Solved Gradual System Crashing / Text Labels, Icons Blanking Out

[gescom]

My computer problem began about a week ago; nothing in particular has occurred that I'm aware of in that time. I tend to leave my computer on for long periods, so I first noticed that when I go to turn my monitor on that I'm somehow 'logged out' of Windows and several application crash warnings are popped up (I don't normally use the login process, so this was odd). I click out of these windows to find the desktop and couple Windows Explorer windows that were already open have the text labels blanked out, or blank out when I mouse over them or single-click on an item. The title bars in windows are also blank.

This happened later on while using the computer where text labels and icons suddenly begin to blank out and there are eventually windfall crashes of running applications. I haven't always had Chrome open when this happens, but if I do, any and all plugins will crash at once, and any new tabs I attempt to open almost immediately crash. Sometimes I'm able to restart or shut down normally if this starts to happen, but if it goes on too long, I have to manually restart the computer. I can't quite pinpoint a trigger for what's going on when this gradual meltdown happens, but I almost think it might be when one of my hard drives is accessed in a certain way (?). I have 14 HDDs not including the system HDD. Anyway, hopefully someone has an inkling as to what's going on here. I don't know if it could be a virus or hardware failure. It has inevitably happened every time I've used the computer over the past week, but not necessarily at regular intervals.

P.S. GMER crashed during scanning, so I don't have that log.

My system: WinXP SP3, Intel Q9450, 4GB RAM.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5111

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/20/2010 2:15:22 AM
mbam-log-2010-11-20 (02-15-22).txt

Scan type: Quick scan
Objects scanned: 168712
Time elapsed: 15 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS (Ver_10-11-10.01) - NTFSx86
Run by Jon at 18:19:13.28 on Tue 11/16/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2083 [GMT -6:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Griffin Technology\PowerMate\PowerMate.exe
C:\program files\steam\steam.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\AirVideoServer\AirVideoServer.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\java.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\program files\real\realplayer\RealPlay.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jon\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PowerMate] c:\program files\griffin technology\powermate\PowerMate.exe
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [MCW Startup] "c:\program files\monitor calibration wizard\MCW.exe" /s
uRun: [Google Update] "c:\documents and settings\jon\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [RGSC] c:\program files\rockstar games\rockstar games social club\RGSCLauncher.exe /silent
uRun: [Bandwidth Vista 2] c:\program files\bandwidth vista\bandwidth vista 2\bandwidthvista2.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [AirVideoServer] c:\program files\airvideoserver\AirVideoServer.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [RivaTunerStartupDaemon] "c:\program files\rivatuner v2.09\RivaTuner.exe" /S
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\jon\startm~1\programs\startup\google~1.lnk - c:\documents and settings\jon\local settings\application data\google\google talk, labs edition\GoogleTalkLabsEdition.exe
StartupFolder: c:\docume~1\jon\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\ereg\eReg.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\firepo~1.lnk - c:\program files\presonus\1394audiodriver_firepod\FirePod.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\shortc~1.lnk - c:\documents and settings\jon\local settings\application data\google\google talk plugin\googletalkplugin.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 9\Snagit32.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jon\applic~1\mozilla\firefox\profiles\sgnfpp4t.default\
FF - prefs.js: browser.search.selectedEngine - MSN Encarta - Dictionary
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\jon\application data\mozilla\firefox\profiles\sgnfpp4t.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\documents and settings\jon\application data\mozilla\firefox\profiles\sgnfpp4t.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\jon\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\jon\application data\mozilla\firefox\profiles\sgnfpp4t.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\documents and settings\jon\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\jon\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\jon\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

============= SERVICES / DRIVERS ===============

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2008-4-24 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2008-4-24 5248]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-16 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-3-23 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 66632]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-16 135336]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CAMTHWDM.sys [2010-2-18 1051136]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-3-30 1107336]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [2008-8-20 14416]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2008-4-28 33792]
R3 cmudaxp;HTO CLARO Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2008-7-28 2020160]
R3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\drivers\KeyMagic.sys [2008-4-22 17920]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-7-9 33792]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-16 267944]
S2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-16 60936]
S2 gupdate1c97ff19596ef34;Google Update Service (gupdate1c97ff19596ef34);c:\program files\google\update\GoogleUpdate.exe [2009-1-26 133104]
S2 KeyAgent;KeyAgent;\??\c:\windows\system32\drivers\keyagent.sys --> c:\windows\system32\drivers\KeyAgent.sys [?]
S2 MacHALDriver;Mac HAL;\??\c:\windows\system32\drivers\machaldriver.sys --> c:\windows\system32\drivers\MacHALDriver.sys [?]
S3 i1display;i1 Display;c:\windows\system32\drivers\i1display.sys [2008-8-20 44344]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-8-18 42376]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-8-18 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-8-18 81288]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\npf.sys [?]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2009-8-21 6144]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-4-20 517632]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2009\RpcAgentSrv.exe [2008-12-10 98488]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 12872]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-8-18 356920]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-8-18 1072008]
S3 WinRing0_1_1_1;WinRing0_1_1_1;\??\c:\documents and settings\jon\desktop\realtemp_2.70\winring0.sys --> c:\documents and settings\jon\desktop\realtemp_2.70\WinRing0.sys [?]

=============== Created Last 30 ================

2010-11-17 00:15:11 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-17 00:15:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira
2010-11-17 00:14:43 388096 ----a-r- c:\docume~1\jon\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-17 00:14:42 -------- d-----w- c:\program files\Trend Micro
2010-11-13 06:05:27 -------- d-----w- C:\SickBeard-win32-alpha-build465.02
2010-11-13 05:01:33 -------- d-----w- c:\program files\iPod
2010-11-06 02:57:23 53248 ----a-r- c:\docume~1\jon\applic~1\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2010-11-06 02:54:24 -------- d-----w- c:\windows\system32\logishrd
2010-11-06 02:53:46 -------- d-----w- c:\program files\common files\LWS
2010-10-30 17:15:18 -------- d-----w- c:\program files\Free Video Joiner
2010-10-30 16:26:21 -------- d-----w- c:\docume~1\jon\applic~1\MPEG Streamclip
2010-10-29 00:28:19 95672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

==================== Find3M ====================

2010-09-28 21:44:52 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 16:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll

============= FINISH: 18:20:13.84 ===============

 

[gescom]

Here's Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume10
Install Date: 5/7/2005 10:24:05 AM
System Uptime: 11/16/2010 9:18:20 AM (9 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5E3 Deluxe
Processor: Intel Pentium III Xeon processor | LGA775 | 2666/333mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 268.983 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 860.123 GiB free.
E: is CDROM ()
F: is CDROM ()
L: is FIXED (FAT32) - 149 GiB total, 148.989 GiB free.
M: is FIXED (NTFS) - 234 GiB total, 233.591 GiB free.
N: is FIXED (NTFS) - 466 GiB total, 241.435 GiB free.
O: is FIXED (NTFS) - 699 GiB total, 152.279 GiB free.
P: is FIXED (NTFS) - 699 GiB total, 235.194 GiB free.
Q: is FIXED (NTFS) - 1397 GiB total, 1383.824 GiB free.
R: is FIXED (NTFS) - 1397 GiB total, 1137.529 GiB free.
S: is FIXED (NTFS) - 1397 GiB total, 1007.604 GiB free.
T: is FIXED (NTFS) - 1397 GiB total, 705.791 GiB free.
U: is FIXED (NTFS) - 1397 GiB total, 476.479 GiB free.
V: is FIXED (NTFS) - 1397 GiB total, 62.054 GiB free.
W: is FIXED (NTFS) - 1397 GiB total, 358.144 GiB free.
X: is FIXED (NTFS) - 1397 GiB total, 474.926 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 802.11n Network Adapter
Device ID: USB\VID_0B05&PID_1742\1.0
Manufacturer: ASUSTeK Computer Inc.
Name: 802.11n Network Adapter
PNP Device ID: USB\VID_0B05&PID_1742\1.0
Service: rt2870

Class GUID:
Description: Audio Device on High Definition Audio Bus
Device ID: HDAUDIO\FUNC_01&VEN_11D4&DEV_198B&SUBSYS_1043829B&REV_1004\4&B3DDC6A&0&0001
Manufacturer:
Name: Audio Device on High Definition Audio Bus
PNP Device ID: HDAUDIO\FUNC_01&VEN_11D4&DEV_198B&SUBSYS_1043829B&REV_1004\4&B3DDC6A&0&0001
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8167&SUBSYS_820D1043&REV_10\4&19ABE7DE&0&20F0
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8167&SUBSYS_820D1043&REV_10\4&19ABE7DE&0&20F0
Service: RTL8023xp

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Keyboard
Device ID: ACPI\PNP0303\4&B6AFFD&0
Manufacturer: Logitech
Name: PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&B6AFFD&0
Service: i8042prt

Class GUID: {FF646F80-8DEF-11D2-9449-00105A075F6B}
Description: pcouffin device for 32 bits systems
Device ID: ROOT\PCOUFFIN\0000
Manufacturer: VSO Software
Name: pcouffin device for 32 bits systems
PNP Device ID: ROOT\PCOUFFIN\0000
Service: pcouffin

==== System Restore Points ===================

RP851: 9/21/2010 1:56:47 AM - System Checkpoint
RP852: 9/22/2010 2:56:47 AM - System Checkpoint
RP853: 9/23/2010 3:56:48 AM - System Checkpoint
RP854: 9/24/2010 4:56:48 AM - System Checkpoint
RP855: 9/25/2010 4:57:40 AM - System Checkpoint
RP856: 9/26/2010 5:57:39 AM - System Checkpoint
RP857: 9/26/2010 12:10:05 PM - Installed Microsoft File Transfer Manager
RP858: 9/27/2010 12:57:45 PM - System Checkpoint
RP859: 9/28/2010 1:57:57 PM - System Checkpoint
RP860: 9/29/2010 2:57:52 PM - System Checkpoint
RP861: 9/30/2010 3:57:57 PM - System Checkpoint
RP862: 10/1/2010 5:12:15 PM - System Checkpoint
RP863: 10/2/2010 5:57:57 PM - System Checkpoint
RP864: 10/3/2010 6:57:56 PM - System Checkpoint
RP865: 10/4/2010 7:57:58 PM - System Checkpoint
RP866: 10/5/2010 7:27:09 PM - Software Distribution Service 3.0
RP867: 10/6/2010 7:59:07 PM - System Checkpoint
RP868: 10/7/2010 8:06:59 PM - System Checkpoint
RP869: 10/9/2010 10:49:37 AM - System Checkpoint
RP870: 10/10/2010 11:06:58 AM - System Checkpoint
RP871: 10/11/2010 12:06:57 PM - System Checkpoint
RP872: 10/12/2010 12:07:41 PM - System Checkpoint
RP873: 10/13/2010 7:06:20 PM - System Checkpoint
RP874: 10/14/2010 7:07:42 PM - System Checkpoint
RP875: 10/15/2010 7:28:48 PM - System Checkpoint
RP876: 10/16/2010 8:07:50 PM - System Checkpoint
RP877: 10/17/2010 9:07:39 PM - System Checkpoint
RP878: 10/18/2010 10:07:42 PM - System Checkpoint
RP879: 10/19/2010 10:08:01 PM - System Checkpoint
RP880: 10/20/2010 11:07:55 PM - System Checkpoint
RP881: 10/22/2010 12:08:04 AM - System Checkpoint
RP882: 10/23/2010 1:07:55 AM - System Checkpoint
RP883: 10/24/2010 2:08:01 AM - System Checkpoint
RP884: 10/25/2010 3:07:59 AM - System Checkpoint
RP885: 10/26/2010 4:07:48 AM - System Checkpoint
RP886: 10/27/2010 4:08:28 AM - System Checkpoint
RP887: 10/28/2010 5:08:06 AM - System Checkpoint
RP888: 10/28/2010 7:29:09 PM - Software Distribution Service 3.0
RP889: 10/29/2010 8:08:11 PM - System Checkpoint
RP890: 10/30/2010 8:12:46 PM - System Checkpoint
RP891: 10/31/2010 9:12:39 PM - System Checkpoint
RP892: 11/1/2010 10:05:59 PM - System Checkpoint
RP893: 11/2/2010 10:27:18 PM - System Checkpoint
RP894: 11/4/2010 1:01:38 AM - System Checkpoint
RP895: 11/5/2010 4:35:43 PM - System Checkpoint
RP896: 11/5/2010 10:07:17 PM - Removed Logitech Vid.
RP897: 11/5/2010 10:56:09 PM - System Checkpoint
RP898: 11/6/2010 10:21:18 PM - Software Distribution Service 3.0
RP899: 11/9/2010 4:28:21 AM - System Checkpoint

==== Installed Programs ======================


"Champetre" template for ConvertXToDVD 3
"Film" template for ConvertXToDVD 3
µTorrent
AAC Decoder
ACID Pro 7.0
Acronis*Disk Director Suite
Ad-Aware
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat 8 Professional
Adobe Acrobat 8.2.5 - CPSID_83708
Adobe Acrobat 8.2.5 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Audition 1.5
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color Common Settings
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe Creative Suite 3 Design Premium
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe Linguistics CS4
Adobe MotionPicture Color Files
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS3
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Photoshop Lightroom 2.6
Adobe Reader 8.2.5
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AHV content for Acrobat and Flash
Air Video Server 2.4.2
Album List for Winamp v2.05 (remove only)
Amazon MP3 Downloader 1.0.5
Antares AVOX Bundle VST RTAS v1.1.3
Antares Harmony Engine VST RTAS v1.0
Antares Microphone Modeler 1.31 DirectX
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
ASUS WiFi-AP @n
ASUSUpdate
Atmosphere
Audiochecker
AudioEase Altiverb 5.4.6
AudioMulch Interactive Music Studio 2.0.2
Auslogics Disk Defrag
AutoUpdate
Avira AntiVir Personal - Free Antivirus
BBE Sonic Maximizer 2.0 Full
Beyond Compare Version 3.1.3
BFD
Bonjour
BumpTop
Call of Duty(R) - World at War(TM)
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CameraHelperMsi
Canon MP160
Canon RAW Codec
CCleaner
CD - DVD Publishing Service
CD Art Display 2.0
CDDRV_Installer
Chinese Simplified Fonts Support For Adobe Reader 8
CineForm HD CODEC
Collab
Connect
ConvertXtoDVD 4.0.9.322
Critical Update for Windows Media Player 11 (KB959772)
Crysis(R)
Cuttermusic Revitar v2.0
DAEMON Tools
db audioware Sidechain Compressor VST v1.1.0
dBpoweramp AAC Encoder
dBpoweramp DirectShow Decoder
dBpoweramp DSP Effects
dBpoweramp FLAC Codec
dBpoweramp m4a Codec
dBpoweramp Monkeys Audio Codec
dBpoweramp Musepack Codec
dBpoweramp Music Converter
dBpoweramp Ogg Vorbis Codec
dBpoweramp Shorten Codec
dBpoweramp WavPack Codec
dBpoweramp Windows Media Audio 10 Codec
dBpowerAMP Windows Media Audio 9 Codec
Debugging Tools for Windows (x86)
DH Driver Cleaner Professional Edition
DivX Codec
DivX Plus DirectShow Filters
DivX Version Checker
Drumagog 4
DVD Profiler Version 3.1.1
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.7.5
East West Colossus
erLT
EVEREST Ultimate v4.20.1257 + Corporate Edition Beta Registered
Exact Audio Copy 0.99pb5
EZdrummer
EZXClaustrophobic
EZXCocktail
EZXDfh
EZXNashville
EZXPercussion
EZXTwisted
EZXVintage
Facebook Plug-In
Fallout 3
ffdshow [rev 1723] [2007-12-24]
File Renamer - Basic
FileBot
FileZilla Client 3.3.4.1
FL Studio 8
Free Video Dub version 1.4
Google Chrome
Google Talk Plugin
Google Talk, Labs Edition
Google Update Helper
GrabIt 1.7.2 Beta 4 (build 997)
GRID
H.264 Decoder
Handbrake 0.9.4
Har-Bal v2.0
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HT OMEGA CLARO
I-Fluid
ID3-TagIT 3
IL Download Manager
InFlac 1.1.1
iPhone Configuration Utility
iTunes
iTunes Library Updater
iZotope Ozone 3.07
iZotope Ozone 4
iZotope Spectron v1.0.6
iZotope Trash 1.06
iZotope Vinyl 1.6
Japanese Fonts Support For Adobe Reader 8
Java Auto Updater
Java(TM) 6 Update 20
JMicron JMB36X Driver
KhalInstallWrapper
Killing Floor
KORG USB-MIDI Driver Tools for Windows
kuler
Last.fm 1.5.4.27091
Left 4 Dead
Left 4 Dead 2 Add-on Support
Left 4 Dead Dedicated Server
LibUSB-Win32-0.1.10.1
Linksys EasyLink Advisor
Logitech Harmony Remote Software 7
Logitech SetPoint
Logitech Touch Mouse Server 1.0
Logitech Updater
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
LogMeIn Hamachi
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
M-Tron
Magic ISO Maker v5.5 (build 0265)
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Medieval CUE Splitter
Microsoft File Transfer Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Color Control Panel Applet for Windows XP
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Xbox 360 Accessories 1.1
MIDI Yoke
mIRC
MixMeister BPM Analyzer 1.0
MKV Splitter
mkv2vob
MobileMe Control Panel
Monitor Calibration Wizard 1.0
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
MyDefrag v4.2.7
MyDefrag v4.2.8
N.I Pro-53 v3.0-OxYGeN
Native Instruments Abbey Road 60s Drums
Native Instruments Absynth 5
Native Instruments B4 v1.1.5
Native Instruments Battery 3
Native Instruments ElektrikPiano (remove only)
Native Instruments FM8
Native Instruments Guitar Rig 3
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig v1.2
Native Instruments Komplete 6
Native Instruments Kontakt 4
Native Instruments Kontakt v1.5.3 Incl Keygen
Native Instruments Massive
Native Instruments Reaktor 5
Native Instruments Reaktor v4.1.3.005
Native Instruments Service Center
Native Instruments Spektral Delay v1.57
Nero 8
neroxml
Noise Ninja 2 (Standalone Version)
Notepad++
NVIDIA Drivers
NVIDIA nTune
NVIDIA PhysX
OpenAL
PC Probe II
PDF Settings CS4
PeerBlock
Photoshop Camera Raw
Picasa 3
Pinnacle Studio 12
PoiZone
PreSonus 1394 Audio Driver v2.46 (FirePod)
Prime95
Project64 1.6
PSP 84 v1.0
PSP VintageWarmer 1.6.5
Pure Networks Platform
QuickBooks
QuickBooks Premier: Retail Edition 2010
Quicken 2009
QuickPar 0.9
QuickTime
RealPlayer
REALTEK GbE & FE Ethernet PCI NIC Driver
RealUpgrade 1.0
Remote Control USB Driver
Revo Uninstaller 1.89
RivaTuner v2.09
SABnzbd (remove only)
Sauerbraten
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
ShellExView
SiSoftware Sandra Lite 2009
Snagit 9.1
Sonic Foundry Soft Encode 1.0 - Dolby Digital 5.1
Sony ACID Pro 6.0
Sony CD Architect 5.2
Sony Media Manager 2.2
Sony Noise Reduction Plug-In 2.0h
Sony Preset Manager 2.0
Sony Sound Forge 9.0
Sony Vegas 7.0d
Sony Vegas Pro 8.0
SoulSeek 157 NS 13
SoundMAX
Spectro
Spyware Doctor 6.0
Steam
Steinberg Magneto VST v1.5
Steinberg The Grand
Steinberg The Grand 2
Steinberg The Grand 2 v2.0.0.1152
Steinberg VoiceMachine v1.0
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
Superior Drummer Installer
SyncBack
Syncrosoft's License Control
SyncroSoft Emu (Remove only)
Tag&Rename 3.5
Team Fortress 2
Team Fortress 2 Dedicated Server
TeraCopy 2.07 beta
The KMPlayer (remove only)
Toxic Biohazard
Trilogy
TV Rename
Tweak UI
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (KB2443839)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VASST Ultimate S3 3.0.3
VC80CRTRedist - 8.0.50727.762
VCRedistSetup
VLC media player 1.0.1
Waves Mercury Complete VST DX RTAS v1.01
WebcamMax
WebFldrs XP
Winamp
Winamp Detector Plug-in
WinDirStat 1.1.2
Windows Driver Package - Apple Inc. Apple Keyboard (08/30/2007 2.0.1.4)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR
World of Goo
XML Paper Specification Shared Components Pack 1.0
XYplorer 7.10
Zeno Clash Demo

==== Event Viewer Messages From Past Week ========

11/9/2010 8:55:47 PM, error: JRAID [9] - The device, \Device\Scsi\JRAID1, did not respond within the timeout period.
11/9/2010 4:28:22 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls. Reference error message: Insufficient system resources exist to complete the requested service. .
11/9/2010 4:28:22 AM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\zipfldr.dll. Reference error message: The operation completed successfully. .
11/16/2010 9:21:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio avipbb ssmdrv
11/16/2010 9:21:15 AM, error: Service Control Manager [7000] - The Avira AntiVir Scheduler service failed to start due to the following error: The system cannot find the file specified.
11/16/2010 9:21:15 AM, error: Service Control Manager [7000] - The Avira AntiVir Guard service failed to start due to the following error: The system cannot find the file specified.
11/16/2010 9:21:15 AM, error: Service Control Manager [7000] - The avgntflt service failed to start due to the following error: The system cannot find the file specified.
11/16/2010 9:09:18 AM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
11/16/2010 9:01:32 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
11/16/2010 9:01:32 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/16/2010 12:03:39 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000009A' while processing the file 'rnsystem.dat' on the volume 'HarddiskVolume10'. It has stopped monitoring the volume.
11/13/2010 4:54:39 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_DSA1\5&e43b2ff&0&010) disappeared from the system without first being prepared for removal.
11/13/2010 4:54:39 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&030) disappeared from the system without first being prepared for removal.
11/13/2010 4:54:39 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&020) disappeared from the system without first being prepared for removal.
11/13/2010 4:54:13 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&060) disappeared from the system without first being prepared for removal.
11/13/2010 4:54:13 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&050) disappeared from the system without first being prepared for removal.
11/13/2010 4:54:13 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&040) disappeared from the system without first being prepared for removal.
11/13/2010 3:07:56 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.mui. Reference error message: Insufficient system resources exist to complete the requested service. .
11/13/2010 3:07:56 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\CRYPTUI.dll. Reference error message: The operation completed successfully. .
11/13/2010 2:28:06 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 bf93158c, parameter3 b5618c10, parameter4 00000000.
11/13/2010 2:16:52 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\wiashext.dll. Reference error message: The operation completed successfully. .
11/13/2010 2:12:02 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000009A' while processing the file '' on the volume 'HarddiskVolume7'. It has stopped monitoring the volume.
11/13/2010 11:41:33 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
11/13/2010 11:40:32 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.
11/12/2010 5:19:26 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000009A' while processing the file 'etilqs_EKQ .. gsmcuqFiJe' on the volume 'Hardd .. ume10'. It has stopped monitoring the volume.
11/12/2010 11:10:32 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
11/12/2010 10:42:10 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
11/12/2010 10:41:48 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&010) disappeared from the system without first being prepared for removal.
11/12/2010 10:41:48 PM, error: PlugPlayManager [12] - The device ' ST31500341AS SCSI Disk Device' (SCSI\Disk&Ven_&Prod_ST31500341AS&Rev_CCH1\5&e43b2ff&0&000) disappeared from the system without first being prepared for removal.
11/12/2010 10:35:55 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the libusbd service.
11/12/2010 10:32:40 PM, error: JRAID [15] - The device, \Device\Scsi\JRAID1, is not ready for access yet.
11/10/2010 8:19:30 PM, error: Service Control Manager [7000] - The Nsynas32 service failed to start due to the following error: The system cannot find the file specified.
11/10/2010 8:19:30 PM, error: Service Control Manager [7000] - The Mac HAL service failed to start due to the following error: The system cannot find the file specified.
11/10/2010 8:19:30 PM, error: Service Control Manager [7000] - The KeyAgent service failed to start due to the following error: The system cannot find the file specified.
11/10/2010 8:06:32 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{C1A127F9-78AE-47C3-972A-7B2F2D48752D} because another computer on the network has the same name. The server could not start.
11/10/2010 12:06:59 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: Insufficient system resources exist to complete the requested service. .
11/10/2010 12:06:59 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Avira\AntiVir Desktop\msgclient.dll. Reference error message: The operation completed successfully. .
11/10/2010 12:06:59 AM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\avira\antivir desktop\ccupdw.dll. Reference error message: The operation completed successfully. .

==== End Of File ===========================

 

[Broni]

Please, do NOT wrap logs in quotes.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================================================

So far, I don't see anything malicious, but we'll check.
One thing, I've noticed is a huge startups list.

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

====================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[gescom]

Below is the log from MBRCheck.exe. I tried running Combofix, both normally and in safe mode, but I get the message saying "Combofix cannot run when AVG is installed." I also tried the method using Rkill, but I get the same message. AVG is not installed on my computer to my knowledge.

And earlier today, my computer began to crash as usual, and I noticed some of the error messages popping up, for instance, when I try to copy and paste a file, say the system doesn't have enough resources to complete the action. This message is shown whenever I try to do things as it slowly crashes. That is if I'm able to even read the messages popping up since buttons and text are going blank and/or flashing as I try to close them. Anyway...

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x00fff83d

Kernel Drivers (total 159):
0x80800000 \WINDOWS\system32\ntkrnlpa.exe
0x80A0D000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F81000 d347bus.sys
0xB9F53000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F42000 pci.sys
0xBA0A8000 isapnp.sys
0xBA0B8000 ohci1394.sys
0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0D8000 MountMgr.sys
0xB9F23000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9EFD000 dmio.sys
0xBA330000 PartMgr.sys
0xB9EE2000 jraid.sys
0xB9ECA000 \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
0xBA0E8000 VolSnap.sys
0xB9EB2000
0xBA5AE000 d347prt.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9E92000 fltmgr.sys
0xB9E80000 sr.sys
0xBA118000 PxHelp20.sys
0xB9E69000 KSecDD.sys
0xB9DDC000 Ntfs.sys
0xB9DAF000 NDIS.sys
0xB9D96000 snapman.sys
0xBA128000 sbp2port.sys
0xB9D7C000 Mup.sys
0xBA5B0000 JGOGO.sys
0xBA188000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9690000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB967C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA390000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9658000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA398000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9630000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB95EF000 \SystemRoot\system32\DRIVERS\yk51x86.sys
0xB9401000 \SystemRoot\system32\drivers\cmudaxp.sys
0xB93DD000 \SystemRoot\system32\drivers\portcls.sys
0xBA1A8000 \SystemRoot\system32\drivers\drmk.sys
0xB93BA000 \SystemRoot\system32\drivers\ks.sys
0xBA1B8000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xBA3C0000 \SystemRoot\system32\DRIVERS\fdc.sys
0xBA5BA000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xBA1C8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB9D04000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB9D00000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xBA3D8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB9CF8000 \SystemRoot\system32\drivers\pfc.sys
0xBA1E8000 \SystemRoot\System32\Drivers\cdrbsdrv.SYS
0xBA1F8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA208000 \SystemRoot\system32\DRIVERS\redbook.sys
0xBA3F0000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xBA218000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB91F1000 \SystemRoot\system32\DRIVERS\CAMTHWDM.sys
0xBA238000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0xBA739000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA298000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9CE4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB91DA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA2A8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA2B8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA418000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB91C9000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA2C8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA428000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA438000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBA448000 \SystemRoot\system32\DRIVERS\hamachi.sys
0xB9199000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA2D8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA458000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5D8000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB913B000 \SystemRoot\system32\DRIVERS\update.sys
0xB9CC0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA2E8000 \SystemRoot\system32\DRIVERS\cledx.sys
0xBA2F8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA318000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5DE000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA178000 \SystemRoot\system32\drivers\libusb0.sys
0xBA470000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xBA5E4000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA7AB000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5E8000 \SystemRoot\System32\Drivers\Beep.SYS
0xB93AA000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA498000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA4A0000 \SystemRoot\System32\drivers\vga.sys
0xBA5EC000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5F0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA4B0000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA388000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB92FA000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB6F18000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB6EBF000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB6E6F000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB6E49000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB939A000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB6E27000 \SystemRoot\System32\drivers\afd.sys
0xB938A000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB937A000 \SystemRoot\system32\DRIVERS\netbios.sys
0xBA3B8000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB6E06000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
0xBA3C8000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xB6DDB000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB6D6B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB936A000 \SystemRoot\System32\Drivers\Fips.SYS
0xB6D48000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xBA3E8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xBA5F6000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xBA5F8000 \SystemRoot\system32\drivers\AsIO.sys
0xBA408000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB6F5F000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB933A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB6CFC000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xBA410000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB932A000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB6C31000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB6F4B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xBA430000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xBA450000 \SystemRoot\system32\DRIVERS\HidBatt.sys
0xB6B01000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA618000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB6C21000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA4A8000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA7D0000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB65AC000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB65D5000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB6CE4000 \SystemRoot\system32\DRIVERS\pnarp.sys
0xB6CD4000 \SystemRoot\system32\DRIVERS\purendis.sys
0xB6237000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB61FA000 \SystemRoot\system32\drivers\wdmaud.sys
0xB63DC000 \SystemRoot\system32\drivers\sysaudio.sys
0xB5F8B000 \SystemRoot\System32\Drivers\HTTP.sys
0xB5DCB000 \SystemRoot\system32\DRIVERS\srv.sys
0xB5ED3000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB5E3F000 \??\C:\WINDOWS\system32\drivers\pdihwctl.sys
0xBA468000 \SystemRoot\System32\Drivers\TDTCP.SYS
0xB4717000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xBA400000 \SystemRoot\system32\Drivers\LVPr2Mon.sys
0xBA440000 \??\C:\WINDOWS\nvoclock.sys
0xB45AD000 \??\C:\Program Files\RivaTuner v2.09\RivaTuner32.sys
0xB166A000 \SystemRoot\system32\drivers\kmixer.sys
0xB1548000 \SystemRoot\system32\DRIVERS\KeyMagic.sys
0xB5B83000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB4A62000 \SystemRoot\System32\Drivers\usbaapl.sys
0xB62FC000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xB5E43000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 97):
0 System Idle Process
4 System
832 C:\WINDOWS\system32\smss.exe
1064 csrss.exe
1092 C:\WINDOWS\system32\winlogon.exe
1136 C:\WINDOWS\system32\services.exe
1148 C:\WINDOWS\system32\lsass.exe
1368 C:\WINDOWS\system32\svchost.exe
1456 svchost.exe
1824 C:\WINDOWS\system32\svchost.exe
2020 svchost.exe
508 svchost.exe
680 C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
988 C:\WINDOWS\explorer.exe
260 C:\WINDOWS\system32\spoolsv.exe
1396 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1624 svchost.exe
1976 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2004 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1488 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
408 C:\Program Files\Bonjour\mDNSResponder.exe
1432 C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
356 C:\Program Files\Google\Update\GoogleUpdate.exe
584 C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
700 C:\WINDOWS\system32\svchost.exe
772 C:\Program Files\Java\jre6\bin\jqs.exe
2052 C:\WINDOWS\system32\libusbd-nt.exe
2068 C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
2252 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
2472 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2524 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
2532 C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
2564 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
2608 C:\WINDOWS\system32\rundll32.exe
2872 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
2896 C:\WINDOWS\system32\rundll32.exe
2964 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
3008 C:\WINDOWS\system32\nvsvc32.exe
3092 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
3292 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3372 C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
3404 C:\Program Files\iTunes\iTunesHelper.exe
3516 C:\WINDOWS\system32\ctfmon.exe
2788 C:\Program Files\Griffin Technology\PowerMate\PowerMate.exe
2796 C:\Program Files\Steam\steam.exe
2812 C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
3040 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
3136 C:\Program Files\Windows Media Player\wmpnscfg.exe
3176 C:\Program Files\AirVideoServer\AirVideoServer.exe
3220 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
3484 C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
3492 C:\WINDOWS\system32\java.exe
3600 C:\Program Files\PreSonus\1394AudioDriver_FirePod\FirePod.exe
3608 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3636 C:\WINDOWS\system32\svchost.exe
3876 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
3900 C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
3908 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
3924 C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
1936 wmpnetwk.exe
1580 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
1016 C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
3616 C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
2392 C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
4964 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
5032 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
5076 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
5136 C:\Program Files\iPod\bin\iPodService.exe
4120 alg.exe
6116 C:\Program Files\SABnzbd\SABnzbd.exe
2464 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4740 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4624 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4756 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4768 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4776 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4796 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4816 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4468 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
1796 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4372 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4464 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4308 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4828 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4860 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4896 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4948 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
6032 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
2148 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
1440 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3148 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3104 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
2084 C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
2512 C:\Program Files\VideoLAN\VLC\vlc.exe
5356 C:\SickBeard-win32-alpha-build465.02\SickBeard.exe
876 C:\Program Files\TeraCopy\TeraCopy.exe
5628 C:\Documents and Settings\Jon\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive4 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive5 at offset 0x00000000`00007e00 (NTFS)
\\.\L: --> \\.\PhysicalDrive3 at offset 0x00000000`00007e00 (FAT32)
\\.\M: --> \\.\PhysicalDrive10 at offset 0x00000000`00007e00 (NTFS)
\\.\N: --> \\.\PhysicalDrive9 at offset 0x00000000`00007e00 (NTFS)
\\.\O: --> \\.\PhysicalDrive8 at offset 0x00000000`00007e00 (NTFS)
\\.\P: --> \\.\PhysicalDrive7 at offset 0x00000000`00007e00 (NTFS)
\\.\Q: --> \\.\PhysicalDrive14 at offset 0x00000000`00007e00 (NTFS)
\\.\R: --> \\.\PhysicalDrive15 at offset 0x00000000`00007e00 (NTFS)
\\.\S: --> \\.\PhysicalDrive11 at offset 0x00000000`00007e00 (NTFS)
\\.\T: --> \\.\PhysicalDrive12 at offset 0x00000000`00007e00 (NTFS)
\\.\U: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\V: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\W: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)
\\.\X: --> \\.\PhysicalDrive13 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive4 Model Number: ST31000340AS, Rev: AD14
PhysicalDrive5 Model Number: ST31000340AS, Rev: SD15
PhysicalDrive3 Model Number: ST3160022A, Rev: 4.06
PhysicalDrive10 Model Number: CenturyEX35SW4_SB4-D, Rev: 0100
PhysicalDrive9 Model Number: CenturyEX35SW4_SB4-C, Rev: 0100
PhysicalDrive8 Model Number: CenturyEX35SW4_SB4-B, Rev: 0100
PhysicalDrive7 Model Number: CenturyEX35SW4_SB4-A, Rev: 0100
PhysicalDrive14 Model Number: ST31500341AS, Rev: SD1A
PhysicalDrive15 Model Number: ST31500341AS, Rev: SD1A
PhysicalDrive11 Model Number: ST31500341AS, Rev: CC1H
PhysicalDrive12 Model Number: ST31500341AS, Rev: CC1H
PhysicalDrive0 Model Number: ST31500341AS, Rev: CC1H
PhysicalDrive1 Model Number: ST31500341AS, Rev: CC1H
PhysicalDrive2 Model Number: ST31500341AS, Rev: CC1H
PhysicalDrive13 Model Number: ST31500341AS, Rev: CC1H

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive4 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
931 GB \\.\PhysicalDrive5 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive3 Unknown MBR code
SHA1: 52F361BC44BB87BE63C2F19360F552125A89E7DC
233 GB \\.\PhysicalDrive10 RE: Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E
465 GB \\.\PhysicalDrive9 RE: Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E
698 GB \\.\PhysicalDrive8 RE: Legit MBR code detected
SHA1: 317A49A9E93F077F2D004734D2A7B6CA7E7B9495
698 GB \\.\PhysicalDrive7 RE: Legit MBR code detected
SHA1: 317A49A9E93F077F2D004734D2A7B6CA7E7B9495
1397 GB \\.\PhysicalDrive14 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive15 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive11 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive12 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive0 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive1 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive2 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47
1397 GB \\.\PhysicalDrive13 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

 

[Broni]

OK, let's see where AVG is hiding...

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[gescom]

OTL.txt

OTL logfile created on: 11/21/2010 1:38:02 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 273.11 Gb Free Space | 29.32% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 855.64 Gb Free Space | 91.86% Space Free | Partition Type: NTFS
Drive J: | 7.44 Gb Total Space | 0.77 Gb Free Space | 10.38% Space Free | Partition Type: FAT32
Drive L: | 149.00 Gb Total Space | 148.99 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive M: | 233.76 Gb Total Space | 233.59 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive N: | 465.75 Gb Total Space | 344.79 Gb Free Space | 74.03% Space Free | Partition Type: NTFS
Drive O: | 698.64 Gb Total Space | 518.12 Gb Free Space | 74.16% Space Free | Partition Type: NTFS
Drive P: | 698.64 Gb Total Space | 235.26 Gb Free Space | 33.67% Space Free | Partition Type: NTFS
Drive Q: | 1397.26 Gb Total Space | 1384.47 Gb Free Space | 99.08% Space Free | Partition Type: NTFS
Drive R: | 1397.26 Gb Total Space | 1137.53 Gb Free Space | 81.41% Space Free | Partition Type: NTFS
Drive S: | 1397.26 Gb Total Space | 1007.95 Gb Free Space | 72.14% Space Free | Partition Type: NTFS
Drive T: | 1397.26 Gb Total Space | 586.57 Gb Free Space | 41.98% Space Free | Partition Type: NTFS
Drive U: | 1397.26 Gb Total Space | 468.56 Gb Free Space | 33.53% Space Free | Partition Type: NTFS
Drive V: | 1397.26 Gb Total Space | 58.53 Gb Free Space | 4.19% Space Free | Partition Type: NTFS
Drive W: | 1397.26 Gb Total Space | 358.14 Gb Free Space | 25.63% Space Free | Partition Type: NTFS
Drive X: | 1397.26 Gb Total Space | 458.93 Gb Free Space | 32.84% Space Free | Partition Type: NTFS

Computer Name: JONSDESKTOP | User Name: Jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/21 01:30:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
PRC - [2010/11/20 22:26:25 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2010/10/27 20:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe
PRC - [2010/10/16 03:03:14 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/10/14 09:10:05 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/23 13:36:04 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2010/09/14 10:18:20 | 004,922,760 | ---- | M] () -- C:\Program Files\AirVideoServer\AirVideoServer.exe
PRC - [2010/08/08 23:14:08 | 000,488,968 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2010/08/08 23:13:51 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/07/12 10:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/05/05 17:16:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
PRC - [2010/03/30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010/01/14 22:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/12/16 18:02:16 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/03/16 09:33:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/11/06 14:26:08 | 000,089,928 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
PRC - [2008/11/06 14:26:08 | 000,053,064 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\TscHelp.exe
PRC - [2008/11/06 14:26:04 | 008,801,608 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\SnagitEditor.exe
PRC - [2008/11/06 14:26:02 | 007,217,480 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
PRC - [2008/09/10 01:53:58 | 002,187,264 | ---- | M] (CloseToSoftware) -- C:\Program Files\CD Art Display\CAD.exe
PRC - [2008/08/05 21:58:12 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/05/02 01:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 01:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/07 11:57:16 | 000,385,024 | ---- | M] (Griffin Technology) -- C:\Program Files\Griffin Technology\PowerMate\PowerMate.exe
PRC - [2007/10/10 16:28:48 | 001,126,400 | ---- | M] (PreSonus Audio Electronics) -- C:\Program Files\PreSonus\1394AudioDriver_FirePod\FirePod.exe
PRC - [2007/09/26 18:05:58 | 000,734,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2007/09/20 14:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/09/20 14:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2005/10/22 23:00:00 | 000,385,024 | ---- | M] (Team H2O) -- C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
PRC - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS\system32\libusbd-nt.exe


========== Modules (SafeList) ==========

MOD - [2010/11/21 01:30:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/08 23:15:16 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2009/07/12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/05/02 01:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/02 16:09:56 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/12/16 18:02:16 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/03/16 09:33:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/09/08 18:19:46 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008/08/05 21:58:12 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/06/10 20:22:56 | 001,072,008 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2008/06/05 13:44:46 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/09/04 20:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Running] -- C:\WINDOWS\system32\libusbd-nt.exe -- (libusbd)
SRV - [2002/12/17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Jon\Desktop\RealTemp_2.70\WinRing0.sys -- (WinRing0_1_1_1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2010/08/02 16:10:10 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/08/02 16:10:10 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/07/27 02:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/07/27 02:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2010/07/27 02:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/06/17 15:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:14 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/03/01 22:46:31 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/01 22:46:31 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/03/01 22:46:30 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/27 15:58:32 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2009/09/23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/04 15:48:50 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/02/09 13:18:00 | 006,307,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/12/18 08:02:32 | 001,051,136 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CAMTHWDM.sys -- (CAMTHWDM)
DRV - [2008/12/12 18:05:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 18:05:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/08/06 23:20:37 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2008/07/29 13:35:18 | 000,021,920 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008/07/26 09:26:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/17 00:15:04 | 000,099,776 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/07/03 18:34:14 | 002,020,160 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudaxp.sys -- (cmudaxp)
DRV - [2008/06/10 20:22:52 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2008/06/02 14:19:16 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt)
DRV - [2008/06/02 14:19:12 | 000,042,376 | ---- | M] (PCTools Research Pty Ltd.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2008/04/28 12:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.09\RivaTuner32.sys -- (RivaTuner32)
DRV - [2008/04/13 12:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/04/13 11:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 11:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 11:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/02/29 02:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/10/11 19:59:12 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/10/09 16:07:52 | 000,123,440 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pae_1394.sys -- (pae_1394)
DRV - [2007/10/09 16:07:52 | 000,051,248 | ---- | M] (BridgeCo AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pae_avs.sys -- (pae_avs)
DRV - [2007/10/08 21:56:23 | 000,017,920 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2007/09/04 20:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007/08/15 02:22:00 | 000,265,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/07/28 15:50:36 | 000,517,632 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007/02/26 18:15:22 | 000,061,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/01/25 15:41:30 | 000,014,416 | ---- | M] (Portrait Displays, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pdihwctl.sys -- (PDIHWCTL)
DRV - [2007/01/15 19:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/12/14 02:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/12/12 10:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/10/18 13:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/03/17 03:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006/02/07 05:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005/12/21 08:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/05/09 19:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2004/10/15 07:54:56 | 000,044,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i1display.sys -- (i1display)
DRV - [2004/08/22 15:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 15:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004/08/13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MSN Encarta - Dictionary"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.3.2
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.7amo
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.5
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: sabnzbdstatus@dq5studios.com:1.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
FF - prefs.js..extensions.enabledItems: daumtheme@duamcorp.com:0.1
FF - prefs.js..extensions.enabledItems: rein@notiz.jp:3.6.1
FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.6.5
FF - prefs.js..extensions.enabledItems: cfxec@Triton:2.0.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/27 21:38:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/08 23:15:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/08 22:34:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/28 18:28:19 | 000,000,000 | ---D | M]

[2009/01/23 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Extensions
[2009/01/23 00:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Extensions\prism@developer.mozilla.org
[2010/11/02 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions
[2010/11/02 18:10:01 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/01/21 21:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2008/04/21 01:49:56 | 000,000,000 | ---D | M] (macfoxII) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{1476ff20-0a3c-11db-9cd8-0800200c9a66}
[2010/11/02 18:09:53 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010/08/12 19:25:33 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/01/28 22:12:52 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/11/02 18:09:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/07/27 23:08:45 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/06/03 01:24:24 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/11/02 18:09:59 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2008/04/21 01:50:02 | 000,000,000 | ---D | M] (miniFox) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{bde351f9-0fcb-2fcf-3b9b-626f1f37d6e5}
[2010/08/31 23:59:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/02 18:10:02 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/05/18 22:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\cfxe@Triton
[2010/01/21 21:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\cfxec@Triton
[2010/05/18 22:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\cfxHelper@Triton
[2010/03/11 03:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\chromifox@altmusictv.com
[2010/05/04 00:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\CompactMenuCE@Merci.chao
[2009/12/23 23:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\daumtheme@duamcorp.com
[2008/04/21 01:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\ffe_opaque_clrtabs@game-point.net
[2010/11/02 18:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\guiconfig@slosd.net
[2010/03/11 03:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\locationbar2@design-noir.de
[2009/02/17 10:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\moveplayer@movenetworks.com
[2010/11/02 18:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\personas@christopher.beard
[2010/01/22 17:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\rapidfire@schmizz.net
[2010/01/22 17:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\rein@notiz.jp
[2010/05/04 00:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\sabnzbdstatus@dq5studios.com
[2008/04/21 01:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\Saturated@davidnaylor.org
[2010/08/12 23:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\SkipScreen@SkipScreen
[2010/11/02 18:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\smarterwiki@wikiatic.com
[2010/07/12 00:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\tineye@ideeinc.com
[2010/01/22 17:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\VacuumPlacesImproved@lultimouomo-gmail.com
[2009/12/23 23:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\daumtheme@duamcorp.com\chrome\mozapps\extensions
[2010/10/26 18:26:28 | 000,002,105 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\searchplugins\msn-encarta---dictionary.xml
[2010/11/02 18:10:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/05 17:17:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/02/15 03:37:27 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
[2010/05/05 17:16:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 10:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2007/03/09 17:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

O1 HOSTS File: ([2009/03/16 09:22:29 | 000,000,834 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio8788] File not found
O4 - HKLM..\Run: [H2O] C:\Program Files\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe ()
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.09\RivaTuner.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB2Check] C:\WINDOWS\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AirVideoServer] C:\Program Files\AirVideoServer\AirVideoServer.exe ()
O4 - HKCU..\Run: [Bandwidth Vista 2] C:\Program Files\Bandwidth Vista\Bandwidth Vista 2\bandwidthvista2.exe File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [MCW Startup] C:\Program Files\Monitor Calibration Wizard\MCW.exe ()
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [PowerMate] C:\Program Files\Griffin Technology\PowerMate\PowerMate.exe (Griffin Technology)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [Steam] C:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FirePod Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FirePod\FirePod.exe (PreSonus Audio Electronics)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Shortcut to googletalkplugin.exe.lnk = C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O4 - Startup: C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Google Talk, Labs Edition.lnk = C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk, Labs Edition\GoogleTalkLabsEdition.exe (Google)
O4 - Startup: C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 10 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab (DLM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/20 10:57:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CFHD - C:\WINDOWS\System32\CFHD.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/21 01:30:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
[2010/11/16 18:53:36 | 041,896,896 | ---- | C] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Documents and Settings\Jon\Desktop\Evernote_4.0.1.2927.exe
[2010/11/16 18:15:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/11/16 18:15:11 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/11/16 18:15:11 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/11/16 18:15:11 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/11/16 18:15:11 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/11/16 18:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/11/16 18:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/16 18:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop\avira_antivir_personal_en
[2010/11/16 09:09:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/16 09:09:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/14 04:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/11/13 00:05:27 | 000,000,000 | ---D | C] -- C:\SickBeard-win32-alpha-build465.02
[2010/11/12 23:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/12 22:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/08 22:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Desktop\Xmas Song MIDI
[2010/11/05 20:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\logishrd
[2010/11/05 20:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2010/10/30 11:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Joiner
[2010/10/30 10:26:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jon\Application Data\MPEG Streamclip
[2008/06/10 22:07:01 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jon\Application Data\pcouffin.sys
[2008/04/24 23:05:02 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008/04/24 23:05:02 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys

 

[gescom]

OTL.txt continued


[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/21 01:35:15 | 000,102,400 | ---- | M] () -- C:\Documents and Settings\Jon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/21 01:35:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/21 01:30:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
[2010/11/21 01:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1715567821-725345543-1003UA.job
[2010/11/21 01:08:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/20 22:29:02 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1715567821-725345543-1003.job
[2010/11/20 22:28:55 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1715567821-725345543-1003.job
[2010/11/20 22:26:12 | 000,204,080 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/11/20 22:25:47 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/20 22:25:47 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1715567821-725345543-500.job
[2010/11/20 22:25:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/20 21:42:36 | 003,912,769 | R--- | M] () -- C:\Documents and Settings\Jon\Desktop\bombofix.exe
[2010/11/20 17:04:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/20 16:32:52 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\rkill.exe
[2010/11/20 16:17:15 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\MBRCheck.exe
[2010/11/20 10:15:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1715567821-725345543-1003Core.job
[2010/11/20 01:29:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/19 09:52:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/16 18:55:25 | 041,896,896 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Documents and Settings\Jon\Desktop\Evernote_4.0.1.2927.exe
[2010/11/16 18:17:16 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\HiJackThis.lnk
[2010/11/16 18:16:25 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\8eg49h95.exe
[2010/11/16 09:05:16 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2010/11/15 02:13:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1715567821-725345543-500.job
[2010/11/15 01:53:33 | 001,315,483 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\modecalc.zip
[2010/11/13 15:24:20 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/12 23:02:53 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/11 21:29:30 | 000,002,268 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\Google Chrome.lnk
[2010/11/10 20:17:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/11/08 22:34:20 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2010/11/08 01:02:52 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/08 01:02:34 | 000,461,748 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/08 01:02:34 | 000,079,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/08 00:58:48 | 000,000,355 | -HS- | M] () -- C:\boot.ini
[2010/11/07 16:22:15 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\SABnzbd.lnk
[2010/11/07 13:40:41 | 005,087,696 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\CMS-User-manual-2689.pdf
[2010/11/05 21:25:48 | 001,852,789 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\jnr68.jpg
[2010/11/05 20:56:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/11/05 20:51:32 | 000,001,261 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2010/11/05 20:45:33 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2010/11/05 20:38:04 | 002,428,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/01 08:01:55 | 000,560,373 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\vso_ts_preview.xml
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/20 21:42:48 | 003,912,769 | R--- | C] () -- C:\Documents and Settings\Jon\Desktop\bombofix.exe
[2010/11/20 17:04:25 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/20 16:32:51 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\rkill.exe
[2010/11/20 16:17:14 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\MBRCheck.exe
[2010/11/16 18:16:23 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\8eg49h95.exe
[2010/11/16 18:14:42 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\HiJackThis.lnk
[2010/11/16 09:05:16 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileZilla Client.lnk
[2010/11/15 01:53:22 | 001,315,483 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\modecalc.zip
[2010/11/13 15:24:20 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2010/11/12 23:02:53 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/10 20:21:55 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1715567821-725345543-1003.job
[2010/11/08 22:34:20 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2010/11/08 01:02:51 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/11/07 13:40:28 | 005,087,696 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\CMS-User-manual-2689.pdf
[2010/11/06 08:59:15 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Jon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/05 21:25:48 | 001,852,789 | ---- | C] () -- C:\Documents and Settings\Jon\Desktop\jnr68.jpg
[2010/11/05 20:51:32 | 000,001,261 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2010/07/27 02:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/07/27 02:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/28 17:08:55 | 000,000,180 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/24 18:51:35 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\wltxcmsn.sys
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/03/28 02:20:16 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2010/03/27 21:46:32 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\mulch200.ini
[2010/02/18 22:19:59 | 001,051,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/10/29 14:20:49 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\setup_ldm.iss
[2009/06/16 20:59:59 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/05/18 21:35:19 | 000,000,014 | R--- | C] () -- C:\WINDOWS\msshellspool.ini
[2009/05/18 21:29:37 | 000,000,087 | ---- | C] () -- C:\WINDOWS\mirage.ini
[2009/02/17 23:06:42 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/02/02 09:09:45 | 000,000,326 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2009/01/19 14:07:07 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\cmasiop.ini
[2008/12/10 14:05:21 | 007,942,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2008/12/01 18:30:44 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/11/06 10:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 10:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/07 13:33:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/10/07 13:33:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/10/07 13:33:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/10/07 13:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 13:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/08/28 15:10:15 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008/08/20 00:30:33 | 000,044,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\i1display.sys
[2008/08/06 15:09:27 | 000,560,373 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\vso_ts_preview.xml
[2008/07/28 17:51:13 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRVP.dll
[2008/07/28 17:51:13 | 000,000,729 | ---- | C] () -- C:\WINDOWS\Cmicnfgp.ini.cfl
[2008/07/28 17:50:47 | 000,003,596 | ---- | C] () -- C:\WINDOWS\Cmicnfgp.ini.cfg
[2008/07/28 17:50:45 | 000,002,001 | ---- | C] () -- C:\WINDOWS\cmudaxp.ini
[2008/07/23 22:35:48 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/23 21:33:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/07/23 01:24:46 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/07/23 01:24:46 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/07/18 17:18:51 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008/07/09 18:15:16 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2008/07/08 18:41:26 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/07/07 22:23:12 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/10 22:07:01 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\inst.exe
[2008/06/10 22:07:01 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\pcouffin.cat
[2008/06/10 22:07:01 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\pcouffin.inf
[2008/06/10 22:07:01 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\pcouffin.log
[2008/06/05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/05/14 05:51:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/04/29 02:06:47 | 006,533,120 | ---- | C] () -- C:\WINDOWS\System32\PSP VintageWarmer.dll
[2008/04/29 02:06:47 | 002,568,192 | ---- | C] () -- C:\WINDOWS\System32\PSP VintageMeter.dll
[2008/04/28 02:13:25 | 000,038,465 | ---- | C] () -- C:\Documents and Settings\Jon\Application Data\Comma Separated Values (Windows).ADR
[2008/04/28 02:08:18 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/04/24 22:54:48 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\Kernelh2.dll
[2008/04/24 22:52:37 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\Kernelo2.dll
[2008/04/24 22:26:40 | 000,905,290 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2008/04/21 12:37:24 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/04/21 01:05:35 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/21 00:43:44 | 000,002,489 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/20 12:11:02 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008/04/20 12:11:02 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008/04/20 11:50:15 | 000,040,446 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/04/20 11:47:17 | 000,040,408 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/04/20 11:47:15 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/04/20 11:47:06 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/04/19 20:17:43 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/03/12 13:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/10/03 09:53:03 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\com.fxpansion.fxshared.dll
[2006/09/18 13:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 13:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2004/08/22 16:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2002/04/13 11:02:38 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\vttdrve.dll
[1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/03/06 17:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2008/07/17 05:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2008/04/28 05:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Audio Ease
[2009/07/27 19:00:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/08/07 20:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010/03/28 02:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/09/02 23:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008/12/17 12:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2008/05/07 20:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ID3-TagIT 3
[2009/02/25 04:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iZ3D Driver
[2009/01/25 18:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2009/01/30 12:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NewsBin
[2010/03/28 02:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/03/27 22:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/07/29 04:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2008/07/29 04:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2009/01/07 00:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2009/01/06 21:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/03/16 16:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2010/03/28 02:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2008/07/29 04:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 12
[2009/01/29 23:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/05/24 18:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/08/06 21:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/02/18 22:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009/03/13 11:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/03/31 20:25:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{261FD3E7-AC6C-4785-8405-DCF2100A3A46}
[2010/03/29 22:09:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{3510BFC0-AC05-49F2-8E73-7DA6EA777DE2}
[2009/11/02 01:35:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{35ACA973-70F0-495F-9092-74A130711865}
[2010/03/31 20:20:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{3EE98DDF-8EFF-4760-88EB-D666A839217F}
[2010/04/02 15:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/31 22:49:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{580B8E22-2CB8-4C43-AE50-9338E581C6FA}
[2009/09/09 22:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/09 20:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/03/31 20:19:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{9D92E4DF-0CEE-44D4-A4FE-2B4A438E1607}
[2010/03/31 20:34:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A6CBE6A2-B738-440D-B19A-60D7C36810C7}
[2010/03/31 20:23:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2010/03/31 20:07:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2010/04/03 13:04:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{DFE2E7B1-6B2C-4104-9C65-82A52ECA8CB8}
[2010/03/31 22:49:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{F322C569-6416-428D-A2EA-A5D1C7073DE8}
[2008/08/08 05:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\.SwarmPlayer
[2008/08/08 05:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\.Tribler
[2009/08/17 17:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Amazon
[2008/04/28 05:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Audio Ease
[2010/02/14 22:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Auslogics
[2009/05/02 01:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\avidemux
[2010/05/05 17:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Bump Technologies, Inc
[2009/09/14 21:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Canon
[2008/08/20 17:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\cmw
[2009/01/06 22:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\dBpoweramp
[2008/07/10 03:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\DVD Profiler
[2010/02/15 03:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\E-centives
[2009/01/27 15:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\ESET
[2010/03/01 02:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Facebook
[2010/11/16 09:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\FileZilla
[2010/02/23 01:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\GetRightToGo
[2010/09/01 23:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\GrabIt
[2008/08/20 01:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\GretagMacbeth
[2008/09/15 18:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\GriffinTechnology
[2009/12/17 22:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\HandBrake
[2010/02/25 01:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\I2P
[2008/05/07 23:21:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\ID3-TagIT 3
[2009/01/16 16:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\iPhoneRingToneMaker
[2009/02/25 04:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\iZ3D Driver
[2009/04/16 18:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\iZotope
[2008/12/03 15:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Leadertech
[2008/08/06 22:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\LEAPS
[2008/08/29 00:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\LimeWire
[2009/05/18 21:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\mirage
[2009/05/14 00:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Moyea
[2010/10/30 10:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\MPEG Streamclip
[2008/04/24 22:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\NetMedia Providers
[2010/07/29 21:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Notepad++
[2008/08/07 00:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Pegasys Inc
[2009/01/23 04:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Prism
[2010/02/08 03:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Publish Providers
[2010/06/08 22:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Scooter Software
[2009/01/06 22:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Sony
[2008/05/14 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Sony Setup
[2008/04/28 06:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Steinberg
[2010/03/27 23:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\SystemRequirementsLab
[2009/11/30 23:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\TeraCopy
[2008/12/03 02:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\TMP
[2010/02/24 23:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\TVRename
[2010/11/20 21:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\uTorrent
[2010/03/28 00:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\VideoReDoPlus
[2010/09/27 23:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\VirtualStore
[2010/11/01 08:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Vso
[2010/03/29 22:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Waves
[2008/04/28 05:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Waves Audio
[2010/03/29 22:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Waves Preferences
[2009/01/23 04:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\WebApps
[2010/02/18 22:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jon\Application Data\Webcammax

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/08/18 23:04:20 | 000,001,024 | ---- | M] () -- C:\.rnd
[2008/08/06 12:06:00 | 000,000,414 | ---- | M] () -- C:\AeDebug (Dr. Watson).reg
[2008/04/20 10:57:25 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/11/08 00:58:48 | 000,000,355 | -HS- | M] () -- C:\boot.ini
[2009/04/21 23:28:23 | 000,383,200 | RHS- | M] () -- C:\bootmgr
[2008/08/06 12:22:24 | 000,214,736 | ---- | M] () -- C:\cc_20080806_132147.reg
[2008/08/06 12:23:16 | 000,001,804 | ---- | M] () -- C:\cc_20080806_132301.reg
[2008/08/06 12:23:29 | 000,000,194 | ---- | M] () -- C:\cc_20080806_132327.reg
[2008/12/17 08:56:31 | 000,691,724 | ---- | M] () -- C:\cc_20081217_085609.reg
[2010/02/10 19:56:39 | 000,077,156 | ---- | M] () -- C:\cc_20100210_195627.reg
[2008/04/20 10:57:25 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/11/02 16:00:00 | 000,171,136 | RHS- | M] () -- C:\grldr
[2008/04/20 10:57:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/08/15 06:13:33 | 000,016,799 | ---- | M] () -- C:\iphonecover.jpg
[2008/08/15 05:56:08 | 000,064,577 | ---- | M] () -- C:\iPodCover.jpg
[2010/05/18 22:26:09 | 000,011,045 | ---- | M] () -- C:\JavaRa.log
[2009/05/29 21:20:26 | 000,090,112 | ---- | M] () -- C:\Mini052909-03.dmp
[2008/04/20 10:57:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/12/10 14:00:04 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com
[2008/08/26 14:10:04 | 000,297,072 | RHS- | M] () -- C:\ntldr
[2010/11/20 22:25:26 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[1998/01/22 17:12:22 | 000,029,824 | R--- | M] () -- C:\Readme.wri
[2010/11/20 21:44:06 | 000,000,593 | ---- | M] () -- C:\rkill.log
[2006/03/13 21:07:40 | 000,000,620 | ---- | M] () -- C:\SETUP.VBS
[2009/05/02 00:40:22 | 000,017,827 | ---- | M] () -- C:\video.pass
[2009/05/01 22:21:42 | 000,127,776 | ---- | M] () -- C:\video.stats
[2008/08/27 02:32:33 | 000,000,747 | ---- | M] () -- C:\VST Plugins Installed.txt
[2006/03/13 23:26:23 | 000,000,043 | ---- | M] () -- C:\WAP.BAT
[2009/05/01 22:19:50 | 000,000,078 | ---- | M] () -- C:\xvid.pass

< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2008/04/20 10:57:07 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/09/13 04:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD83.DLL
[2006/09/13 04:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP83.DLL
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2008/08/24 21:33:16 | 000,069,632 | ---- | M] (CD Art Display) -- C:\WINDOWS\cadSSaver.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >
[2008/04/08 11:34:02 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\The NeoSmart Files.url

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/04/19 20:12:45 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/04/19 20:12:45 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/04/19 20:12:45 | 000,933,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/12/10 14:08:24 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/04/20 11:27:07 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/04/20 11:27:06 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2010/11/16 18:16:25 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\8eg49h95.exe
[2010/11/20 21:42:36 | 003,912,769 | R--- | M] () -- C:\Documents and Settings\Jon\Desktop\bombofix.exe
[2010/11/16 18:55:25 | 041,896,896 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Documents and Settings\Jon\Desktop\Evernote_4.0.1.2927.exe
[2010/02/01 23:59:35 | 003,439,104 | ---- | M] (Mouse Industries) -- C:\Documents and Settings\Jon\Desktop\iRinger.exe
[2009/07/30 17:26:07 | 000,081,920 | ---- | M] (Kunaki) -- C:\Documents and Settings\Jon\Desktop\Kunaki_CD-DVD_Publishing_Service.exe
[2010/11/20 16:17:15 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\MBRCheck.exe
[2010/11/21 01:30:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jon\Desktop\OTL.exe
[2010/06/07 15:16:56 | 003,887,480 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Jon\Desktop\procexp.exe
[2010/11/20 16:32:52 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Jon\Desktop\rkill.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/07/01 08:17:02 | 004,202,005 | ---- | M] () -- C:\Documents and Settings\Jon\My Documents\FileZilla_3.3.3_win32-setup.exe

< %USERPROFILE%\*.exe >
[2008/12/03 02:09:52 | 007,075,736 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\Jon\iata86enu.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/04/20 11:27:06 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Jon\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/03/06 04:04:01 | 000,000,822 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
MyDefragScreenSaver v4.2.8.exe

< dir /b "%systemroot%\*.exe" | find /i " " /c >
File Renamer - Basic Uninstaller.exe

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2008/07/17 04:05:31 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Jon\Cookies\desktop.ini
[2010/11/21 01:00:10 | 000,032,768 | -HS- | M] () -- C:\Documents and Settings\Jon\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 21:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
[2006/06/23 00:48:54 | 000,032,768 | R--- | M] (AsusTek Inc.) -- C:\WINDOWS\inf\UpdateUSB.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 18:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 02:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 02:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 08:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 11:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 18:12:28 | 001,695,232 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/02 12:07:23 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/02 12:07:23 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/02 12:07:24 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 02:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 02:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
"NoAutoRebootWithLoggedOnUsers" = 1
"RebootRelaunchTimeoutEnabled" = 0

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:054B9966

< End of report >

 

[gescom]

Extras.txt

OTL Extras logfile created on: 11/21/2010 1:38:02 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jon\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 273.11 Gb Free Space | 29.32% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 855.64 Gb Free Space | 91.86% Space Free | Partition Type: NTFS
Drive J: | 7.44 Gb Total Space | 0.77 Gb Free Space | 10.38% Space Free | Partition Type: FAT32
Drive L: | 149.00 Gb Total Space | 148.99 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive M: | 233.76 Gb Total Space | 233.59 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive N: | 465.75 Gb Total Space | 344.79 Gb Free Space | 74.03% Space Free | Partition Type: NTFS
Drive O: | 698.64 Gb Total Space | 518.12 Gb Free Space | 74.16% Space Free | Partition Type: NTFS
Drive P: | 698.64 Gb Total Space | 235.26 Gb Free Space | 33.67% Space Free | Partition Type: NTFS
Drive Q: | 1397.26 Gb Total Space | 1384.47 Gb Free Space | 99.08% Space Free | Partition Type: NTFS
Drive R: | 1397.26 Gb Total Space | 1137.53 Gb Free Space | 81.41% Space Free | Partition Type: NTFS
Drive S: | 1397.26 Gb Total Space | 1007.95 Gb Free Space | 72.14% Space Free | Partition Type: NTFS
Drive T: | 1397.26 Gb Total Space | 586.57 Gb Free Space | 41.98% Space Free | Partition Type: NTFS
Drive U: | 1397.26 Gb Total Space | 468.56 Gb Free Space | 33.53% Space Free | Partition Type: NTFS
Drive V: | 1397.26 Gb Total Space | 58.53 Gb Free Space | 4.19% Space Free | Partition Type: NTFS
Drive W: | 1397.26 Gb Total Space | 358.14 Gb Free Space | 25.63% Space Free | Partition Type: NTFS
Drive X: | 1397.26 Gb Total Space | 458.93 Gb Free Space | 32.84% Space Free | Partition Type: NTFS

Computer Name: JONSDESKTOP | User Name: Jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ID3-TagIT] -- "C:\Program Files\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3389:TCP" = 3389:TCP:*:Enabledxpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"3389:TCP" = 3389:TCP:*:Enabledxpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNetisabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNetisabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNetisabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNetisabledxpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Codemasters\GRID\GRID.exe" = C:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID -- (Codemasters)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\RpcSandraSrv.exe" = C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro -- File not found
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Steam\steamapps\common\world of goo\WorldOfGoo.exe" = C:\Program Files\Steam\steamapps\common\world of goo\WorldOfGoo.exe:*:Enabled:World of Goo -- ()
"C:\Program Files\Steam\steamapps\common\i-fluid\I-Fluid.exe" = C:\Program Files\Steam\steamapps\common\i-fluid\I-Fluid.exe:*:Enabled:I-Fluid -- ()
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe" = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech -- (Logitech, Inc.)
"C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe:*:Enabled:QuickBooks 2010 Data Manager -- (Intuit, Inc.)
"C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk, Labs Edition\GoogleTalkLabsEdition.exe" = C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Google Talk, Labs Edition\GoogleTalkLabsEdition.exe:*:Enabled:Google Talk, Labs Edition -- (Google)
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\SickBeard-win32-alpha-build458\SickBeard.exe" = C:\SickBeard-win32-alpha-build458\SickBeard.exe:*:Enabled:SickBeard -- File not found
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\AirVideoServer\AirVideoServer.exe" = C:\Program Files\AirVideoServer\AirVideoServer.exe:*:Enabled:Air Video Server -- ()
"C:\Program Files\Steam\steamapps\common\left 4 dead\srcds.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead\srcds.exe:*:Enabled:Left 4 Dead Dedicated Server -- ()
"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\SickBeard-win32-alpha-build465.02\SickBeard.exe" = C:\SickBeard-win32-alpha-build465.02\SickBeard.exe:*:Enabled:SickBeard -- ()
"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"C:\Program Files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe" = C:\Program Files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe:*:Enabled:Killing Floor -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{009AC76E-1A66-4682-82B7-417E77F3C648}" = Superior Drummer Installer
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A425-40A5-BD20-04BF618CA0F9}" = QuickBooks Premier: Retail Edition 2010
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E6ED660-498C-42F7-9EF4-FB0C96DFC01A}" = Snagit 9.1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{147567F0-8575-4BE0-B5B3-62706C67FA5A}" = EZXCocktail
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CD0C3C5-809D-4CFC-904A-1B67C6243637}" = Debugging Tools for Windows (x86)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}" = Spectro
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis*Disk Director Suite
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2956585F-DB2F-45C2-9363-F8CB0BB4F2A7}" = Sony ACID Pro 6.0
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B5A75F0-FD85-4094-AB00-94902398D192}" = Sony Media Manager 2.2
"{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}" = EZXPercussion
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38EE230F-F631-451F-8800-E29F5E5C9E7D}" = iTunes Library Updater
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A30DFDF-238C-4DE4-B8D8-D764AF468AA5}" = KORG USB-MIDI Driver Tools for Windows
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{430399DC-98BC-4A7F-8F8E-77981CABAE05}" = EZXVintage
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49DB3527-121C-4E11-83FA-1016BECFA2DA}_is1" = "Film" template for ConvertXToDVD 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEA9A23-D627-4699-8A0F-FC474308C2E6}" = Sony Sound Forge 9.0
"{4C8169AB-B6C1-413B-81B6-73B77127D82F}" = Microsoft File Transfer Manager
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}" = Prime95
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6600970A-BAE7-412A-BFFC-91AD793B3A41}" = ASUS WiFi-AP @n
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7546C4F7-5E12-4E46-BF59-323924C2456B}_is1" = "Champetre" template for ConvertXToDVD 3
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8094F7AE-CA21-4AF2-A256-BC918CE0E796}" = EZXClaustrophobic
"{81CB77FF-9789-4337-A46E-185F7876AC40}" = Adobe Photoshop Lightroom 2.6
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82DF9225-13EC-41BD-BE31-AAB121B38166}" = EZXNashville
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{876D2C17-263E-43FD-A7E2-34428E82F239}" = Google Talk, Labs Edition
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E0E1270-9638-4DD9-B5C7-9F0887C2135F}" = Sony CD Architect 5.2
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96965E6C-41DB-4E0A-BC65-D92381D51D2A}" = Sony Vegas 7.0d
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5
"{AC76BA86-7AD7-2447-0000-800000000003}" = Chinese Simplified Fonts Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B944FA21-81AF-4A77-8328-CE4F4CC51033}" = Nero 8
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C81B363C-3918-4D53-8B90-EBABA515928E}" = ASUS WiFi-AP @n
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB3F587-BAD0-4F32-99FC-301E6F9ABAB4}" = MIDI Yoke
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE378F36-E404-4244-A33F-F50A2A6D31BD}" = Microsoft Color Control Panel Applet for Windows XP
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}" = EZXTwisted
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D799CA10-F7D5-46FF-97D7-06195C9EDA70}" = BBE Sonic Maximizer 2.0 Full
"{D799CC16-F3B5-468D-AC67-6F77AAA98173}" = Native Instruments Komplete 6
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D8C6F2D1-96C2-4C4A-83A0-4492E7A48491}" = Audiochecker
"{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}" = EZXDfh
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DB941B05-96AB-4AC9-B4CE-B428B9E049F3}" = Sony Preset Manager 2.0
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}" = iTunes
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}" = ACID Pro 7.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"181B29655BDD6EA3FC483A7E4D1C2ED7735873F0" = Windows Driver Package - Apple Inc. Apple Keyboard (08/30/2007 2.0.1.4)
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.2.5 Professional
"Adobe Acrobat 8 Professional_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Air Video Server" = Air Video Server 2.4.2
"Album List" = Album List for Winamp v2.05 (remove only)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"Antares AVOX Bundle VST RTAS_is1" = Antares AVOX Bundle VST RTAS v1.1.3
"Antares Harmony Engine VST RTAS_is1" = Antares Harmony Engine VST RTAS v1.0
"Antares Microphone Modeler 1.31 DirectX" = Antares Microphone Modeler 1.31 DirectX
"ASIO4ALL" = ASIO4ALL
"Atmosphere_is1" = Atmosphere
"AudioEase Altiverb 5.4.6" = AudioEase Altiverb 5.4.6
"AudioMulch Interactive Music Studio_is1" = AudioMulch Interactive Music Studio 2.0.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeyondCompare3_is1" = Beyond Compare Version 3.1.3
"BFD" = BFD
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"CD - DVD Publishing Service" = CD - DVD Publishing Service
"CD Art Display_is1" = CD Art Display 2.0
"cfhd" = CineForm HD CODEC
"C-Media Oxygen HD Sound" = HT OMEGA CLARO
"Collab" = Collab
"Cuttermusic Revitar v2.0" = Cuttermusic Revitar v2.0
"db audioware Sidechain Compressor VST v1.1.0" = db audioware Sidechain Compressor VST v1.1.0
"dBpoweramp AAC Encoder" = dBpoweramp AAC Encoder
"dBpoweramp DirectShow Decoder" = dBpoweramp DirectShow Decoder
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBpoweramp Musepack Codec" = dBpoweramp Musepack Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"dBpoweramp Shorten Codec" = dBpoweramp Shorten Codec
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"dBpowerAMP Windows Media Audio 9 Codec" = dBpowerAMP Windows Media Audio 9 Codec
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"Drumagog 44.09" = Drumagog 4
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.7.5
"East West Colossus" = East West Colossus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate + Corporate Edition_is1" = EVEREST Ultimate v4.20.1257 + Corporate Edition Beta Registered
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"File Renamer - Basic" = File Renamer - Basic
"FileZilla Client" = FileZilla Client 3.3.4.1
"FL Studio 8" = FL Studio 8
"Free Video Dub_is1" = Free Video Dub version 1.4
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HandBrake" = Handbrake 0.9.4
"Har-Bal v2.0" = Har-Bal v2.0
"ID3-TagIT 3_is1" = ID3-TagIT 3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"InFlac" = InFlac 1.1.1
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InvelosDVDProfiler_is1" = DVD Profiler Version 3.1.1
"iZotope Ozone 3.07" = iZotope Ozone 3.07
"iZotope Ozone 4_is1" = iZotope Ozone 4
"iZotope Spectron v1.0.6" = iZotope Spectron v1.0.6
"iZotope Trash 1.06" = iZotope Trash 1.06
"iZotope Vinyl 1.6_is1" = iZotope Vinyl 1.6
"LastFM_is1" = Last.fm 1.5.4.27091
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Logitech Vid" = Logitech Vid HD
"LogMeIn Hamachi" = LogMeIn Hamachi
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Magic ISO Maker v5.5 (build 0265)" = Magic ISO Maker v5.5 (build 0265)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"mIRC" = mIRC
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Monitor Calibration Wizard" = Monitor Calibration Wizard 1.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"M-Tron" = M-Tron
"MyDefrag v4.2.7_is1" = MyDefrag v4.2.7
"MyDefrag v4.2.8_is1" = MyDefrag v4.2.8
"N.I Pro-53 v3.0-OxYGeN" = N.I Pro-53 v3.0-OxYGeN
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments B4 v1.1.5" = Native Instruments B4 v1.1.5
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments ElektrikPiano" = Native Instruments ElektrikPiano (remove only)
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Guitar Rig v1.2" = Native Instruments Guitar Rig v1.2
"Native Instruments Komplete 6" = Native Instruments Komplete 6
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kontakt v1.5.3 Incl Keygen" = Native Instruments Kontakt v1.5.3 Incl Keygen
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor v4.1.3.005" = Native Instruments Reaktor v4.1.3.005
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Spektral Delay v1.57" = Native Instruments Spektral Delay v1.57
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Noise Ninja (Standalone Version)_is1" = Noise Ninja 2 (Standalone Version)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"PreSonus 1394 Audio Driver v2.46 (FirePod) Setup" = PreSonus 1394 Audio Driver v2.46 (FirePod)
"PSP 84 v1.0" = PSP 84 v1.0
"PSP VintageWarmer1.6.5" = PSP VintageWarmer 1.6.5
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.89
"RivaTuner" = RivaTuner v2.09
"SABnzbd" = SABnzbd (remove only)
"Sauerbraten" = Sauerbraten
"SFTENCDD" = Sonic Foundry Soft Encode 1.0 - Dolby Digital 5.1
"ShellExView" = ShellExView
"Soulseek2" = SoulSeek 157 NS 13
"Spyware Doctor" = Spyware Doctor 6.0
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 1250" = Killing Floor
"Steam App 22000" = World of Goo
"Steam App 22220" = Zeno Clash Demo
"Steam App 23200" = I-Fluid
"Steam App 310" = Team Fortress 2 Dedicated Server
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steinberg Magneto VST v1.5" = Steinberg Magneto VST v1.5
"Steinberg The Grand 2" = Steinberg The Grand 2
"Steinberg The Grand 2 v2.0.0.1152" = Steinberg The Grand 2 v2.0.0.1152
"Steinberg VoiceMachine v1.0" = Steinberg VoiceMachine v1.0
"SyncBack_is1" = SyncBack
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosoft's License Control
"Tag&Rename_is1" = Tag&Rename 3.5
"TeraCopy_is1" = TeraCopy 2.07 beta
"The Grand" = Steinberg The Grand
"The KMPlayer" = The KMPlayer (remove only)
"Toxic Biohazard" = Toxic Biohazard
"Trilogy_is1" = Trilogy
"TVRename" = TV Rename
"Tweak UI 2.10" = Tweak UI
"Uninstall_is1" = Uninstall 1.0.0.1
"VASST Ultimate S3" = VASST Ultimate S3 3.0.3
"VLC media player" = VLC media player 1.0.1
"Waves Mercury Complete VST DX RTAS_is1" = Waves Mercury Complete VST DX RTAS v1.01
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebcamMax" = WebcamMax
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XYplorer" = XYplorer 7.10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"FileBot" = FileBot
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

[Broni]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
  O4 - HKLM..\Run: [] File not found
  O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - Reg Error: Key error. File not found
  [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
  [2010/11/08 01:02:51 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
  @Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
  @Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
  @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
  @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:054B9966
  
  
  :Services
  
  :Reg
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
  "C:\Program Files\Grisoft\AVG7\avginet.exe" =-
  "C:\Program Files\Grisoft\AVG7\avgamsvr.exe" =-
  "C:\Program Files\Grisoft\AVG7\avgcc.exe" =-
  
  :Files
  C:\Program Files\AVG
  C:\Program Files\Grisoft
  
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

Now, try to run Combofix again.

 

[gescom]

Ran the OTL fix, then I was able to run Combofix.


All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5}\ not found.
C:\WINDOWS\003309_.tmp deleted successfully.
C:\WINDOWS\DXT5F68.tmp deleted successfully.
C:\WINDOWS\DXT5F69.tmp deleted successfully.
C:\WINDOWS\DXT5F6A.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\xmlC4B.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\xmlC4D.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\xmlC4E.tmp deleted successfully.
File C:\Documents and Settings\Jon\Start Menu\Programs\Startup\Logitech . Product Registration.lnk not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:054B9966 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List not found.
========== FILES ==========
C:\Program Files\AVG\AVG8\Firefox\Components folder moved successfully.
C:\Program Files\AVG\AVG8\Firefox\Chrome folder moved successfully.
C:\Program Files\AVG\AVG8\Firefox folder moved successfully.
C:\Program Files\AVG\AVG8 folder moved successfully.
C:\Program Files\AVG folder moved successfully.
C:\Program Files\Grisoft\AVG7 folder moved successfully.
C:\Program Files\Grisoft folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 391903 bytes
->Temporary Internet Files folder emptied: 42461159 bytes
->FireFox cache emptied: 3438345 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jon
->Temp folder emptied: 1951032379 bytes
->Temporary Internet Files folder emptied: 21852954 bytes
->Java cache emptied: 128108 bytes
->FireFox cache emptied: 70097688 bytes
->Google Chrome cache emptied: 211754276 bytes
->Flash cache emptied: 3787437 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 65670 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22749781 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13470044 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 41419469750 bytes

Total Files Cleaned = 41,734.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Jon
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11242010_100449

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

 

[gescom]

ComboFix 10-11-23.05 - Jon 11/24/2010 10:29:42.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2464 [GMT -6:00]
Running from: c:\documents and settings\Jon\Desktop\Combofix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jon\Application Data\inst.exe
c:\program files\File Renamer\RICHtx32.ocx
c:\windows\daemon.dll
c:\windows\system32\PCLECoInst.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2010-10-24 to 2010-11-24 )))))))))))))))))))))))))))))))
.

2010-11-13 06:05 . 2010-11-24 09:02 -------- d-----w- C:\SickBeard-win32-alpha-build465.02
2010-11-13 05:01 . 2010-11-13 05:01 -------- d-----w- c:\program files\iPod
2010-11-13 04:57 . 2010-11-13 04:57 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2010-11-06 02:57 . 2010-11-06 02:57 53248 ----a-r- c:\documents and settings\Jon\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-11-06 02:54 . 2010-11-24 16:40 -------- d-----w- c:\windows\system32\logishrd
2010-11-06 02:53 . 2010-11-06 02:53 -------- d-----w- c:\program files\Common Files\LWS
2010-10-30 17:15 . 2010-10-30 17:17 -------- d-----w- c:\program files\Free Video Joiner
2010-10-30 16:26 . 2010-10-30 16:26 -------- d-----w- c:\documents and settings\Jon\Application Data\MPEG Streamclip
2010-10-29 00:28 . 2010-09-23 19:42 95672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 21:44 . 2009-03-13 17:01 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-09-28 21:44 . 2008-04-21 07:30 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-18 17:23 . 2004-08-04 00:56 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 00:56 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-08-23 20:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-08-23 20:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2004-08-04 00:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-04 00:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-10 05:58 . 2004-08-04 00:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 16:17 . 2010-09-08 16:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 16:17 . 2010-09-08 16:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51 . 2004-08-04 00:56 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-03 23:17 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 00:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 00:56 99840 ----a-w- c:\windows\system32\srvsvc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-05 81920]
"PowerMate"="c:\program files\Griffin Technology\PowerMate\PowerMate.exe" [2007-12-07 385024]
"Steam"="c:\program files\steam\steam.exe" [2010-11-24 1242448]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"MCW Startup"="c:\program files\Monitor Calibration Wizard\MCW.exe" [2002-12-20 321024]
"Google Update"="c:\documents and settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-22 133104]
"AirVideoServer"="c:\program files\AirVideoServer\AirVideoServer.exe" [2010-09-14 4922760]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RivaTunerStartupDaemon"="c:\program files\RivaTuner v2.09\RivaTuner.exe" [2008-04-28 2707456]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2010-09-23 624056]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 385024]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2006-04-12 1261475]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"nwiz"="nwiz.exe" [2009-02-09 1657376]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 734264]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2009-11-26 1087752]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-09 202256]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-11 421160]

c:\documents and settings\Jon\Start Menu\Programs\Startup\
Google Talk, Labs Edition.lnk - c:\documents and settings\Jon\Local Settings\Application Data\Google\Google Talk, Labs Edition\GoogleTalkLabsEdition.exe [2008-6-24 94704]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
FirePod Control Panel.lnk - c:\program files\PreSonus\1394AudioDriver_FirePod\FirePod.exe [2008-7-16 1126400]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-14 805392]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-12-16 1153824]
Shortcut to googletalkplugin.exe.lnk - c:\documents and settings\Jon\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe [2010-9-21 83440]
Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2008-11-6 7217480]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-29 20:11 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ASUS WiFi-AP @n Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\ASUS WiFi-AP @n Utility.lnk
backup=c:\windows\pss\ASUS WiFi-AP @n Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jon^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk]
path=c:\documents and settings\Jon\Start Menu\Programs\Startup\iPhoneRingToneMaker.lnk
backup=c:\windows\pss\iPhoneRingToneMaker.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\Jon\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Jon\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\world of goo\\WorldOfGoo.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\i-fluid\\I-Fluid.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
"c:\\Program Files\\Logitech Touch Mouse Server\\iTouch-Server-Win.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2010\\QBDBMgrN.exe"=
"c:\\Documents and Settings\\Jon\\Local Settings\\Application Data\\Google\\Google Talk, Labs Edition\\GoogleTalkLabsEdition.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\AirVideoServer\\AirVideoServer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\SickBeard-win32-alpha-build465.02\\SickBeard.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\killingfloor\\System\\KillingFloor.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [4/24/2008 11:05 PM 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [4/24/2008 11:05 PM 5248]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [3/23/2009 1:07 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [3/23/2009 1:07 PM 66632]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/16/2010 6:15 PM 135336]
R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CAMTHWDM.sys [2/18/2010 10:19 PM 1051136]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [3/30/2010 10:16 AM 1107336]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [11/13/2008 1:43 PM 204800]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [8/20/2008 12:30 AM 14416]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [4/28/2008 5:51 AM 33792]
R3 cmudaxp;HTO CLARO Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [7/28/2008 5:50 PM 2020160]
R3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\drivers\KeyMagic.sys [4/22/2008 2:29 AM 17920]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [7/9/2008 6:15 PM 33792]
S2 gupdate1c97ff19596ef34;Google Update Service (gupdate1c97ff19596ef34);c:\program files\Google\Update\GoogleUpdate.exe [1/26/2009 2:06 PM 133104]
S2 KeyAgent;KeyAgent;\??\c:\windows\system32\drivers\KeyAgent.sys --> c:\windows\system32\drivers\KeyAgent.sys [?]
S2 MacHALDriver;Mac HAL;\??\c:\windows\system32\drivers\MacHALDriver.sys --> c:\windows\system32\drivers\MacHALDriver.sys [?]
S3 i1display;i1 Display;c:\windows\system32\drivers\i1display.sys [8/20/2008 12:30 AM 44344]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/21/2009 2:24 AM 6144]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe [12/10/2008 2:05 PM 98488]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [3/23/2009 1:07 PM 12872]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [8/18/2008 8:23 PM 356920]
S3 WinRing0_1_1_1;WinRing0_1_1_1;\??\c:\documents and settings\Jon\Desktop\RealTemp_2.70\WinRing0.sys --> c:\documents and settings\Jon\Desktop\RealTemp_2.70\WinRing0.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-11-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-07-25 17:34]

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-26 20:06]

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-01-26 20:06]

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1715567821-725345543-1003Core.job
- c:\documents and settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-22 02:17]

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1715567821-725345543-1003UA.job
- c:\documents and settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-22 02:17]

2010-11-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1715567821-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 08:02]

2010-11-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1715567821-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 08:02]

2010-11-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1715567821-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 08:02]

2010-11-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1715567821-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 08:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
FF - ProfilePath - c:\documents and settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\
FF - prefs.js: browser.search.selectedEngine - MSN Encarta - Dictionary
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\documents and settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\Jon\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Jon\Application Data\Mozilla\Firefox\Profiles\sgnfpp4t.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\documents and settings\Jon\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Jon\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\Jon\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-Bandwidth Vista 2 - c:\program files\Bandwidth Vista\Bandwidth Vista 2\bandwidthvista2.exe
HKLM-Run-USB2Check - c:\windows\system32\PCLECoInst.dll
HKLM-Run-Cmaudio8788 - cmicnfgp.cpl
Notify-AtiExtEvent - (no file)
MSConfigStartUp-BDRegion - c:\program files\Cyberlink\Shared Files\brs.exe
MSConfigStartUp-CPU Power Monitor - c:\program files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
MSConfigStartUp-egui - c:\program files\ESET\ESET Smart Security\egui.exe
MSConfigStartUp-PDVD8LanguageShortcut - c:\program files\CyberLink\PowerDVD8\Language\Language.exe
MSConfigStartUp-RemoteControl8 - c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
AddRemove-ffdshow_is1 - c:\program files\Combined Community Codec Pack\Filters\FFDShow\unins000.exe
AddRemove-PreSonus 1394 Audio Driver v2.46 (FirePod) Setup - c:\program files\PreSonus\1394AudioDriver_FirePod\uninst.exe Software\PreSonus\1394AudioDriver_FirePod\Setup



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-24 10:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
AirVideoServer = c:\program files\AirVideoServer\AirVideoServer.exe?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (3) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"="Student Edition"
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000001
"ProductCode"="{4CEBE5E6-D1FD-4BDF-8C9C-29A9A3CC2B7C}"
"ProductName"="ESET Smart Security"
"ProductType"="ess"
"ProductVersion"="3.0.684.0"
"UniqueId"="001685CE497F7C11"
"ScannerBuild"=dword:00000ed0
"ScannerVersionId"=dword:00000de1
"ScannerVersion"=""
"FixId"=dword:00000007
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1232)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(1104)
c:\windows\system32\WININET.dll
c:\windows\system32\logishrd\LVPrcInj01.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\libusbd-nt.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\java.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\RunDll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\documents and settings\Jon\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\TechSmith\Snagit 9\TSCHelp.exe
c:\program files\TechSmith\Snagit 9\SnagPriv.exe
c:\program files\TechSmith\Snagit 9\snagiteditor.exe
c:\program files\TechSmith\Snagit 9\TSCHelp.exe
.
**************************************************************************
.
Completion time: 2010-11-24 10:49:56 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-24 16:49

Pre-Run: 295,513,767,936 bytes free
Post-Run: 346,964,676,608 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
;
;Warning: Boot.ini is used on Windows XP and earlier operating systems.
;Warning: Use BCDEDIT.exe to modify Windows Vista boot options.
;
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT

- - End Of File - - 91A46567CAF4C5D160D8640A650A9F27

 

[gescom]

I noticed upon startup that I got a 'not found' error regarding the PCLECoInst.dll file that apparently Combofix deleted(?).

 

[Broni]

It looks like Combofix made a mistake. That file is a part of Pinnacle Studio.
Let's reinstate it...

1. Please open Notepad

• Click Start , then Run
• Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

DEQUARANTINE::
C:\Qoobox\Quarantine\c\windows\system32\PCLECoInst.dll.vir

QUIT::

3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt

=====================================================================

How is computer doing?

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  
  NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• IMPORTANT! UN-check Remove found threats
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[Broni]

Are you still out there?

 

[gescom]

Sorry for the delayed response! I've been preoccupied with holidays plans. I ran the scans you said. Security Check's log is below. TFC went fine and ESET came back clean.

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
Sony Preset Manager 2.0
Antivirus out of date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner
DH Driver Cleaner Professional Edition
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player 10.1.102.64
Adobe Reader 8.2.5
Chinese Simplified Fonts Support For Adobe Reader 8
Japanese Fonts Support For Adobe Reader 8
Mozilla Firefox (3.6.8)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

 

[Broni]

Why is your Avira listed as outdated?

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.

========================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how your computer is doing.

 

[Broni]

The issue seems to be resolved.