/10 11:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Desktop\Coast to Coast - Mar 28 2010 - Mysteries of the Amazon
[2011/09/09 20:47:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/09 20:47:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/09 20:47:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/09 20:47:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/09 20:37:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/09 20:32:09 | 004,201,032 | R--- | C] (Swearware) -- C:\Documents and Settings\Robert\Desktop\ComboFix.exe
[2011/09/09 19:24:44 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Robert\Desktop\aswMBR.exe
[2011/09/09 08:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\Pending
[2011/09/08 21:53:43 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Robert\Desktop\dds.scr
[2011/09/06 23:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\Altova
[2011/09/06 23:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Altova
[2011/09/06 19:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\MKV Converter
[2011/09/06 16:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011/09/06 15:39:24 | 000,032,824 | ---- | C] (Resplendence Software Projects Sp) -- C:\WINDOWS\System32\rrMon.sys
[2011/09/06 15:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2011/09/06 12:31:44 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/06 12:24:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/06 12:10:06 | 004,195,482 | R--- | C] (Swearware) -- C:\Documents and Settings\Robert\Desktop\Repair.exe
[2011/09/04 18:26:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\Comics
[2011/09/04 15:12:02 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/09/04 15:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/09/04 13:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
[2011/09/04 13:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/09/03 23:15:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Robert\Desktop\Crusty.exe
[2011/09/02 09:55:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Desktop\The.Three.Stooges.Collection.Volume.7.1952-1954.DVDRip.x264.AAC-SiC
[2011/09/01 17:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\mp3DirectCut
[2011/09/01 17:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\Downloads
[2011/08/29 10:21:31 | 010,307,744 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Robert\My Documents\Opera_1150_1074_int_distribution_00.exe
[2011/08/19 18:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\asrv
[2011/08/19 18:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\All Sound Recorder Vista
[2011/08/19 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\All Sound Recorder Vista
[2011/08/15 02:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\PcSetup
[2011/08/14 17:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\profiles
[2011/08/14 17:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\data
[2011/08/14 17:37:57 | 000,413,696 | ---- | C] (Jacek Pazera) -- C:\Documents and Settings\Robert\My Documents\mkvtoavi.exe
[2011/08/14 17:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\tools
[2011/08/14 17:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\My Documents\lang
[2011/08/14 17:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVCWare
[2011/08/14 17:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVCWare
[2011/08/14 16:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Local Settings\Application Data\Tipard Studio
[2011/03/18 11:46:32 | 000,389,632 | ---- | C] (Jacek Pazera) -- C:\Program Files\flvtoavi.exe
[2010/01/24 15:58:12 | 000,073,728 | ---- | C] ( ) -- C:\Program Files\vdremote.dll
[2010/01/24 15:58:12 | 000,069,632 | ---- | C] ( ) -- C:\Program Files\vdicmdrv.dll
[2010/01/24 15:58:12 | 000,069,632 | ---- | C] ( ) -- C:\Program Files\auxsetup.exe
[2010/01/24 15:58:12 | 000,065,536 | ---- | C] ( ) -- C:\Program Files\vdsvrlnk.dll
[2010/01/24 15:58:12 | 000,008,704 | ---- | C] ( ) -- C:\Program Files\vdub.exe
[2009/01/25 00:13:50 | 002,790,777 | ---- | C] (Efficient Software ) -- C:\Documents and Settings\Robert\Application Data\EfficientReminder-Installer.exe
[74 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]