Solved Possible virus preventing correct internet operation

Status
Not open for further replies.
S

shinychrome0

Posts: 10   +0
i started trying to diagnose my internet problems here

https://www.techspot.com/vb/topic155505.html

and they think i have a virus causing issues on my system. I run AVG antivirus and it has not detected anything. So i also ran scans with Avast, Avira, and Kaspersky, and Kaspersy was the only one to detect anything. Here is the log from its scan.

Detected (2)
10/29/2010 8:50:52 PM Detected legal software that can be used by criminals for damaging your computer or personal data PDM.Invader (loader) C:\PROGRAM FILES (X86)\PRESONUS\STUDIO ONE\STUDIO ONE.EXE Low
10/30/2010 12:33:32 AM Detected legal software that can be used by criminals for damaging your computer or personal data PDM.Invader (loader)

C:\USERS\BRIAN CARRIGG\APPDATA\LOCAL\TEMP\IS-VIU15.TMP\SETUP_BUGBOPPER.TMP Low
Not found (1)
10/29/2010 9:23:46 PM Not found Trojan program Trojan-Dropper.Win32.VB.aopu C:\Documents and Settings\Brian Carrigg\Documents\Downloads\Programs\audio-converter-pack.exe//data0038 High



I'm not really sure why it picked up studio one as a virus.

MBAM did not detect anything.

And scratch that...AVG just found this but access was denied to remove it.

"";"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\AVP";"Found Adware.Generic";"Potentially dangerous object"

GMER log:

GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-31 15:11:16
Windows 6.1.7600
Running: pibmduhj.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250@0017d54ae696 0xAE 0x95 0xA2 0xC9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250@002608d75365 0x66 0xEE 0x7F 0x50 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250@0017d54ae696 0xAE 0x95 0xA2 0xC9 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250@002608d75365 0x66 0xEE 0x7F 0x50 ...

---- EOF - GMER 1.0.15 ----




DDS log



DDS (Ver_10-10-31.01) - NTFS_AMD64
Run by Brian Carrigg at 15:12:42.20 on Sun 10/31/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.7935.5109 [GMT -4:00]


============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\lxdxcoms.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe
C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr_x64.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtblfs.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Brian Carrigg\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
uRun: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking10\Ereg.ini
mRun: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\BRIANC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DRAGON~1.LNK - C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe
StartupFolder: C:\Users\BRIANC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMPULS~1.LNK - C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
LSP: C:\Windows\system32\idmmbc.dll
Trusted Zone: ccuniversity.edu\www.my
Trusted Zone: line6.net
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
BHO-X64: link filter bho - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [lxdxmon.exe] "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

================= FIREFOX ===================

FF - ProfilePath - C:\Users\BRIANC~1\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?
FF - prefs.js: network.proxy.type - 4
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - component: C:\Users\Brian Carrigg\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Brian Carrigg\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2009-7-28 20392]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]
R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2010-4-22 27736]
R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/13 00:16:59];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2010/07/22 22:35:04];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2010-1-12 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-3-3 203264]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]
R2 lxdx_device;lxdx_device;C:\Windows\system32\lxdxcoms.exe -service --> C:\Windows\system32\lxdxcoms.exe -service [?]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-8-12 14112]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-8-4 7451648]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-8-4 268288]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 cxpl_mhd;CX23885/7 PCI-E AvStream Video Capture (PalomarMHD);C:\Windows\System32\drivers\y_cx88x.sys [2009-6-22 714752]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;C:\Windows\System32\drivers\RTL85n64.sys [2010-3-23 2061856]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-7-1 352976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-3 136176]
S3 L6PODLV;PODxt Live Service;C:\Windows\System32\drivers\L6PODLV64.sys [2010-9-7 770816]
S3 L6PODX3;L6 POD X3 Service;C:\Windows\System32\drivers\L6PODX364.sys [2010-3-9 894336]
S3 MADFUFTU8R;Service for M-Audio FastTrackUltra8R DFU;C:\Windows\System32\drivers\MAudioFastTrackUltra8R_DFU.sys [2009-10-6 45832]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack;C:\Windows\System32\drivers\MAudioFastTrack.sys [2009-10-2 187912]
S3 MAUSBFASTTRACKULTRA8R;Service for M-Audio Fast Track Ultra 8R;C:\Windows\System32\drivers\MAudioFastTrackUltra8R.sys [2009-10-6 195592]
S3 netr7364;Netopia RT73 Wireless Driver for Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-6 1255736]

=============== Created Last 30 ================

2010-10-31 18:16:27 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\Malwarebytes
2010-10-31 18:16:18 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-10-31 18:16:17 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-31 18:16:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-10-31 18:16:17 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-10-30 16:15:54 150200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2010-10-29 21:15:53 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2010-10-29 21:15:53 -------- d-----w- C:\PROGRA~3\Kaspersky Lab
2010-10-29 21:14:50 -------- d-----w- C:\PROGRA~3\Alwil Software
2010-10-29 21:13:06 -------- d-----w- C:\PROGRA~3\Kaspersky Lab Setup Files
2010-10-26 19:34:45 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-10-26 19:34:45 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-10-26 19:34:45 552960 ----a-w- C:\Windows\System32\msdri.dll
2010-10-26 19:34:45 288256 ----a-w- C:\Windows\System32\MSNP.ax
2010-10-26 19:34:45 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-10-26 19:34:45 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2010-10-26 19:34:45 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-10-26 19:34:40 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-10-26 02:22:15 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\OpenDNS Updater
2010-10-25 01:32:30 -------- d-----w- C:\Program Files (x86)\Auto Clicker
2010-10-25 01:26:57 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\GetRightToGo
2010-10-25 00:04:57 679936 ----a-w- C:\Windows\SysWow64\D3DX81ab.dll
2010-10-25 00:04:57 1970176 ----a-w- C:\Windows\SysWow64\d3dx9.dll
2010-10-25 00:04:57 -------- d-----w- C:\Program Files (x86)\Cheat Engine
2010-10-22 09:00:31 8006480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{2BE0D37A-5F07-4ADF-802B-5778F4AE2DCF}\mpengine.dll
2010-10-15 20:07:55 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\ChaosPro 4.0
2010-10-14 17:10:13 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-10-14 17:09:43 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-10-14 17:09:43 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-10-14 17:09:42 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-10-14 17:09:42 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-10-14 17:09:40 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-10-14 17:09:40 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-10-14 17:09:40 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-10-14 17:09:40 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-10-14 17:09:40 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-10-14 17:09:38 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-10-14 16:57:24 -------- d-----w- C:\PROGRA~3\Comodo
2010-10-14 16:39:26 -------- d-----w- C:\PROGRA~3\BugBopper
2010-10-14 04:41:09 -------- d-----w- C:\audio-power-settings
2010-10-13 12:42:57 -------- d-----w- C:\Program Files\PreSonus
2010-10-13 02:35:21 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2010-10-13 01:24:00 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\MakeMusic
2010-10-13 01:22:54 -------- d-----w- C:\Program Files (x86)\Finale NotePad 2011
2010-10-13 01:22:54 -------- d-----w- C:\PROGRA~3\MakeMusic
2010-10-13 00:53:42 -------- d-----w- C:\Users\BRIANC~1\AppData\Roaming\AVG10
2010-10-13 00:49:49 -------- d--h--w- C:\PROGRA~3\Common Files
2010-10-13 00:48:42 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-10-13 00:48:42 -------- d-----w- C:\PROGRA~3\AVG10
2010-10-13 00:38:27 -------- d-----w- C:\PROGRA~3\MFAData
2010-10-13 00:35:53 -------- d-----w- C:\Program Files\iPod
2010-10-13 00:35:52 -------- d-----w- C:\Program Files\iTunes
2010-10-13 00:35:52 -------- d-----w- C:\Program Files (x86)\iTunes
2010-10-13 00:33:49 -------- d-----w- C:\Program Files\Bonjour
2010-10-13 00:33:49 -------- d-----w- C:\Program Files (x86)\Bonjour

==================== Find3M ====================

2010-10-19 15:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-13 18:58:06 1139200 ----a-w- C:\Windows\bsdsetup.dll
2010-09-29 18:31:28 210272 ----a-w- C:\Windows\SysWow64\idmmbc.dll
2010-09-13 20:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
2010-09-13 02:38:03 737280 ----a-w- C:\Windows\iun6002.exe
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 22:45:04 770816 ----a-w- C:\Windows\System32\drivers\L6PODLV64.sys
2010-09-07 22:45:02 218112 ----a-w- C:\Windows\System32\l6podlv_x64.dll
2010-09-07 22:45:02 180224 ----a-w- C:\Windows\SysWow64\l6podlv.dll
2010-09-07 07:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-09-07 07:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2010-09-07 07:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2010-09-07 07:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2010-08-20 01:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys
2010-08-20 01:42:38 157264 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys
2010-08-13 04:15:23 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2010-08-13 04:15:23 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2010-08-13 03:17:16 2828 --sha-w- C:\PROGRA~3\KGyGaAvL.sys
2010-08-13 03:17:00 88 --sh--r- C:\PROGRA~3\CA9AFEA1AF.sys
2010-08-11 15:17:57 368640 ----a-w- C:\Windows\SysWow64\ReWire.dll
2010-08-11 15:17:57 233472 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll
2010-08-04 06:22:38 7451648 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2010-08-04 06:07:14 20817408 ----a-w- C:\Windows\System32\atio6axx.dll
2010-08-04 05:55:02 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2010-08-04 05:54:52 519680 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2010-08-04 05:54:02 598528 ----a-w- C:\Windows\System32\aticfx64.dll
2010-08-04 05:52:06 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2010-08-04 05:51:56 461824 ----a-w- C:\Windows\System32\atieclxx.exe
2010-08-04 05:51:22 203264 ----a-w- C:\Windows\System32\atiesrxx.exe
2010-08-04 05:50:16 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2010-08-04 05:49:58 421376 ----a-w- C:\Windows\System32\atipdl64.dll
2010-08-04 05:49:52 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2010-08-04 05:49:50 15845888 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2010-08-04 05:49:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2010-08-04 05:49:38 12288 ----a-w- C:\Windows\System32\atimuixx.dll
2010-08-04 05:49:34 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2010-08-04 05:49:28 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2010-08-04 05:46:34 3899392 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2010-08-04 05:37:48 4554240 ----a-w- C:\Windows\System32\atidxx64.dll
2010-08-04 05:28:32 3077120 ----a-w- C:\Windows\System32\atiumd6a.dll
2010-08-04 05:28:28 4021760 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2010-08-04 05:26:04 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2010-08-04 05:26:02 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2010-08-04 05:25:56 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2010-08-04 05:25:52 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2010-08-04 05:25:44 5394432 ----a-w- C:\Windows\System32\aticaldd64.dll
2010-08-04 05:24:36 4341248 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2010-08-04 05:23:46 56832 ----a-w- C:\Windows\System32\coinst.dll
2010-08-04 05:22:36 5167104 ----a-w- C:\Windows\System32\atiumd64.dll
2010-08-04 05:21:40 3324416 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2010-08-04 05:16:16 337920 ----a-w- C:\Windows\System32\atiadlxx.dll
2010-08-04 05:16:08 241664 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2010-08-04 05:16:00 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2010-08-04 05:15:56 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2010-08-04 05:15:56 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2010-08-04 05:15:54 18432 ----a-w- C:\Windows\System32\atig6txx.dll
2010-08-04 05:15:50 16896 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2010-08-04 05:15:46 268288 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2010-08-04 05:15:10 39424 ----a-w- C:\Windows\System32\atiuxp64.dll
2010-08-04 05:15:04 30208 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2010-08-04 05:14:58 36864 ----a-w- C:\Windows\System32\atiu9p64.dll
2010-08-04 05:14:50 27648 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2010-08-04 05:14:14 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2010-08-04 05:09:30 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2010-08-04 05:09:30 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2010-08-04 05:09:24 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2010-08-04 05:09:24 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2010-08-04 05:04:04 1071104 ----a-w- C:\Windows\System32\L6DriverControlPanel.cpl

============= FINISH: 15:13:12.64 ===============
 
For starters, you're running two AV programs, AVG and Kaspersky.
One of them has to go.
If AVG (preferably), make sure to use AVG Remover: http://www.avg.com/us-en/download-tools

Report on progress.
Also, check, if same issue exist in Safe Mode with Networking (after uninstalling one of your AV programs).
 
I uninstalled Kaspersky since it was only a trial and i can't afford to buy it. I only had several in order to do a scan with each and see if they would find anything different.

And there is no change when I try to access the site in safe mode with networking.
 
Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL logfile created on: 11/2/2010 8:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Brian Carrigg\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
15.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 786.07 Gb Free Space | 85.74% Space Free | Partition Type: NTFS
Drive L: | 1.86 Gb Total Space | 1.75 Gb Free Space | 93.60% Space Free | Partition Type: FAT

Computer Name: BRIANCARRIGG-PC | User Name: Brian Carrigg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
PRC - [2010/10/29 15:47:10 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/29 15:47:10 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/13 14:57:46 | 001,660,232 | ---- | M] (Bootstrap Software Development) -- C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
PRC - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 12:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/09/29 14:32:24 | 003,245,408 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/08/20 15:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/19 18:01:26 | 000,462,848 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2010/05/05 22:31:54 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/07/20 17:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
PRC - [2009/07/16 20:08:20 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009/03/16 23:06:10 | 000,091,496 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
PRC - [2009/03/16 23:03:08 | 002,835,816 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe
PRC - [2008/06/13 12:04:01 | 000,668,328 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2005/02/16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/04 01:51:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/02/27 20:53:31 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device)
SRV - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/02/27 20:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdxcoms.exe -- (lxdx_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pfc.sys -- (pfc)
DRV:64bit: - [2010/09/13 16:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/09/07 18:45:04 | 000,770,816 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODLV64.sys -- (L6PODLV)
DRV:64bit: - [2010/09/07 03:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2010/09/07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2010/09/07 03:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/09/07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2010/08/19 21:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2010/08/19 21:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/04 01:15:46 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/23 02:17:06 | 002,061,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/03/09 18:40:40 | 000,894,336 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODX364.sys -- (L6PODX3)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/15 14:41:32 | 000,346,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SRS_SSCFilter_amd64.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV:64bit: - [2009/10/06 09:29:56 | 000,045,832 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackUltra8R_DFU.sys -- (MADFUFTU8R)
DRV:64bit: - [2009/10/06 09:29:52 | 000,195,592 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackUltra8R.sys -- (MAUSBFASTTRACKULTRA8R)
DRV:64bit: - [2009/10/02 12:53:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/28 01:59:32 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/22 14:08:30 | 000,714,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\y_cx88x.sys -- (cxpl_mhd) CX23885/7 PCI-E AvStream Video Capture (PalomarMHD)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/19 16:34:18 | 000,029,544 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2010/03/13 12:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/13 00:16:59] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/01/12 23:08:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/22 22:35:04] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 BD B9 85 F2 72 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/home.php?"
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..network.proxy.autoconfig_url: "http://cincybible.priv/"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/11/02 19:55:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 15:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 15:47:11 | 000,000,000 | ---D | M]

[2010/11/02 19:35:46 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Extensions
[2010/11/02 19:35:46 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com
[2010/11/02 20:06:13 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions
[2010/10/21 21:28:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/17 18:42:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/31 16:17:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/29 19:14:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/16 08:24:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe (Bootstrap Software Development)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe (IOI)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O4 - Startup: C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk = C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe (Nuance Communications, Inc.)
O4 - Startup: C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ccuniversity.edu ([www.my] https in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {3B89785B-4E94-400A-8705-5841B14063A7} http://www.arcsoft.com/data/SimHDAss.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.20.125 10.10.20.6
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/02 20:03:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010/11/02 19:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/02 19:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010/11/02 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\Flickr
[2010/11/02 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Local\Flickr
[2010/11/02 19:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flickr Uploadr
[2010/11/02 19:08:24 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
[2010/10/31 14:16:27 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\Malwarebytes
[2010/10/31 14:16:17 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/31 14:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/31 14:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/29 17:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/10/29 17:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/25 22:22:15 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\OpenDNS Updater
[2010/10/24 21:40:26 | 000,061,440 | ---- | C] (Gary's Hood) -- C:\Users\Brian Carrigg\Desktop\rsclient.exe
[2010/10/24 21:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Clicker
[2010/10/24 21:26:57 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\GetRightToGo
[2010/10/24 20:04:57 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll
[2010/10/24 20:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine
[2010/10/24 16:56:21 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\ExpressPCB
[2010/10/15 16:07:55 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\ChaosPro 4.0
[2010/10/14 12:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2010/10/14 12:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BugBopper
[2010/10/14 00:41:09 | 000,000,000 | ---D | C] -- C:\audio-power-settings
[2010/10/13 08:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\PreSonus
[2010/10/12 23:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/10/12 23:00:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/10/12 22:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2010/10/12 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\MakeMusic
[2010/10/12 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\Finale Files
[2010/10/12 21:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MakeMusic
[2010/10/12 21:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Finale NotePad 2011
[2010/10/12 20:53:42 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\AVG10
[2010/10/12 20:49:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/10/12 20:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/12 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/12 20:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/12 20:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/10/12 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/10/12 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/12 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/10/12 20:27:56 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\Irela
[2010/04/05 09:06:29 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll
[2010/04/05 09:06:29 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll
[2010/04/05 09:06:29 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll
[2010/04/05 09:06:29 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll
[2010/04/05 09:06:29 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll
[2010/04/05 09:06:29 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll
[2010/04/05 09:06:29 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll
[2010/04/05 09:06:29 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll
[2010/04/05 09:06:29 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll
[2010/04/05 09:06:29 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll

========== Files - Modified Within 30 Days ==========

[2010/11/02 20:06:45 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 20:06:45 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 20:04:56 | 098,265,965 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/02 20:04:46 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/02 20:04:46 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/02 20:04:46 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/02 20:03:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/11/02 19:59:44 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/02 19:59:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/02 19:59:34 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/02 19:44:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
[2010/11/02 07:56:22 | 000,000,000 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Local\prvlcl.dat
[2010/10/31 03:00:14 | 000,000,542 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Language Model Optimization.job
[2010/10/30 14:54:17 | 000,096,385 | ---- | M] () -- C:\Users\Brian Carrigg\Desktop\Pushups.xlsx
[2010/10/29 17:15:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/10/29 01:02:30 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Data Collection.job
[2010/10/27 17:38:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\tracert
[2010/10/27 12:39:44 | 000,438,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/25 02:00:09 | 000,000,518 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Acoustic Optimization.job
[2010/10/24 21:40:27 | 000,061,440 | ---- | M] (Gary's Hood) -- C:\Users\Brian Carrigg\Desktop\rsclient.exe
[2010/10/24 19:00:17 | 000,003,752 | ---- | M] () -- C:\Users\Brian Carrigg\Documents\close shave.pcb
[2010/10/24 17:06:47 | 000,123,182 | ---- | M] () -- C:\Users\Brian Carrigg\Documents\close shave.bmp
[2010/10/22 16:44:21 | 000,002,133 | ---- | M] () -- C:\Users\Brian Carrigg\.recently-used.xbel
[2010/10/16 17:27:57 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2010/10/15 12:43:39 | 000,007,605 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Local\Resmon.ResmonCfg
[2010/10/14 00:40:53 | 000,003,735 | ---- | M] () -- C:\audio-power-settings.zip
[2010/10/13 14:58:06 | 001,139,200 | ---- | M] (Bootstrap Development, LLC.) -- C:\Windows\bsdsetup.dll
[2010/10/12 21:51:24 | 000,001,915 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Roaming\SAS7_000.DAT
[2010/10/12 21:23:11 | 000,001,140 | ---- | M] () -- C:\Users\Brian Carrigg\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2011.lnk

========== Files Created - No Company Name ==========

[2010/11/02 20:04:56 | 098,265,965 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/10/29 17:15:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/10/27 17:38:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\tracert
[2010/10/24 20:04:57 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010/10/24 17:14:13 | 000,003,752 | ---- | C] () -- C:\Users\Brian Carrigg\Documents\close shave.pcb
[2010/10/24 17:06:47 | 000,123,182 | ---- | C] () -- C:\Users\Brian Carrigg\Documents\close shave.bmp
[2010/10/22 16:44:21 | 000,002,133 | ---- | C] () -- C:\Users\Brian Carrigg\.recently-used.xbel
[2010/10/14 13:02:30 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2010/10/14 00:40:53 | 000,003,735 | ---- | C] () -- C:\audio-power-settings.zip
[2010/10/12 21:23:11 | 000,001,140 | ---- | C] () -- C:\Users\Brian Carrigg\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2011.lnk
[2010/08/20 17:20:28 | 000,000,000 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\prvlcl.dat
[2010/08/13 00:18:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/08/12 22:33:11 | 000,000,088 | RHS- | C] () -- C:\ProgramData\CA9AFEA1AF.sys
[2010/08/12 22:33:10 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/05/18 20:28:24 | 000,002,022 | ---- | C] () -- C:\Windows\tabled32.ini
[2010/05/17 09:35:19 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010/05/11 23:40:20 | 000,003,781 | ---- | C] () -- C:\Windows\scad3.INI
[2010/05/06 22:18:58 | 000,007,605 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\Resmon.ResmonCfg
[2010/04/28 16:05:23 | 000,003,584 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/26 12:36:18 | 000,000,032 | ---- | C] () -- C:\Windows\GearBox.ini
[2010/04/20 10:40:04 | 000,001,915 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Roaming\SAS7_000.DAT
[2010/04/05 09:06:38 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log
[2010/04/05 09:06:29 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll
[2010/04/05 09:06:29 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll
[2010/04/05 08:57:45 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll
[2010/04/05 08:57:45 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll
[2010/04/05 08:57:45 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/13 09:12:56 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2006/03/28 13:40:12 | 000,115,712 | ---- | C] () -- C:\Windows\SysWow64\libsndfile.dll
[2006/01/01 06:00:26 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll
[2005/12/31 10:19:08 | 001,097,728 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/12/31 10:13:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll

========== LOP Check ==========

[2010/10/28 23:07:29 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Audacity
[2010/10/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\AVG10
[2010/04/05 17:09:06 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSD
[2010/08/12 21:50:18 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSplayer
[2010/08/12 21:39:06 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSplayer Pro
[2010/10/15 18:52:14 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\ChaosPro 4.0
[2010/04/05 10:29:01 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\DeviceDoctorSoftware
[2010/10/27 12:43:19 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\DMCache
[2010/05/23 22:26:10 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Facebook
[2010/11/02 19:35:45 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Flickr
[2010/07/19 20:56:14 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\FontCreator
[2010/04/25 03:07:18 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\FreeFLVConverter
[2010/10/24 21:28:31 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\GetRightToGo
[2010/10/22 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\gtk-2.0
[2010/10/27 12:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\IDM
[2010/10/13 09:19:55 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Line 6
[2010/10/12 21:24:00 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\MakeMusic
[2010/08/13 23:08:11 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\NCH Swift Sound
[2010/04/15 14:29:22 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Nuance
[2010/10/25 22:22:15 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\OpenDNS Updater
[2010/05/18 20:47:41 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PDF Writer
[2010/06/01 18:12:56 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PGP
[2010/10/16 16:09:16 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PreSonus
[2010/08/11 11:18:13 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Propellerhead Software
[2010/05/02 03:57:41 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Publish Providers
[2010/05/17 09:35:03 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Softouch
[2010/05/02 03:57:35 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Sony
[2010/05/15 00:03:31 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Stardock
[2010/08/29 18:40:38 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Waves Audio
[2010/08/29 18:38:55 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Waves Preferences
[2010/04/05 10:31:12 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\WinBatch
[2010/10/25 02:00:09 | 000,000,518 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
[2010/10/29 01:02:30 | 000,000,434 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Data Collection.job
[2010/10/31 03:00:14 | 000,000,542 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Language Model Optimization.job
[2010/08/05 14:23:47 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/14 00:40:53 | 000,003,735 | ---- | M] () -- C:\audio-power-settings.zip
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/04/05 12:29:03 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/11/02 19:59:34 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2005/09/23 03:39:38 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/11/02 19:59:34 | 4025,671,679 | -HS- | M] () -- C:\pagefile.sys
[2010/03/20 21:15:54 | 000,002,531 | ---- | M] () -- C:\RHDSetup.log
[2010/08/12 22:30:31 | 000,489,314 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/04/05 08:51:40 | 000,000,221 | -HS- | M] () -- C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
OTL logfile created on: 11/2/2010 8:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Brian Carrigg\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
15.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 786.07 Gb Free Space | 85.74% Space Free | Partition Type: NTFS
Drive L: | 1.86 Gb Total Space | 1.75 Gb Free Space | 93.60% Space Free | Partition Type: FAT

Computer Name: BRIANCARRIGG-PC | User Name: Brian Carrigg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
PRC - [2010/10/29 15:47:10 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/29 15:47:10 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/13 14:57:46 | 001,660,232 | ---- | M] (Bootstrap Software Development) -- C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe
PRC - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 12:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/09/29 14:32:24 | 003,245,408 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/08/20 15:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/19 18:01:26 | 000,462,848 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2010/05/05 22:31:54 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/07/20 17:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
PRC - [2009/07/16 20:08:20 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009/03/16 23:06:10 | 000,091,496 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
PRC - [2009/03/16 23:03:08 | 002,835,816 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe
PRC - [2008/06/13 12:04:01 | 000,668,328 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2005/02/16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/04 01:51:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/02/27 20:53:31 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device)
SRV - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/02/27 20:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdxcoms.exe -- (lxdx_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pfc.sys -- (pfc)
DRV:64bit: - [2010/09/13 16:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2010/09/07 18:45:04 | 000,770,816 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODLV64.sys -- (L6PODLV)
DRV:64bit: - [2010/09/07 03:48:58 | 000,381,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2010/09/07 03:48:56 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2010/09/07 03:48:52 | 000,305,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/09/07 03:48:50 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2010/08/19 21:42:38 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2010/08/19 21:42:38 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/04 01:15:46 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/23 02:17:06 | 002,061,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/03/09 18:40:40 | 000,894,336 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L6PODX364.sys -- (L6PODX3)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/15 14:41:32 | 000,346,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SRS_SSCFilter_amd64.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV:64bit: - [2009/10/06 09:29:56 | 000,045,832 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackUltra8R_DFU.sys -- (MADFUFTU8R)
DRV:64bit: - [2009/10/06 09:29:52 | 000,195,592 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackUltra8R.sys -- (MAUSBFASTTRACKULTRA8R)
DRV:64bit: - [2009/10/02 12:53:48 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/28 01:59:32 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/22 14:08:30 | 000,714,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\y_cx88x.sys -- (cxpl_mhd) CX23885/7 PCI-E AvStream Video Capture (PalomarMHD)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/19 16:34:18 | 000,029,544 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/04/17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2010/03/13 12:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/13 00:16:59] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/01/12 23:08:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/22 22:35:04] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 BD B9 85 F2 72 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/home.php?"
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..network.proxy.autoconfig_url: "http://cincybible.priv/"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/11/02 19:55:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 15:47:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/29 15:47:11 | 000,000,000 | ---D | M]

[2010/11/02 19:35:46 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Extensions
[2010/11/02 19:35:46 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com
[2010/11/02 20:06:13 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions
[2010/10/21 21:28:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/17 18:42:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brian Carrigg\AppData\Roaming\Mozilla\Firefox\Profiles\cawgg8ez.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/31 16:17:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/29 19:14:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/16 08:24:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe (Bootstrap Software Development)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe (IOI)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O4 - Startup: C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk = C:\Program Files (x86)\Nuance\NaturallySpeaking10\Program\natspeak.exe (Nuance Communications, Inc.)
O4 - Startup: C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\idmmbc.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\idmmbc.dll (Tonec Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ccuniversity.edu ([www.my] https in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {3B89785B-4E94-400A-8705-5841B14063A7} http://www.arcsoft.com/data/SimHDAss.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.20.125 10.10.20.6
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/02 20:03:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010/11/02 19:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/02 19:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010/11/02 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\Flickr
[2010/11/02 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Local\Flickr
[2010/11/02 19:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flickr Uploadr
[2010/11/02 19:08:24 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
[2010/10/31 14:16:27 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\Malwarebytes
[2010/10/31 14:16:17 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/31 14:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/31 14:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/29 17:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/10/29 17:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/25 22:22:15 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\OpenDNS Updater
[2010/10/24 21:40:26 | 000,061,440 | ---- | C] (Gary's Hood) -- C:\Users\Brian Carrigg\Desktop\rsclient.exe
[2010/10/24 21:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto Clicker
[2010/10/24 21:26:57 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\GetRightToGo
[2010/10/24 20:04:57 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll
[2010/10/24 20:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine
[2010/10/24 16:56:21 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\ExpressPCB
[2010/10/15 16:07:55 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\ChaosPro 4.0
[2010/10/14 12:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2010/10/14 12:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BugBopper
[2010/10/14 00:41:09 | 000,000,000 | ---D | C] -- C:\audio-power-settings
[2010/10/13 08:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\PreSonus
[2010/10/12 23:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/10/12 23:00:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/10/12 22:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2010/10/12 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\MakeMusic
[2010/10/12 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\Finale Files
[2010/10/12 21:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MakeMusic
[2010/10/12 21:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Finale NotePad 2011
[2010/10/12 20:53:42 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\AppData\Roaming\AVG10
[2010/10/12 20:49:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/10/12 20:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/12 20:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/12 20:35:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/12 20:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/10/12 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/10/12 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/12 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/10/12 20:27:56 | 000,000,000 | ---D | C] -- C:\Users\Brian Carrigg\Documents\Irela
[2010/04/05 09:06:29 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll
[2010/04/05 09:06:29 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll
[2010/04/05 09:06:29 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll
[2010/04/05 09:06:29 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll
[2010/04/05 09:06:29 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll
[2010/04/05 09:06:29 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll
[2010/04/05 09:06:29 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll
[2010/04/05 09:06:29 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll
[2010/04/05 09:06:29 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll
[2010/04/05 09:06:29 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll

========== Files - Modified Within 30 Days ==========

[2010/11/02 20:06:45 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 20:06:45 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/02 20:04:56 | 098,265,965 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/02 20:04:46 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/02 20:04:46 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/02 20:04:46 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/02 20:03:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/11/02 19:59:44 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/02 19:59:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/02 19:59:34 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/02 19:44:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
[2010/11/02 07:56:22 | 000,000,000 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Local\prvlcl.dat
[2010/10/31 03:00:14 | 000,000,542 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Language Model Optimization.job
[2010/10/30 14:54:17 | 000,096,385 | ---- | M] () -- C:\Users\Brian Carrigg\Desktop\Pushups.xlsx
[2010/10/29 17:15:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/10/29 01:02:30 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Data Collection.job
[2010/10/27 17:38:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\tracert
[2010/10/27 12:39:44 | 000,438,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/25 02:00:09 | 000,000,518 | ---- | M] () -- C:\Windows\tasks\NatSpeak Periodic Acoustic Optimization.job
[2010/10/24 21:40:27 | 000,061,440 | ---- | M] (Gary's Hood) -- C:\Users\Brian Carrigg\Desktop\rsclient.exe
[2010/10/24 19:00:17 | 000,003,752 | ---- | M] () -- C:\Users\Brian Carrigg\Documents\close shave.pcb
[2010/10/24 17:06:47 | 000,123,182 | ---- | M] () -- C:\Users\Brian Carrigg\Documents\close shave.bmp
[2010/10/22 16:44:21 | 000,002,133 | ---- | M] () -- C:\Users\Brian Carrigg\.recently-used.xbel
[2010/10/16 17:27:57 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2010/10/15 12:43:39 | 000,007,605 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Local\Resmon.ResmonCfg
[2010/10/14 00:40:53 | 000,003,735 | ---- | M] () -- C:\audio-power-settings.zip
[2010/10/13 14:58:06 | 001,139,200 | ---- | M] (Bootstrap Development, LLC.) -- C:\Windows\bsdsetup.dll
[2010/10/12 21:51:24 | 000,001,915 | ---- | M] () -- C:\Users\Brian Carrigg\AppData\Roaming\SAS7_000.DAT
[2010/10/12 21:23:11 | 000,001,140 | ---- | M] () -- C:\Users\Brian Carrigg\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2011.lnk

========== Files Created - No Company Name ==========

[2010/11/02 20:04:56 | 098,265,965 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/02 20:03:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/10/29 17:15:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/10/27 17:38:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\tracert
[2010/10/24 20:04:57 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010/10/24 17:14:13 | 000,003,752 | ---- | C] () -- C:\Users\Brian Carrigg\Documents\close shave.pcb
[2010/10/24 17:06:47 | 000,123,182 | ---- | C] () -- C:\Users\Brian Carrigg\Documents\close shave.bmp
[2010/10/22 16:44:21 | 000,002,133 | ---- | C] () -- C:\Users\Brian Carrigg\.recently-used.xbel
[2010/10/14 13:02:30 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2010/10/14 00:40:53 | 000,003,735 | ---- | C] () -- C:\audio-power-settings.zip
[2010/10/12 21:23:11 | 000,001,140 | ---- | C] () -- C:\Users\Brian Carrigg\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale NotePad 2011.lnk
[2010/08/20 17:20:28 | 000,000,000 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\prvlcl.dat
[2010/08/13 00:18:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/08/12 22:33:11 | 000,000,088 | RHS- | C] () -- C:\ProgramData\CA9AFEA1AF.sys
[2010/08/12 22:33:10 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/05/18 20:28:24 | 000,002,022 | ---- | C] () -- C:\Windows\tabled32.ini
[2010/05/17 09:35:19 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010/05/11 23:40:20 | 000,003,781 | ---- | C] () -- C:\Windows\scad3.INI
[2010/05/06 22:18:58 | 000,007,605 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\Resmon.ResmonCfg
[2010/04/28 16:05:23 | 000,003,584 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/26 12:36:18 | 000,000,032 | ---- | C] () -- C:\Windows\GearBox.ini
[2010/04/20 10:40:04 | 000,001,915 | ---- | C] () -- C:\Users\Brian Carrigg\AppData\Roaming\SAS7_000.DAT
[2010/04/05 09:06:38 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log
[2010/04/05 09:06:29 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll
[2010/04/05 09:06:29 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll
[2010/04/05 08:57:45 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll
[2010/04/05 08:57:45 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll
[2010/04/05 08:57:45 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/13 09:12:56 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2006/03/28 13:40:12 | 000,115,712 | ---- | C] () -- C:\Windows\SysWow64\libsndfile.dll
[2006/01/01 06:00:26 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll
[2005/12/31 10:19:08 | 001,097,728 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/12/31 10:13:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll

========== LOP Check ==========

[2010/10/28 23:07:29 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Audacity
[2010/10/12 20:53:42 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\AVG10
[2010/04/05 17:09:06 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSD
[2010/08/12 21:50:18 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSplayer
[2010/08/12 21:39:06 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\BSplayer Pro
[2010/10/15 18:52:14 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\ChaosPro 4.0
[2010/04/05 10:29:01 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\DeviceDoctorSoftware
[2010/10/27 12:43:19 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\DMCache
[2010/05/23 22:26:10 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Facebook
[2010/11/02 19:35:45 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Flickr
[2010/07/19 20:56:14 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\FontCreator
[2010/04/25 03:07:18 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\FreeFLVConverter
[2010/10/24 21:28:31 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\GetRightToGo
[2010/10/22 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\gtk-2.0
[2010/10/27 12:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\IDM
[2010/10/13 09:19:55 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Line 6
[2010/10/12 21:24:00 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\MakeMusic
[2010/08/13 23:08:11 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\NCH Swift Sound
[2010/04/15 14:29:22 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Nuance
[2010/10/25 22:22:15 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\OpenDNS Updater
[2010/05/18 20:47:41 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PDF Writer
[2010/06/01 18:12:56 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PGP
[2010/10/16 16:09:16 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\PreSonus
[2010/08/11 11:18:13 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Propellerhead Software
[2010/05/02 03:57:41 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Publish Providers
[2010/05/17 09:35:03 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Softouch
[2010/05/02 03:57:35 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Sony
[2010/05/15 00:03:31 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Stardock
[2010/08/29 18:40:38 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Waves Audio
[2010/08/29 18:38:55 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\Waves Preferences
[2010/04/05 10:31:12 | 000,000,000 | ---D | M] -- C:\Users\Brian Carrigg\AppData\Roaming\WinBatch
[2010/10/25 02:00:09 | 000,000,518 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
[2010/10/29 01:02:30 | 000,000,434 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Data Collection.job
[2010/10/31 03:00:14 | 000,000,542 | ---- | M] () -- C:\Windows\Tasks\NatSpeak Periodic Language Model Optimization.job
[2010/08/05 14:23:47 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/14 00:40:53 | 000,003,735 | ---- | M] () -- C:\audio-power-settings.zip
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/04/05 12:29:03 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/11/02 19:59:34 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2005/09/23 03:39:38 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/11/02 19:59:34 | 4025,671,679 | -HS- | M] () -- C:\pagefile.sys
[2010/03/20 21:15:54 | 000,002,531 | ---- | M] () -- C:\RHDSetup.log
[2010/08/12 22:30:31 | 000,489,314 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/04/05 08:51:40 | 000,000,221 | -HS- | M] () -- C:\Users\Brian Carrigg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
Here is the second half of that same log.



< %USERPROFILE%\Desktop\*.exe >
[2010/11/02 19:08:25 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brian Carrigg\Desktop\OTL.exe
[2010/10/24 21:40:27 | 000,061,440 | ---- | M] (Gary's Hood) -- C:\Users\Brian Carrigg\Desktop\rsclient.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/05/02 01:02:50 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/05/02 01:02:50 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/05/02 01:02:50 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/05/02 01:02:50 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2010/05/02 01:02:50 | 000,786,432 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2010/05/02 01:02:50 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/03 16:00:56 | 000,000,402 | -HS- | M] () -- C:\Users\Brian Carrigg\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/08/12 23:17:00 | 000,000,088 | RHS- | M] () -- C:\ProgramData\CA9AFEA1AF.sys
[2010/08/13 00:18:04 | 000,000,000 | ---- | M] () -- C:\ProgramData\CLDShowX.ini
[2010/04/05 09:06:38 | 000,000,252 | ---- | M] () -- C:\ProgramData\FastPics.log
[2010/08/12 23:17:16 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:F35A93AD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >
 
OTL Extras logfile created on: 11/2/2010 8:07:24 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Brian Carrigg\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
15.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 786.07 Gb Free Space | 85.74% Space Free | Partition Type: NTFS
Drive L: | 1.86 Gb Total Space | 1.75 Gb Free Space | 93.60% Space Free | Partition Type: FAT

Computer Name: BRIANCARRIGG-PC | User Name: Brian Carrigg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{23F108F0-BD12-A639-8C6E-BB1F7AF736C1}" = ccc-utility64
"{319B58E8-4C80-4912-8EA7-24A9658120C6}" = AVG 2011
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{542C6F13-6861-4010-9EBC-6F068D397AD8}" = SRS Audio Sandbox
"{5BF8A577-B334-49BE-A7B2-349C1F1B0C58}" = AVG 2011
"{6741B646-3DBE-AF40-75FA-959847831D9F}" = ATI Catalyst Install Manager
"{89264031-7A83-4DB5-AECB-22BC115BB886}" = GEAR driver installer for x64 WinXP
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B80954EE-5CA9-4202-BB8C-0DC3E332F47F}" = Native Instruments Kontakt 3
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{faf25835-fc55-4ddd-b1f5-c39ff62f5166}" = Steven Slate Steven Slate Drums EX
"7F4303078887B33BF9E472598BB463CBE007C68E" = Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media (06/22/2009 6.0.64.0059)
"AVG" = AVG 2011
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1186
"Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{33286B63-B749-4D54-AA04-5631319B168D}" = GEAR driver installer for x86 Win2K
"{36D8A747-3FC1-121F-6C92-2F79A9B3172D}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54EE76C9-BBF2-44BA-935C-3E37638EDF6C}" = Visual Analyser 2010 NE-XT v2.4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.20
"{89D16846-7491-A3C3-89D9-006906602FA2}" = Catalyst Control Center Graphics Previews Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CDCDD72-388E-0A2A-4847-873C448033EA}" = Catalyst Control Center Graphics Previews Vista
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}" = Vegas Movie Studio 9.0
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DC3F66CA-9DFD-41EA-9D9E-FD86F1446A3D}" = Catalyst Control Center Core Implementation
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E25BEA72-89F8-121D-5481-0347B9446673}" = ccc-core-static
"{E288FAEB-D102-0ACA-DF6A-9BD3C90FA08B}" = Catalyst Control Center HydraVision Full
"{E4D35928-2C24-A87E-8240-CC7E25548F52}" = Catalyst Control Center Graphics Full Existing
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E76CDA48-6FB1-49C5-0769-7B9444664056}" = Catalyst Control Center Graphics Light
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB3B36B9-E1F4-81BA-BEB5-4FB07D4CEE39}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F5E0B89C-AABA-639D-B6F5-C3FB085FB120}" = CCC Help English
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Demigod" = Demigod
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Drumagog 4 Platinum4.11" = Drumagog 4
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Finale NotePad 2011" = Finale NotePad 2011
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"Free RAR Extract Frog" = Free RAR Extract Frog
"Gateway Photo Frame" = Gateway Photo Frame 4.2.3.10
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Impulse" = Impulse
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Internet Download Manager" = Internet Download Manager
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Line 6 Uninstaller" = Line 6 Uninstaller
"LTspice IV" = LTspice IV
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaWidget - Easy iPod Transfer_is1" = MediaWidget 6.0
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Native Instruments Kontakt 3" = Native Instruments Kontakt 3
"Native Instruments Service Center" = Native Instruments Service Center
"PreSonus Studio One" = PreSonus Studio One
"RealPlayer 12.0" = RealPlayer
"Starfleet Command - Gold Edition" = Starfleet Command - Gold Edition
"Steven Slate Steven Slate Drums EX" = Steven Slate Steven Slate Drums EX
"WinGimp-2.0_is1" = GIMP 2.6.10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/31/2010 2:10:13 PM | Computer Name = BrianCarrigg-PC | Source = Bonjour Service | ID = 100
Description = 640: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/31/2010 2:10:13 PM | Computer Name = BrianCarrigg-PC | Source = Bonjour Service | ID = 100
Description = 624: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/31/2010 2:10:13 PM | Computer Name = BrianCarrigg-PC | Source = Bonjour Service | ID = 100
Description = 556: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/31/2010 2:10:13 PM | Computer Name = BrianCarrigg-PC | Source = Bonjour Service | ID = 100
Description = 620: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/31/2010 2:10:13 PM | Computer Name = BrianCarrigg-PC | Source = Bonjour Service | ID = 100
Description = 552: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 11/1/2010 9:55:59 AM | Computer Name = BrianCarrigg-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\Windows\winsxs\amd64_microsoft-windows-m..corruptedfilerepair_31bf3856ad364e35_6.1.7600.16385_none_5cd4e58f34e57306\MsiCofire.dll".Error
in manifest or policy file "c:\Windows\winsxs\amd64_microsoft-windows-m..corruptedfilerepair_31bf3856ad364e35_6.1.7600.16385_none_5cd4e58f34e57306\MsiCofire.dll"
on line 2. Invalid Xml syntax.

Error - 11/2/2010 8:19:01 AM | Computer Name = BrianCarrigg-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\Windows\winsxs\amd64_microsoft-windows-m..corruptedfilerepair_31bf3856ad364e35_6.1.7600.16385_none_5cd4e58f34e57306\MsiCofire.dll".Error
in manifest or policy file "c:\Windows\winsxs\amd64_microsoft-windows-m..corruptedfilerepair_31bf3856ad364e35_6.1.7600.16385_none_5cd4e58f34e57306\MsiCofire.dll"
on line 2. Invalid Xml syntax.

Error - 11/2/2010 7:12:54 PM | Computer Name = BrianCarrigg-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.17.2 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1454 Start Time:
01cb7ae2fdabacfd Termination Time: 0 Application Path: C:\Users\Brian Carrigg\Desktop\OTL.exe

Report
Id: b6a65fd5-e6d6-11df-87fd-0022686644bb

Error - 11/2/2010 7:19:45 PM | Computer Name = BrianCarrigg-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.17.2 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 141c Start Time:
01cb7ae37c01d58d Termination Time: 0 Application Path: C:\Users\Brian Carrigg\Desktop\OTL.exe

Report
Id: abd1e18a-e6d7-11df-87fd-0022686644bb

Error - 11/2/2010 7:58:15 PM | Computer Name = BrianCarrigg-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.17.2 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: d6c Start Time:
01cb7ae8906c7cae Termination Time: 0 Application Path: C:\Users\Brian Carrigg\Desktop\OTL.exe

Report
Id: 0d0c6e46-e6dd-11df-b1aa-001f81000250

[ Media Center Events ]
Error - 10/12/2010 3:44:35 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 3:44:35 AM - Error connecting to the internet. 3:44:35 AM - Unable
to contact server..

Error - 10/12/2010 3:44:48 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 3:44:40 AM - Error connecting to the internet. 3:44:40 AM - Unable
to contact server..

Error - 10/12/2010 4:44:53 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 4:44:53 AM - Error connecting to the internet. 4:44:53 AM - Unable
to contact server..

Error - 10/12/2010 4:45:05 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 4:44:58 AM - Error connecting to the internet. 4:44:58 AM - Unable
to contact server..

Error - 10/12/2010 5:45:10 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 5:45:10 AM - Error connecting to the internet. 5:45:10 AM - Unable
to contact server..

Error - 10/12/2010 5:45:22 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 5:45:15 AM - Error connecting to the internet. 5:45:15 AM - Unable
to contact server..

Error - 10/12/2010 6:45:27 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 6:45:27 AM - Error connecting to the internet. 6:45:27 AM - Unable
to contact server..

Error - 10/12/2010 6:45:39 AM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 6:45:32 AM - Error connecting to the internet. 6:45:32 AM - Unable
to contact server..

Error - 10/12/2010 3:48:39 PM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 3:48:39 PM - Error connecting to the internet. 3:48:39 PM - Unable
to contact server..

Error - 10/12/2010 3:48:58 PM | Computer Name = BrianCarrigg-PC | Source = MCUpdate | ID = 0
Description = 3:48:44 PM - Error connecting to the internet. 3:48:44 PM - Unable
to contact server..

[ System Events ]
Error - 8/30/2010 4:40:48 AM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 8/30/2010 9:37:29 AM | Computer Name = BrianCarrigg-PC | Source = BROWSER | ID = 8032
Description =

Error - 8/31/2010 5:29:46 AM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 8/31/2010 3:12:05 PM | Computer Name = BrianCarrigg-PC | Source = BTHUSB | ID = 327685
Description = The Bluetooth driver expected an HCI event with a certain size but
did not receive it.

Error - 8/31/2010 3:12:10 PM | Computer Name = BrianCarrigg-PC | Source = BTHUSB | ID = 327685
Description = The Bluetooth driver expected an HCI event with a certain size but
did not receive it.

Error - 8/31/2010 3:28:50 PM | Computer Name = BrianCarrigg-PC | Source = BROWSER | ID = 8032
Description =

Error - 9/1/2010 12:15:25 AM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 9/1/2010 5:10:05 AM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 9/1/2010 9:25:35 PM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 9/2/2010 6:29:18 AM | Computer Name = BrianCarrigg-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >
 
I assume, neither browser can connect to http://my.ccuniversity.edu/ics/?
See, if you can connect to http://66.161.195.206

=========================================================================

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

======================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\idmmbc.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\idmmbc.dll File not found
O16 - DPF: {3B89785B-4E94-400A-8705-5841B14063A7} http://www.arcsoft.com/data/SimHDAss.CAB (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[2010/08/12 22:33:11 | 000,000,088 | RHS- | C] () -- C:\ProgramData\CA9AFEA1AF.sys
@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:F35A93AD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:07BF512B


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

==================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Ok i did all of that, updated flash, removed old versions, etc. ESET online scanner found nothing, so here are the logs from the other two.

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\ deleted successfully.
Starting removal of ActiveX control {3B89785B-4E94-400A-8705-5841B14063A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3B89785B-4E94-400A-8705-5841B14063A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B89785B-4E94-400A-8705-5841B14063A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3B89785B-4E94-400A-8705-5841B14063A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B89785B-4E94-400A-8705-5841B14063A7}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\CA9AFEA1AF.sys moved successfully.
ADS C:\ProgramData\CLDShowX.ini:Update.CL deleted successfully.
ADS C:\ProgramData\TEMP:F35A93AD deleted successfully.
ADS C:\ProgramData\TEMP:07BF512B deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Brian Carrigg
->Temp folder emptied: 25551972 bytes
->Temporary Internet Files folder emptied: 930373 bytes
->Java cache emptied: 2027 bytes
->FireFox cache emptied: 97085724 bytes
->Flash cache emptied: 14109 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49632 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 304145226 bytes

Total Files Cleaned = 408.00 mb


[EMPTYFLASH]

User: All Users

User: Brian Carrigg
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.2.17.2 log created on 11052010_092640

Files\Folders moved on Reboot...
C:\Users\Brian Carrigg\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...









Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 22
Out of date Java installed!
Adobe Flash Player 10.1.85.3
Adobe Reader 9.4.0
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

``````````End of Log````````````
 
Excellent!

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how is your computer doing.
 
It's hard to say.
I didn't see much of an infection on your computer.
Possibly, those two AV programs, you had on your computer were stepping on each other....
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
786
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back