Solved Possible Virus,no longer have access to Internet

[JBEEZY]

Hi guys. I had previously posted in here but my inquiry was moved to another thread and after dealing with a couple of helpful guys who hadn't been able to fix my problem they suggested that maybe I should post in here again. basically this is what happened..I ran a boot time scan with Avast and it did its thing,it moved a couple of items to the virus chest and then once it had finished and my PC had restarted my connection was fine,but when I tried to log in to Firefox I could not connect to the internet?

I have two computers,one laptop (which I am on right now) and a PC which are both using wireless. The laptop has inbuilt wireless but my PC uses a USB wireless adapter that I have since found out is okay as I was advised to disable it and try it in this laptop which was successful.
Can someone help me out please as I am clueless to what to do.

I'm pretty much stuck and no idea what happened or why. The little wireless icon in the corner says that I'm connected but it has a exclamation mark in a yellow triangle saying no internet/no network access.

I had followed previous suggestions in the other forum (ipconfigs, IPv6 disable, winsockfix etc) to no success so I'm back here at square one. Would very much appreciate if someone could help me fix this problem.

I am on Windows 7 Home Premium 32bit.

 

[Broni]

Did you try to hardwire your desktop to the router to see, if you can connect that way?

 

[JBEEZY]

Tried that and no luck. Sorry,am I supposed to have posted some logs up or something? I had an issue a while ago and you helped fix it,was with Win 7 virus i think,and since then everything has been great. I had been doing the regular scans,checks and cleans with the programs you gave me. But yeah,like my first post says,that is the issue I have now.

 

[Broni]

Please download MiniToolBox and run it.

Checkmark following boxes:

• Report IE Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log
• List Users, Partitions and Memory size

Click Go and post the result.

 

[JBEEZY]

MiniToolBox by Farbar
Ran by RaeJae (administrator) on 12-06-2011 at 16:17:37
Windows 7 Home Premium Service Pack 1 (X86)

***************************************************************************


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================
=============== Hosts content: ============================================

127.0.0.1 localhost

=============== End of Hosts ==============================================

================= IP Configuration: =======================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RaeJae-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : 802.11 USB Wireless LAN Card
Physical Address. . . . . . . . . : 00-60-64-33-B6-BC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IPv4 Address. . : 169.254.82.159(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-24-21-AB-33-D3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 192.168.1.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 60 64 33 b6 bc ......802.11 USB Wireless LAN Card
10...00 24 21 ab 33 d3 ......Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.82.159 281
169.254.82.159 255.255.255.255 On-link 169.254.82.159 281
169.254.255.255 255.255.255.255 On-link 169.254.82.159 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.82.159 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.82.159 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2011 03:11:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2011 02:53:17 PM) (Source: SignInAssistant) (User: )
Description: OpenServiceW failed with hr = 0x80070424

Error: (06/12/2011 02:53:15 PM) (Source: SignInAssistant) (User: )
Description: OpenServiceW failed with hr = 0x80070424

Error: (06/12/2011 02:49:20 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (06/12/2011 05:18:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/12/2011 05:09:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/12/2011 05:09:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/11/2011 11:48:17 AM) (Source: SignInAssistant) (User: )
Description: OpenServiceW failed with hr = 0x80070424

Error: (06/11/2011 11:02:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2011 02:53:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/12/2011 04:17:26 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (06/12/2011 04:17:26 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

Error: (06/12/2011 04:17:22 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (06/12/2011 04:17:22 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (06/12/2011 03:34:18 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Tdx. This service might not be installed.


Microsoft Office Sessions:
=========================

========================= End of Event log errors =========================

========================= Memory info: ====================================

Percentage of memory in use: 30%
Total physical RAM: 2037.18 MB
Available physical RAM: 1405.95 MB
Total Pagefile: 4074.36 MB
Available Pagefile: 2846.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.47 MB

======================= Partitions: =======================================

1 Drive c: (COMPAQ) (Fixed) (Total:455.36 GB) (Free:148.22 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.4 GB) (Free:1.46 GB) NTFS
4 Drive f: () (Removable) (Total:3.72 GB) (Free:3.27 GB) FAT32
5 Drive g: (Elements) (Fixed) (Total:931.51 GB) (Free:118.25 GB) NTFS

================= Users: ==================================================

User accounts for \\RAEJAE-PC

-------------------------------------------------------------------------------
Administrator Guest RaeJae
The command completed successfully.

================= End of Users ============================================

 

[Broni]

Can you hardwire that computer to the router, using ethernet cable and see, if you can get connected?

Do you have any errors in Device Manager, especially regarding network adapters?

 

[JBEEZY]

I tried that after your first suggestion and no luck. i also have taken the USB wireless adapter and tried it in my laptop and it worked and connected to the internet fine. But back in my PC it is a no go. In the device manager settings for the USB adapter it says that 'this device is working properly'.

 

[Broni]

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

 

[JBEEZY]

Malwarebytes Log Report

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6705

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

13/06/2011 6:45:29 p.m.
mbam-log-2011-06-13 (18-45-29).txt

Scan type: Quick scan
Objects scanned: 205765
Time elapsed: 3 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[JBEEZY]

GMER Report

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit quick scan 2011-06-13 20:04:17
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD502IJ rev.1AA01117
Running: kelob5qu.exe; Driver: C:\Users\RaeJae\AppData\Local\Temp\kxdiqpow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8FCAB902]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

 

[JBEEZY]

DDS Report

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by RaeJae at 20:07:48 on 2011-06-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1191 [GMT 12:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\AnVir Task Manager Free\AnVir.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\YouSendIt\Express\YouSendIt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\Dexpot\dexpot.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NetComm\Common\RaUI.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\KBD\kbd.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [AnVir Task Manager Free] "c:\program files\anvir task manager free\AnVir.exe" Minimized
uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
uRun: [YouSendIt.exe] c:\program files\yousendit\express\YouSendIt.exe -ui none
uRun: [Google Update] "c:\users\raejae\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [Dexpot] c:\program files\dexpot\dexpot.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\cyberlink dvd suite deluxe" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [KBD] c:\program files\hewlett-packard\kbd\KbdStub.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\users\raejae\desktop\all folders\jb\maintenance tools\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\ereg\eReg.exe
StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\users\raejae\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdockfree\ObjectDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ncprot~1.lnk - c:\program files\sec\natural color pro\NCProTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netcom~1.lnk - c:\program files\netcomm\common\RaUI.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.8.05.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-nz.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1677831E-E9E4-480D-9810-5348E2C31576} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{433D1A47-6772-4358-A366-46217D3E25A4} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: igfxcui - igfxdev.dll
STS: ObjectDockShlExt Class: {1984d045-52cf-49cd-db77-08f378fea4db} - c:\program files\stardock\objectdockfree\ODMenu.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-21 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-21 307928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-21 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-21 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-22 42184]
R2 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-28 39272]
R2 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\drivers\MAudioFastTrackPro.sys [2009-11-9 158600]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 GTLJ;GTLJ;c:\users\raejae\appdata\local\temp\gtlj.exe --> c:\users\raejae\appdata\local\temp\GTLJ.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S3 HCH;HCH;c:\users\raejae\appdata\local\temp\hch.exe --> c:\users\raejae\appdata\local\temp\HCH.exe [?]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2007-3-29 21984]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2011-3-23 724992]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]
S3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\drivers\MAudioOxygen.sys [2010-3-4 112136]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 RE;RE;c:\users\raejae\appdata\local\temp\re.exe --> c:\users\raejae\appdata\local\temp\RE.exe [?]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-23 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-2 1343400]
.
=============== Created Last 30 ================
.
2011-06-12 02:52:41 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52:36 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40:14 -------- d-----w- c:\users\raejae\DoctorWeb
2011-06-06 12:13:16 54016 ----a-w- c:\windows\system32\drivers\tpmi.sys
2011-06-06 09:55:13 -------- d-----w- c:\users\raejae\appdata\roaming\IK Multimedia
2011-06-06 08:50:09 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50:08 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50:08 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50:07 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50:07 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50:07 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50:07 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50:05 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50:05 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40:19 -------- d-----w- c:\program files\Waves
2011-06-01 06:02:45 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38:48 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57:50 -------- d-----w- c:\program files\iPod
2011-05-31 20:57:49 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54:33 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28:14 -------- d-----w- c:\users\raejae\appdata\roaming\Image-Line
2011-05-27 05:37:15 -------- d-----w- c:\users\raejae\appdata\local\ODUI
2011-05-27 05:37:06 -------- d-----w- c:\users\raejae\appdata\local\Stardock
2011-05-27 05:36:13 -------- d-----w- c:\users\raejae\appdata\roaming\Stardock
2011-05-27 05:36:07 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35:57 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34:11 -------- d-----w- c:\users\raejae\appdata\local\PackageAware
2011-05-27 02:16:29 -------- d-----w- c:\users\raejae\appdata\roaming\Rainmeter
2011-05-27 02:16:23 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18:50 -------- d-----w- c:\users\raejae\appdata\roaming\OpenCandy
2011-05-26 12:18:46 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13:47 -------- d-----w- c:\users\raejae\appdata\local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33:33 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33:32 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33:32 -------- d-----w- C:\DVDRanger
2011-05-24 02:33:27 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41:27 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41:27 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41:26 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-23 09:41:26 -------- d-----w- c:\program files\Xvid
2011-05-18 14:38:14 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26:23 -------- d-----w- c:\users\raejae\appdata\local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49:53 53248 ----a-r- c:\users\raejae\appdata\roaming\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2011-05-16 02:49:10 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-05-16 01:59:33 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-05-16 01:59:33 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-05-16 01:59:33 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-05-16 01:59:33 2145240 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-05-16 01:59:33 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-05-16 01:59:33 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-16 01:59:33 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-05-16 01:50:35 -------- d-----w- c:\users\raejae\appdata\local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34:14 -------- d-----w- c:\users\raejae\appdata\local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
2011-05-15 16:58:30 -------- d-----w- c:\users\raejae\appdata\local\112dB
2011-05-15 16:57:12 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
2011-05-15 13:27:42 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-14 13:03:43 -------- d-----w- c:\users\raejae\appdata\local\{EEA91B22-C15F-41A4-AEDD-E42141A140F8}
.
==================== Find3M ====================
.
2011-05-28 21:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-24 14:51:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43:08 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-09 06:02:25 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02:25 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-06 04:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13:35 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11:10 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10:46 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10:24 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09:48 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08:56 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08:36 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07:02 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07:02 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06:56 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56:20 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58:37 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58:07 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58:06 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57:58 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57:56 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57:53 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58:22 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
.
============= FINISH: 20:10:59.12 ===============

 

[JBEEZY]

DDS Attachment Report

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 18/01/2010 12:19:44 a.m.
System Uptime: 13/06/2011 7:38:24 p.m. (1 hours ago)
.
Motherboard: MSI | | Boston
Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2800/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 147.195 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.461 GiB free.
E: is CDROM ()
F: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AVG Free8 Network Redirector
Device ID: ROOT\LEGACY_AVGTDIX\0000
Manufacturer:
Name: AVG Free8 Network Redirector
PNP Device ID: ROOT\LEGACY_AVGTDIX\0000
Service: AvgTdiX
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: USB FLASH DRIVE
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_USB_FLASH_DRIVE&REV_PMAP#199C1007640A0AEF&0#
Manufacturer:
Name: F:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_USB_FLASH_DRIVE&REV_PMAP#199C1007640A0AEF&0#
Service: WUDFRd
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: 802.11 USB Wireless LAN Card
Device ID: USB\VID_148F&PID_3070\1.0
Manufacturer: Ralink Technology, Corp.
Name: 802.11 USB Wireless LAN Card
PNP Device ID: USB\VID_148F&PID_3070\1.0
Service: netr28u
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Flash Reader
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&0#
Manufacturer: Multi
Name: H:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTI&PROD_FLASH_READER&REV_1.00#058F63666471&0#
Service: WUDFRd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AVG Free AVI Loader Driver x86
Device ID: ROOT\LEGACY_AVGLDX86\0000
Manufacturer:
Name: AVG Free AVI Loader Driver x86
PNP Device ID: ROOT\LEGACY_AVGLDX86\0000
Service: AvgLdx86
.
==== System Restore Points ===================
.
RP252: 11/06/2011 11:17:00 a.m. - Windows Backup
RP253: 13/06/2011 10:06:11 a.m. - Windows Backup
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
AAC Decoder
Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0
Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
Advanced System Restore
Antares Autotune VST RTAS TDM v5.08
Antares Filter VST DX v1.01
Antares Harmony Engine VST RTAS v1.0
Antares Microphone Modeler DX v1.32
AnVir Task Manager Free
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arturia Arp2600 V v1.0
Arturia CS-80V v1.6
Arturia minimoog V v1.6
Ashampoo Burning Studio 2010
Ashampoo Cover Studio 2.2.0
Ashampoo Internet Accelerator 3.20
Ashampoo Magical Snap 2.31
Ashampoo Music Studio 2009
Ashampoo Slideshow Studio 2010
ASIO4ALL
AutoUpdate
avast! Free Antivirus
AVS Image Converter 1.3.3.146
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Bass Station 1.50
BitTorrent
Bonjour
bx_shredspread Native 1.0.3
CameraHelperMsi
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Clean! v1.0
Compatibility Pack for the 2007 Office system
Conduit Engine
ConvertHelper 2.2
CyberLink DVD Suite Deluxe
D3DX10
DAEMON Tools Lite
Dexpot
Digidesign Shared Plug-Ins 7.4
DirectX for Managed Code Update (Summer 2004)
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
Download Accelerator Plus (DAP)
DVD-Ranger
Elementals - The Magic Key
eLicenser Control
Enhanced Multimedia Keyboard Solution
erLT
ESET Online Scanner v3
FileHippo.com Update Checker
FL Studio 9
FlashFXP v3
Focusrite Midnignt Suite VST RTAS v1.1
Focusrite Scarlett Plug-in Suite 1.1
Foxit Reader
Freecorder 4.0 Application
Freecorder Toolbar
Game Booster
GEAR driver installer for x86 Win2K
GForce - impOSCar
GForce - Oddity
GMediaMusic - Oddity VST2
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
H.264 Decoder
Hardcore
Hardware Diagnostic Tools
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Odometer
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Support Information
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
IL Download Manager
ImgBurn
Intel(R) Graphics Media Accelerator Driver
Interlok driver setup x32
iTunes
Java Auto Updater
Java(TM) 6 Update 25
Junk Mail filter update
KORG padKONTROL Editor Librarian
KORG USB-MIDI Driver Tools for Windows
LabelPrint
LightScribe System Software
Live 6.0.1
Live 8.1.3
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
M-Audio FastTrackPro Driver 6.0.2 (x86)
M-Audio Oxygen Driver 1.2.1 (x86)
Malwarebytes' Anti-Malware version 1.51.0.1200
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (French) 2010 (Beta)
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2010 (Beta)
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (French) 2010 (Beta)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (French) 2010 (Beta)
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2010 (Beta)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Hybrid 2007
Microsoft Office Professionnel 2010
Microsoft Office Proof (Arabic) 2010 (Beta)
Microsoft Office Proof (Dutch) 2010 (Beta)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010 (Beta)
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010 (Beta)
Microsoft Office Proof (German) 2010 (Beta)
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010 (Beta)
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2010 (Beta)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (French) 2010 (Beta)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2010 (Beta)
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Single Image 2010 (Beta)
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2010 (Beta)
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
MixMeister BPM Analyzer 1.0
MKV Splitter
MobileMe Control Panel
Mozilla Firefox 4.0.1 (x86 en-US)
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Murder She Wrote
Native Instruments Absynth 4
Native Instruments Battery 3
Native Instruments Controller Editor
Native Instruments FM8
Native Instruments Guitar Rig 4
Native Instruments Komplete 7 Players
Native Instruments Kontakt 4
Native Instruments Kontakt Factory Selection
Native Instruments Kore Player
Native Instruments Maschine
Native Instruments Maschine Controller Driver
Native Instruments Maschine Factory Content
Native Instruments Maschine Factory Content 1.5
Native Instruments Massive
Native Instruments Mikro Prism
Native Instruments Reaktor 5
Native Instruments Reaktor Factory Selection
Native Instruments Service Center
Native Instruments Traktor
Natural Color Pro
NetComm NetComm 900n Series Wireless USB Adapter
Numedia CD-DVD writing as non-admin user
NVIDIA PhysX v8.10.29
ObjectDock Free
OGA Notifier 2.0.0048.0
Paint.NET v3.5.8
PhotoStage Slideshow Producer
PoiZone
Power2Go
PowerDirector
PreSonus Studio One
Prosoniq OrangeVocoder v1.4
PSP Xenon 1.3.0 32bit
Python 2.6 pywin32-212
Python 2.6.1
QuickTime
Rainmeter
RB MOLOTOF V1
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Reason 5.0
Rob Papen Albino 2
RocketDock 1.3.5
Sakura
Sawer
Search Settings v1.2.3
Secunia PSI (2.0.0.3003)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 5.3
SONiVOX DVI Creamy Fuzz Guitar
Steinberg DeClicker v1.21
Steinberg Mastering Edition v1.0
System Requirements Lab
T-RackS 3 Deluxe
Toxic Biohazard
TruePianos 1.4.1
TruePianos: Amber Module 1.4.0
TruePianos: Diamond Module 1.4.0
TruePianos: Emerald Module 1.4.0
TruePianos: Sapphire Module 1.4.0
TweetDeck
Universal Audio v4.4.0 Native
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
V-Station
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.1.9
VST Compressor
WavePad Sound Editor
Waves Mercury Bundle
Windows 7 Manager
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.00 (32-bit)
WOT for Internet Explorer
Xilisoft Video Converter Ultimate
Xvid 1.2.2 final uninstall
Yahoo! Install Manager
YouSendIt Express
.
==== Event Viewer Messages From Past Week ========
.
7/06/2011 9:04:08 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
7/06/2011 6:51:14 p.m., Error: Service Control Manager [7030] - The HCH service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/06/2011 6:41:49 p.m., Error: Service Control Manager [7030] - The RE service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/06/2011 6:41:41 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the GTLJ service to connect.
7/06/2011 6:41:41 p.m., Error: Service Control Manager [7000] - The GTLJ service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/06/2011 6:41:10 p.m., Error: Service Control Manager [7030] - The GTLJ service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/06/2011 2:37:46 p.m., Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/06/2011 2:37:41 p.m., Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\RAIHV.dll Error Code: 21
7/06/2011 12:54:38 a.m., Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/06/2011 1:38:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/06/2011 1:38:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/06/2011 1:38:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/06/2011 1:37:56 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/06/2011 1:36:53 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi AvgLdx86 AvgMfx86 AvgTdiX discache spldr Wanarpv6
6/06/2011 12:56:21 p.m., Error: Service Control Manager [7034] - The UMVPFSrv service terminated unexpectedly. It has done this 1 time(s).
6/06/2011 11:24:47 p.m., Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
6/06/2011 11:23:06 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
6/06/2011 11:23:06 p.m., Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/06/2011 11:03:08 p.m., Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The system cannot find the file specified.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The system cannot find the file specified.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Secunia PSI Agent service failed to start due to the following error: The system cannot find the file specified.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the file specified.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The Oxygen Audio Device Monitor service failed to start due to the following error: The system cannot find the file specified.
6/06/2011 10:37:45 p.m., Error: Service Control Manager [7000] - The NMSAccessU service failed to start due to the following error: The system cannot find the file specified.
13/06/2011 8:04:53 p.m., Error: Service Control Manager [7003] - The DNS Client service depends the following service: Tdx. This service might not be installed.
13/06/2011 7:41:41 p.m., Error: Service Control Manager [7003] - The DHCP Client service depends the following service: Tdx. This service might not be installed.
13/06/2011 7:41:41 p.m., Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
13/06/2011 7:38:59 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 AvgTdiX
13/06/2011 7:38:55 p.m., Error: Service Control Manager [7003] - The IP Helper service depends the following service: Tdx. This service might not be installed.
13/06/2011 7:38:49 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c5 (0x00020070, 0x00000002, 0x00000000, 0x83b58795). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061311-18392-01.
13/06/2011 10:51:45 a.m., Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
13/06/2011 10:05:41 a.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
10/06/2011 9:25:00 a.m., Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.1 with the system having network hardware address E8-39-DF-77-B0-EA. Network operations on this system may be disrupted as a result.
10/06/2011 1:58:27 p.m., Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x00000003, 0x8707f030, 0x83b30ae0, 0x8612cce8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061011-16801-01.
.
==== End Of File ===========================

 

[Broni]

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:


On completion of the scan click "Save log", save it to your desktop and post in your next reply:


=====================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[JBEEZY]

aswMBR Log

aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-14 08:36:16
-----------------------------
08:36:16.671 OS Version: Windows 6.1.7601 Service Pack 1
08:36:16.671 Number of processors: 2 586 0x170A
08:36:16.686 ComputerName: RAEJAE-PC UserName: RaeJae
08:36:18.356 AVAST engine 6.0.1125 defs: 11060600
08:36:18.356 Initialize success
08:36:44.579 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:36:44.595 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01117 Size: 476940MB BusType: 3
08:36:46.638 Disk 0 MBR read successfully
08:36:46.638 Disk 0 MBR scan
08:36:46.654 Disk 0 unknown MBR code
08:36:48.666 Disk 0 scanning sectors +976767120
08:36:48.682 Disk 0 scanning C:\Windows\system32\drivers
08:36:58.838 Service scanning
08:36:59.945 Disk 0 trace - called modules:
08:36:59.945 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
08:36:59.961 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866225c0]
08:36:59.961 3 CLASSPNP.SYS[89bb659e] -> nt!IofCallDriver -> [0x861cb918]
08:36:59.961 5 ACPI.sys[896a43d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85886030]
08:37:00.476 AVAST engine scan C:\Windows\system32
08:38:54.340 Scan finished successfully
08:42:25.284 Disk 0 MBR has been saved successfully to "C:\Users\RaeJae\Desktop\MBR.dat"
08:42:25.284 The log file has been saved successfully to "C:\Users\RaeJae\Desktop\aswMBR.txt"

 

[JBEEZY]

Combofix Log

ComboFix 11-06-13.01 - RaeJae 14/06/2011 8:52.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1159 [GMT 12:00]
Running from: c:\users\RaeJae\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\RaeJae\AppData\Roaming\completescan
c:\users\RaeJae\AppData\Roaming\install
c:\windows\assembly\GAC_MSIL\desktop.ini
c:\windows\system32\Drivers\tpmi.sys
.
.
((((((((((((((((((((((((( Files Created from 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))))
.
.
2011-06-13 21:02 . 2011-06-13 21:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-13 21:02 . 2011-06-13 21:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\users\RaeJae\AppData\Local\112dB
2011-05-15 16:57 . 2011-05-15 16:57 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
2011-05-15 13:27 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
.
c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=KORGUMDD.DRV
"midi7"=KORGUMDD.DRV
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [x]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
*Deregistered* - kxdiqpow
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
MSConfigStartUp-Logitech Vid - c:\program files\Logitech\Vid\vid.exe
MSConfigStartUp-Logitech Vid HD - c:\program files\Logitech\Vid\vid.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-14 09:04:01
ComboFix-quarantined-files.txt 2011-06-13 21:04
.
Pre-Run: 158,018,084,864 bytes free
Post-Run: 157,949,091,840 bytes free
.
- - End Of File - - 5B289EA0216019FD0095BE77995115A0

 

[JBEEZY]

Rkill Log

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 14/06/2011 at 9:10:13.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 14/06/2011 at 9:10:16.

 

[Broni]

I don't see much there except for some AVG leftovers.
Run AVG Remover to get rid of them: http://www.avg.com/us-en/utilities

I can also see in your Event log some errors regarding DHCP service:
"The DHCP Client service depends the following service: Tdx"
See, if this will help: http://www.vistax64.com/vista-networking-sharing/77315-dhcp-will-not-start.html#post385593

 

[JBEEZY]

Ran the AVG Remover. Also tried the DHCP link you provided and this is the report from that suggestion:


Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>NET START NSI
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START TDX
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>NET START AFD
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START DHCP
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>

 

[JBEEZY]

Restarted my computer and still cannot access the internet.

 

[Broni]

It looks like you may have some system files problem.

Let's try couple of things...

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

• Double-click SystemLook.exe to run it.
• Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
• Copy the content of the following box into the main textfield:
  

  :filefind
  TDX*

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[JBEEZY]

Downloaded both of those systemlook files and could not get either of them to run,double clicking or right clicking and running as administrator. Got error saying 'systemlook.exe is not a valid Win32 application'

 

[Broni]

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
tdx.sys
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[JBEEZY]

OTL Log Report

OTL logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
PRC - [2011/05/28 10:52:14 | 001,290,240 | ---- | M] (Dexpot GbR) -- C:\Program Files\Dexpot\dexpot.exe
PRC - [2011/05/23 04:15:08 | 000,103,424 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/19 18:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/21 00:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/21 00:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/10/07 08:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/03/12 11:00:23 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/11/16 08:59:11 | 000,158,752 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe
PRC - [2009/11/09 13:56:38 | 000,643,592 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\System32\M-AudioTaskBarIcon.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/28 11:53:00 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/06/29 09:29:48 | 001,830,912 | ---- | M] (NetComm Limited) -- C:\Program Files\NetComm\Common\RaUI.exe
PRC - [2009/03/09 12:50:50 | 001,563,360 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager Free\AnVir.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
MOD - [2011/05/11 00:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/11/20 23:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (RE)
SRV - File not found [On_Demand | Stopped] -- -- (HCH)
SRV - File not found [On_Demand | Stopped] -- -- (GTLJ)
SRV - [2011/05/11 00:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/02 14:08:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/05 06:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 13:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/05/11 00:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/11 00:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/11 00:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 23:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 23:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 23:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/01 05:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 200(UVC)
DRV - [2011/04/01 05:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/11/20 22:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/09/01 20:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/04 06:31:28 | 000,112,136 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MAudioOxygen.sys -- (OXYGEN)
DRV - [2009/12/02 12:56:16 | 000,092,792 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/11/09 13:56:10 | 000,158,600 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
DRV - [2009/04/28 17:23:52 | 000,724,992 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/01/21 02:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/03/29 01:11:00 | 000,021,984 | ---- | M] (KORG Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KORGUMDS.SYS -- (KORGUMDS)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2004/04/01 15:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/"
FF - prefs.js..extensions.enabledItems: apptabs@frankyan.com:0.6.2
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:3.2.5.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: tabberwocky@studio17.wordpress.com:1.1
FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.6.2
FF - prefs.js..extensions.enabledItems: {eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}:2.0.2
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.4
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Components: C:\Program Files\Aurora\components
FF - HKLM\software\mozilla\Aurora 5.0a2\extensions\\Plugins: C:\Program Files\Aurora\plugins
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/12 11:01:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/22 16:45:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 10\components [2011/04/16 16:01:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/16 13:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/02 23:06:45 | 000,000,000 | ---D | M]

[2010/01/17 23:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Extensions
[2011/05/31 19:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions
[2010/10/28 08:59:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/04/28 07:46:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/04/01 09:59:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/22 15:10:13 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
[2011/02/03 00:51:40 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/03/02 14:19:26 | 000,000,000 | ---D | M] (App Tabs) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\apptabs@frankyan.com
[2011/03/25 20:39:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\engine@conduit.com
[2011/04/28 02:07:04 | 000,000,000 | ---D | M] (Personas) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\personas@christopher.beard
[2010/03/02 14:19:26 | 000,000,000 | ---D | M] (Tabberwocky) -- C:\Users\RaeJae\AppData\Roaming\mozilla\Firefox\Profiles\5w8gsb98.default\extensions\tabberwocky@studio17.wordpress.com
[2011/05/12 19:27:04 | 000,002,306 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Mozilla\Firefox\Profiles\5w8gsb98.default\searchplugins\wot-safe-search.xml
[2011/04/21 15:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/16 13:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\RAEJAE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5W8GSB98.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2011/04/29 06:01:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/05 10:34:19 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/03/10 11:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2010/01/01 20:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/14 09:02:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [AnVir Task Manager Free] C:\Program Files\AnVir Task Manager Free\AnVir.exe (AnVir Software)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Dexpot] C:\Program Files\Dexpot\dexpot.exe (Dexpot GbR)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000..\Run: [YouSendIt.exe] C:\Program Files\YouSendIt\Express\YouSendIt.exe (YouSendIt)
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/files/BeboUploader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-nz.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
O24 - Desktop BackupWallPaper: C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows DreamScene\DreamScene.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 09:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: midi1 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
Drivers32: midi7 - C:\Windows\System32\KORGUMDD.DRV (KORG Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

 

[JBEEZY]

continued...

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 14:34:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 09:55:06 | 000,000,000 | ---D | C] -- C:\Windows\TEMP
[2011/06/14 09:04:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/06/14 08:49:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/14 08:49:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/14 08:49:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/14 08:49:12 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/06/14 08:49:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/14 08:35:56 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/14 08:35:55 | 004,120,909 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/13 18:35:04 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/13 18:35:04 | 000,607,310 | R--- | C] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
[2011/06/12 14:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Evonsoft
[2011/06/12 14:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Restore
[2011/06/12 14:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Restore
[2011/06/10 10:48:16 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Today VST
[2011/06/09 03:22:04 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Set
[2011/06/09 02:16:44 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\Villain Party Ol Skool
[2011/06/07 18:40:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\DoctorWeb
[2011/06/06 21:55:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
[2011/06/06 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\IK Multimedia
[2011/06/05 23:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Waves
[2011/06/01 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
[2011/06/01 18:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\DVD-Ranger 3.5.1.3
[2011/06/01 15:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPaudioware
[2011/06/01 15:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\PSPaudioware
[2011/06/01 08:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/01 08:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/01 08:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/01 08:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/05/29 01:28:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
[2011/05/27 18:18:00 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Desktop\All Folders
[2011/05/27 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\ODUI
[2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Stardock
[2011/05/27 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\Stardock
[2011/05/27 17:36:13 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Stardock
[2011/05/27 17:36:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
[2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2011/05/27 17:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2011/05/27 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\PackageAware
[2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Rainmeter
[2011/05/27 14:16:29 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
[2011/05/27 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2011/05/27 14:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
[2011/05/27 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
[2011/05/27 00:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Dexpot
[2011/05/25 17:07:22 | 000,000,000 | R--D | C] -- C:\Users\RaeJae\Documents\Scanned Documents
[2011/05/25 17:07:20 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\Documents\Fax
[2011/05/25 12:15:57 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Pluggers
[2011/05/25 03:13:47 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
[2011/05/24 14:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD-Ranger
[2011/05/24 14:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DShield
[2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DVDRanger
[2011/05/24 14:33:32 | 000,000,000 | ---D | C] -- C:\DVDRanger
[2011/05/24 14:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\Pixbyte
[2011/05/23 21:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/05/23 21:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2011/05/22 16:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/05/19 02:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2011/05/17 08:26:23 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
[2011/05/16 14:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Aurora
[2011/05/16 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
[2011/05/16 12:34:14 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
[2011/05/16 04:58:30 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Local\112dB
[2011/05/16 04:57:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
[2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\112dB
[2011/05/16 04:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\112dB
[2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\G-Sonique
[2011/05/16 03:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Sonique

========== Files - Modified Within 30 Days ==========

[2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 14:31:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 14:31:10 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
[2011/06/14 14:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
[2011/06/14 10:14:50 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 10:14:49 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 10:05:53 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/14 09:02:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/06/14 08:42:25 | 000,000,512 | ---- | M] () -- C:\Users\RaeJae\Desktop\MBR.dat
[2011/06/14 08:33:06 | 001,007,120 | ---- | M] () -- C:\Users\RaeJae\Desktop\rkill.com
[2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/13 19:38:38 | 583,577,194 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/13 19:27:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
[2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/13 15:08:42 | 000,607,310 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\dds.scr
[2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/12 15:19:55 | 000,659,294 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/12 15:19:55 | 000,140,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/12 14:52:38 | 000,000,987 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
[2011/06/09 08:44:23 | 000,000,017 | ---- | M] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
[2011/06/08 13:26:37 | 000,001,156 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
[2011/06/08 11:39:03 | 006,024,971 | ---- | M] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
[2011/06/07 13:27:29 | 000,000,562 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
[2011/06/07 02:16:45 | 016,067,570 | ---- | M] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
[2011/06/07 02:13:41 | 020,755,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
[2011/06/07 00:40:09 | 000,175,671 | ---- | M] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
[2011/06/07 00:19:56 | 000,013,268 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
[2011/06/06 23:02:47 | 000,000,006 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\start
[2011/06/06 22:09:07 | 000,000,136 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
[2011/06/06 22:09:06 | 000,000,011 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
[2011/06/06 20:36:57 | 021,803,582 | ---- | M] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
[2011/06/06 13:03:20 | 000,008,080 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
[2011/06/03 20:38:30 | 000,001,084 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/02 09:24:27 | 000,002,048 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/06/01 09:34:01 | 000,001,109 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/29 21:55:21 | 000,611,784 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/28 10:48:39 | 000,457,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/27 16:09:05 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRaeJae.job
[2011/05/27 14:16:25 | 000,001,889 | ---- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011/05/25 22:49:25 | 000,002,114 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
[2011/05/25 20:49:56 | 000,001,851 | ---- | M] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/25 03:03:41 | 000,438,151 | ---- | M] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
[2011/05/23 21:49:14 | 000,003,838 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
[2011/05/22 16:45:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/18 17:04:08 | 000,005,040 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
[2011/05/17 21:29:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/05/17 10:46:19 | 007,942,144 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
[2011/05/17 10:46:19 | 007,938,048 | -H-- | M] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
[2011/05/17 08:25:19 | 000,000,632 | RHS- | M] () -- C:\Users\RaeJae\ntuser.pol
[2011/05/16 13:18:37 | 000,042,540 | ---- | M] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg

========== Files Created - No Company Name ==========

[2011/06/14 11:48:36 | 000,000,000 | ---- | C] () -- C:\Users\RaeJae\Desktop\SystemLook.exe
[2011/06/14 08:49:15 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/14 08:49:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/14 08:49:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/14 08:49:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/14 08:49:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/14 08:42:25 | 000,000,512 | ---- | C] () -- C:\Users\RaeJae\Desktop\MBR.dat
[2011/06/14 08:35:51 | 001,007,120 | ---- | C] () -- C:\Users\RaeJae\Desktop\rkill.com
[2011/06/13 18:35:06 | 000,302,592 | ---- | C] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/12 14:52:38 | 000,000,987 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Restore.lnk
[2011/06/10 13:58:11 | 583,577,194 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/09 08:44:23 | 000,000,017 | ---- | C] () -- C:\Users\RaeJae\AppData\Local\resmon.resmoncfg
[2011/06/09 02:30:16 | 004,034,641 | ---- | C] () -- C:\Users\RaeJae\Desktop\The Delfonics - La La Means I Love You [Ghostface - Holla].mp3
[2011/06/08 13:26:36 | 000,001,156 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110608_132634.reg
[2011/06/08 11:37:50 | 006,024,971 | ---- | C] () -- C:\Users\RaeJae\Desktop\Painkiller (Level Mix).mp3
[2011/06/07 13:27:27 | 000,000,562 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_132726.reg
[2011/06/07 02:11:57 | 016,067,570 | ---- | C] () -- C:\Users\RaeJae\Desktop\Apollo The Great - Destiny.flv
[2011/06/07 02:07:48 | 020,755,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Knesecary _ Winning.flv
[2011/06/07 00:40:04 | 000,175,671 | ---- | C] () -- C:\Users\RaeJae\Desktop\You're a Villain (Dialogue).mp3
[2011/06/07 00:19:16 | 000,013,268 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110607_001913.reg
[2011/06/06 23:02:47 | 000,000,006 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\start
[2011/06/06 22:09:07 | 000,000,136 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\1.gif
[2011/06/06 22:09:06 | 000,000,011 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\ct_start
[2011/06/06 20:31:35 | 021,803,582 | ---- | C] () -- C:\Users\RaeJae\Desktop\Elzhi - Elmatic.flv
[2011/06/06 13:03:18 | 000,008,080 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110606_130315.reg
[2011/06/03 20:38:30 | 000,001,084 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/06/02 09:24:27 | 000,002,048 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/06/01 09:34:01 | 000,001,109 | ---- | C] () -- C:\Users\RaeJae\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/05/29 21:55:12 | 000,611,784 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110529_215509.reg
[2011/05/27 14:16:25 | 000,001,889 | ---- | C] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011/05/25 22:49:24 | 000,002,114 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110525_224922.reg
[2011/05/25 03:09:25 | 000,438,151 | ---- | C] () -- C:\Users\RaeJae\Documents\C69E3d01.pdf
[2011/05/23 21:49:12 | 000,003,838 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110523_214911.reg
[2011/05/23 21:41:27 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/05/23 21:41:27 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2011/05/23 21:41:26 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/05/18 17:04:07 | 000,005,040 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110518_170402.reg
[2011/05/17 10:42:22 | 007,942,144 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011(2).mp3
[2011/05/17 10:42:22 | 007,938,048 | -H-- | C] () -- C:\Users\RaeJae\Desktop\Tue May 17 10;42;22 2011.mp3
[2011/05/16 14:49:12 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2011/05/16 13:59:38 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/16 13:18:36 | 000,042,540 | ---- | C] () -- C:\Users\RaeJae\Documents\cc_20110516_131834.reg
[2011/04/01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/04/01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/04/01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/04/01 04:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/03/23 12:38:49 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\FxShared.dll
[2011/02/17 23:22:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\com.fxpansion.fxshared.dll
[2011/01/18 14:25:24 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2010/12/10 12:11:06 | 000,000,004 | ---- | C] () -- C:\ProgramData\sysid100.dat
[2010/12/01 09:14:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Hyperman.dll
[2010/12/01 09:11:54 | 000,024,576 | ---- | C] () -- C:\Windows\System32\Wavlbsys.dll
[2010/11/30 14:04:41 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2010/11/30 13:58:05 | 000,520,267 | ---- | C] () -- C:\Windows\System32\libmmd.dll
[2010/11/30 13:23:51 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2010/11/29 11:55:05 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ArtFfct.dll
[2010/08/25 03:00:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\privatedata.dll
[2010/08/14 19:14:27 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/06/02 10:35:15 | 000,217,088 | ---- | C] () -- C:\Windows\System32\qtmlClient.dll
[2010/06/02 10:35:09 | 001,362,460 | ---- | C] () -- C:\Windows\System32\ExpansionHD_Firmware.bin
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/05/03 11:29:33 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2010/05/03 11:27:48 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2010/05/03 11:27:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2010/02/02 01:09:05 | 000,212,992 | ---- | C] () -- C:\Windows\ALCHUNIN.EXE
[2010/01/24 16:06:36 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/01/21 13:38:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/17 23:08:10 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/01/09 13:40:49 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2010/01/08 12:31:11 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/01/05 12:08:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/04 01:21:38 | 000,000,052 | ---- | C] () -- C:\Windows\Relax.ini
[2010/01/04 01:13:49 | 000,185,856 | ---- | C] () -- C:\Windows\System32\Bmp2Jpeg.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 16:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 16:33:53 | 000,457,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 14:05:48 | 000,659,294 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 14:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 14:05:48 | 000,140,320 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 14:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 14:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 14:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 11:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 11:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 11:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 09:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/05 01:19:59 | 000,354,816 | ---- | C] () -- C:\Windows\System32\pythoncom26.dll
[2009/05/05 01:19:59 | 000,108,032 | ---- | C] () -- C:\Windows\System32\pywintypes26.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/04/18 22:07:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll

========== LOP Check ==========

[2010/12/09 11:15:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\4Front
[2010/06/02 09:13:21 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ableton
[2011/03/23 15:04:17 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Acoustica
[2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ambient Design
[2010/06/01 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ancient Quest of Saqqarah__wildtan
[2010/11/30 12:32:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Applied Acoustics Systems
[2010/04/27 07:55:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo
[2011/04/13 02:57:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Ashampoo Cover Studio 2
[2011/06/12 14:49:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\BitTorrent
[2010/12/27 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Blue Cat Audio
[2010/01/17 23:03:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Bump Technologies, Inc
[2010/06/17 09:05:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/06 16:18:18 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Lite
[2011/02/02 22:43:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\DAEMON Tools Pro
[2010/12/03 09:05:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Deckadance16
[2010/06/29 19:20:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Dexpot
[2010/11/30 13:39:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FabFilter
[2010/01/17 23:03:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit
[2010/03/30 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Foxit Software
[2010/10/15 11:44:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreeImageConverter
[2010/04/22 20:52:55 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FreezeTag
[2010/10/11 10:20:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FrostWire
[2010/05/11 19:27:47 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\funkitron
[2011/02/17 23:23:59 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\FXpansion
[2010/03/05 08:51:26 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\GetRightToGo
[2011/06/06 21:55:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IK Multimedia
[2011/05/29 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Image-Line
[2010/03/31 13:54:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImgBurn
[2010/08/17 17:45:37 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\ImTOO
[2010/02/03 11:10:03 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\IObit
[2010/06/12 10:16:40 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iShell
[2010/12/10 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\iZotope
[2010/06/27 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Leadertech
[2010/01/20 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\MysteryStudio
[2010/05/10 20:02:49 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\NCH Swift Sound
[2011/05/13 18:44:04 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Nomad Factory
[2011/05/27 00:18:50 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\OpenCandy
[2011/04/01 01:55:23 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PACE Anti-Piracy
[2011/05/25 22:35:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\PreSonus
[2011/02/02 22:48:25 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Propellerhead Software
[2010/02/03 01:00:48 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Publish Providers
[2011/05/28 02:32:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Rainmeter
[2010/01/20 17:28:41 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Recordpad
[2010/11/11 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Smartelectronix
[2010/12/20 19:30:30 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Sony
[2011/05/27 17:36:13 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Stardock
[2010/02/23 12:10:19 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SynthMaker
[2010/05/07 12:39:07 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\SystemRequirementsLab
[2010/11/02 18:18:29 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweakNow RegCleaner
[2010/05/10 10:49:16 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/01/17 23:03:42 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Virtual City
[2010/02/17 12:15:33 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\VitySoft
[2010/12/06 09:57:27 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Waves Audio
[2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WildTangent
[2010/01/17 23:03:43 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\WinBatch
[2011/04/26 13:12:32 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Windows Live Writer
[2010/03/05 08:53:15 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\Xilisoft Corporation
[2011/05/16 12:35:09 | 000,000,000 | ---D | M] -- C:\Users\RaeJae\AppData\Roaming\YouSendIt
[2011/06/07 13:09:54 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/06/11 09:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/11/21 00:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2010/01/18 19:41:48 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/06/14 09:04:02 | 000,023,091 | ---- | M] () -- C:\ComboFix.txt
[2009/06/11 09:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/10/15 13:31:44 | 000,001,370 | ---- | M] () -- C:\docuPrinter.log
[2010/10/21 21:53:27 | 000,002,750 | ---- | M] () -- C:\FINIS_IT.TXT
[2011/06/14 10:05:31 | 1602,101,248 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/20 16:25:30 | 000,015,803 | ---- | M] () -- C:\INSTALL.LOG
[2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/06 12:17:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/06/14 10:05:37 | 2136,137,728 | -HS- | M] () -- C:\pagefile.sys
[2011/06/14 09:10:16 | 000,000,361 | ---- | M] () -- C:\rkill.log
[2009/05/05 01:44:16 | 000,000,349 | ---- | M] () -- C:\updatedatfix.log
[2008/08/27 00:37:52 | 000,000,458 | ---- | M] () -- C:\Windows Sidebar

< %systemroot%\Fonts\*.com >
[2009/07/14 16:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 16:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 16:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 16:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/11 09:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/06/22 17:58:20 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2009/07/14 13:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010/11/21 00:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/05/11 00:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/10 01:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 16:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/04 02:44:15 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/04/23 17:20:48 | 000,000,221 | -HS- | M] () -- C:\Users\RaeJae\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/06/14 08:31:56 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\RaeJae\Desktop\aswMBR.exe
[2011/06/14 08:32:30 | 004,120,909 | R--- | M] (Swearware) -- C:\Users\RaeJae\Desktop\ComboFix.exe
[2011/06/13 15:08:10 | 000,302,592 | ---- | M] () -- C:\Users\RaeJae\Desktop\kelob5qu.exe
[2011/06/13 18:33:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RaeJae\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/14 14:32:48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RaeJae\Desktop\OTL.exe
[2011/06/14 11:17:30 | 000,000,000 | ---- | M] () -- C:\Users\RaeJae\Desktop\SystemLook.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/11 09:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/04/23 17:20:47 | 000,000,402 | -HS- | M] () -- C:\Users\RaeJae\Favorites\desktop.ini
[2011/05/13 04:57:30 | 000,000,276 | ---- | M] () -- C:\Users\RaeJae\Favorites\NCH Software Download Site.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: TDX.SYS >
[2009/07/14 11:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:30FD0CBD

< End of report >

 

[JBEEZY]

Extras

OTL Extras logfile created on: 14/06/2011 2:36:44 p.m. - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\RaeJae\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.69% Memory free
3.98 Gb Paging File | 2.77 Gb Available in Paging File | 69.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.36 Gb Total Space | 147.17 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
Drive D: | 10.40 Gb Total Space | 1.46 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 3.26 Gb Free Space | 87.55% Space Free | Partition Type: FAT32

Computer Name: RAEJAE-PC | User Name: RaeJae | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E086923-AAA3-4F98-A6E2-48B64CE27553}" = Native Instruments Reaktor Factory Selection
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{11F703F5-DCAF-49EC-8CD2-488F483E32B0}" = KORG USB-MIDI Driver Tools for Windows
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 (Beta)
"{20140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 (Beta)
"{20140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 (Beta)
"{20140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 (Beta)
"{20140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 (Beta)
"{20140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 (Beta)
"{20140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 (Beta)
"{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta)
"{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 (Beta)
"{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 (Beta)
"{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta)
"{20140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 (Beta)
"{20140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 (Beta)
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236E0A03-6110-485E-B0F9-399215948BB7}" = M-Audio FastTrackPro Driver 6.0.2 (x86)
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
"{316B3C3F-6B5A-DBC3-1398-FBE614ECCAA7}" = TweetDeck
"{33286B63-B749-4D54-AA04-5631319B168D}" = GEAR driver installer for x86 Win2K
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{348CE492-86E7-4594-9051-2F3DCE39463F}" = V-Station
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4EBE7270-A95A-4A03-82C0-41A6F38A4DB2}" = Native Instruments Maschine Factory Content 1.5
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6438691E-D44E-4A18-B6C4-D1EB26281D6A}" = Native Instruments Mikro Prism
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F099B88-FE9D-4287-BE5F-3ED2BD16223C}" = Native Instruments Maschine
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80D3F817-2D33-4643-B900-64AE2C0C4745}" = M-Audio Oxygen Driver 1.2.1 (x86)
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = NetComm NetComm 900n Series Wireless USB Adapter
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94056AE8-EF0F-45E4-A1B4-D754115F8A28}" = Numedia CD-DVD writing as non-admin user
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2DDE39D-BA16-4DBB-9C96-A6703142DCF3}" = Native Instruments Komplete 7 Players
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1" = Bass Station 1.50
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D28571EC-82E4-414D-B09D-BBA1B5B3FE55}" = Native Instruments Maschine Factory Content
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5D3F942-1061-4031-8032-D78728F9A920}" = Windows 7 Manager
"{D77332DD-FA53-4E49-9F4B-3863B8D56196}" = KORG padKONTROL Editor Librarian
"{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1" = Focusrite Scarlett Plug-in Suite 1.1
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Abbeyroadplugins EMI Brilliance Pack VST RTAS_is1" = Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
"Abbeyroadplugins EMI RS 124 Compressor VST RTAS_is1" = Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0
"Abbeyroadplugins EMI TG 12413 Limiter VST RTAS_is1" = Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
"Abbeyroadplugins EMI TG Mastering Pack VST RTAS_is1" = Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced System Restore_is1" = Advanced System Restore
"Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
"Antares Filter VST DX v1.01" = Antares Filter VST DX v1.01
"Antares Harmony Engine VST RTAS_is1" = Antares Harmony Engine VST RTAS v1.0
"Antares Microphone Modeler DX v1.32" = Antares Microphone Modeler DX v1.32
"AnVir Task Manager Free" = AnVir Task Manager Free
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia CS-80V_is1" = Arturia CS-80V v1.6
"Arturia minimoog V_is1" = Arturia minimoog V v1.6
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Ashampoo Cover Studio 2_is1" = Ashampoo Cover Studio 2.2.0
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.31
"Ashampoo Music Studio 2009_is1" = Ashampoo Music Studio 2009
"Ashampoo Slideshow Studio 2010_is1" = Ashampoo Slideshow Studio 2010
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"AVS Image Converter_is1" = AVS Image Converter 1.3.3.146
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BitTorrent" = BitTorrent
"bx_shredspread Native_is1" = bx_shredspread Native 1.0.3
"CCleaner" = CCleaner
"Clean!" = Clean! v1.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeClicker" = Steinberg DeClicker v1.21
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DVD-Ranger" = DVD-Ranger
"eLicenser Control" = eLicenser Control
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"FL Studio 9" = FL Studio 9
"Focusrite Midnignt Suite VST RTAS v1.1_is1" = Focusrite Midnignt Suite VST RTAS v1.1
"Foxit Reader" = Foxit Reader
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.0" = Freecorder 4.0 Application
"Game Booster_is1" = Game Booster
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"impOSCar" = GForce - impOSCar
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Live 6.0.1" = Live 6.0.1
"Live 8.1.3" = Live 8.1.3
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Mastering Edition" = Steinberg Mastering Edition v1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Komplete 7 Players" = Native Instruments Komplete 7 Players
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Controller Driver" = Native Instruments Maschine Controller Driver
"Native Instruments Maschine Factory Content" = Native Instruments Maschine Factory Content
"Native Instruments Maschine Factory Content 1.5" = Native Instruments Maschine Factory Content 1.5
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Mikro Prism" = Native Instruments Mikro Prism
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Factory Selection" = Native Instruments Reaktor Factory Selection
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"ObjectDock Free" = ObjectDock Free
"Oddity" = GForce - Oddity
"Oddity VST2" = GMediaMusic - Oddity VST2
"Office14.SingleImage" = Microsoft Office Professionnel 2010
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"PhotoStage" = PhotoStage Slideshow Producer
"PoiZone" = PoiZone
"PreSonus Studio One" = PreSonus Studio One
"PROHYBRIDR" = 2007 Microsoft Office system
"Prosoniq OrangeVocoder v1.4" = Prosoniq OrangeVocoder v1.4
"PSP Xenon 1.3.0 32bit" = PSP Xenon 1.3.0 32bit
"pywin32-py2.6" = Python 2.6 pywin32-212
"Rainmeter" = Rainmeter
"RB MOLOTOF V11.0.0" = RB MOLOTOF V1
"RealPlayer 12.0" = RealPlayer
"Reason5_is1" = Reason 5.0
"Rob Papen Albino 2" = Rob Papen Albino 2
"RocketDock_is1" = RocketDock 1.3.5
"Sakura" = Sakura
"Sawer" = Sawer
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SONiVOX 2.0 DVI Creamy Fuzz Guitar_is1" = SONiVOX DVI Creamy Fuzz Guitar
"Toxic Biohazard" = Toxic Biohazard
"TruePianos: Amber Module_is1" = TruePianos: Amber Module 1.4.0
"TruePianos: Diamond Module_is1" = TruePianos: Diamond Module 1.4.0
"TruePianos: Emerald Module_is1" = TruePianos: Emerald Module 1.4.0
"TruePianos: Sapphire Module_is1" = TruePianos: Sapphire Module 1.4.0
"TruePianos_is1" = TruePianos 1.4.1
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Universal Audio v4.4.0 Native" = Universal Audio v4.4.0 Native
"VLC media player" = VLC media player 1.1.9
"VST" = VST Compressor
"WavePad" = WavePad Sound Editor
"Waves Mercury Bundle" = Waves Mercury Bundle
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WT083427" = Elementals - The Magic Key
"WT083777" = Murder She Wrote
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Xvid_is1" = Xvid 1.2.2 final uninstall
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dexpot" = Dexpot

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 12/06/2011 7:36:24 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 2:21:56 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 3:40:22 a.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 4:49:28 p.m. | Computer Name = RaeJae-PC | Source = System Restore | ID = 8193
Description =

Error - 13/06/2011 6:07:23 p.m. | Computer Name = RaeJae-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 7:36:25 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\UnInstDrv64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/06/2011 8:07:08 p.m. | Computer Name = RaeJae-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\KORG\KORG
USB-MIDI Driver\EzSetup64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:04 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:05 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075

Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7003
Description = The DHCP Client service depends the following service: Tdx. This service
might not be installed.

Error - 13/06/2011 10:31:06 p.m. | Computer Name = RaeJae-PC | Source = Service Control Manager | ID = 7001
Description = The WinHTTP Web Proxy Auto-Discovery Service service depends on the
DHCP Client service which failed to start because of the following error: %%1075


< End of report >