Jump to content

New user in need of advice


Recommended Posts

Hello everybody,new user here and in need of help.

My computer has been acting very strange over the past few days,programes that use the internet kepp telling me i have no internet connection including Malwarebytes,and as you can cleary see i have.

I allso play 2 games on line and as i cant seem to update them i cant play for now.

I use windows vista that is up to date as far as i no,as i have automatic updates ticked and downloaded around 12 updates yesterday 10/08/2011.

i have run anti-spyware anti virus programes and cant seem to pick anything up,but may allso be out of date as i cant update.

I have attached a hi-jack this report so any help in dealing with this problem will be gratefully appreciated.

Update: I decided to try a old spyware programe called A Squared Free in safe mode and it found a trojan called Zlob!IK and have deleted this but still have the same problem is that i still cannot update any programes as it says cannot connect to internet please check your internet connection and proxy settings.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:40:21, on 11/08/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe

C:\Program Files (x86)\Bo-Shot\Bo-Shot.exe

C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/football

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {7757CBCC-0975-4b79-A519-90B142CA3A23} - (no file)

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Toolbar BHO - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [PC Cleaner] C:\Program Files (x86)\PC Cleaner\PCCLauncher.exe

O4 - Startup: CurseClientStartup.ccip

O4 - Global Startup: Bo-Shot.lnk = C:\Program Files (x86)\Bo-Shot\Bo-Shot.exe

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\flash recorder\mfnsp32.dll' missing

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Google Update Service (gupdate1caa4ee1b230152) (gupdate1caa4ee1b230152) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: IObit Toolbar Service (IObitBarService) - IObit - C:\PROGRA~2\IObitBar\toolbar\1.bin\i0barsvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13911 bytes

hijackthis.log

Edited by LDTate
moved content from 2nd post to first
Link to post
Share on other sites

Hello and :welcome:

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explaination about the tool. No input is needed, the scan is running.

    [*]Notepad will open with the results.

    [*]Follow the instructions that pop up for posting the results.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

Thankyou for your assistance its greatly appreciated.

I did what you said and d/loaded the file siabled ant-virus and run programe,about 34 seconds into the programe a window popped up saying Windows Command Processor has stopped working Aproblem caused the prgrame to stop working correctly.

Windows will close the programe and notify you if a solution is available.

I ran the programe severall times and still got the same.

Now i dont no what to do.

Link to post
Share on other sites

Please run this instead.

OTL

-----

Please download OTL from one of the following mirrors:

[*]Save it to your desktop.

[*]Double click on the otlicon.png icon on your desktop.

[*]Click the "Scan All Users" checkbox.

[*]Push the runscan.png button.

[*]Two reports will open, copy and paste them in a reply here:

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Link to post
Share on other sites

OTL.TXT

OTL logfile created on: 14/08/2011 21:22:04 - Run 1

OTL by OldTimer - Version 3.2.26.2 Folder = C:\Users\David Berry\Desktop

64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

8.00 Gb Total Physical Memory | 5.24 Gb Available Physical Memory | 65.51% Memory free

16.05 Gb Paging File | 12.94 Gb Available in Paging File | 80.61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465.76 Gb Total Space | 330.50 Gb Free Space | 70.96% Space Free | Partition Type: NTFS

Drive D: | 699.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DAVIDBERRY-PC | User Name: David Berry | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/14 21:21:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David Berry\Desktop\OTL.exe

PRC - [2011/08/08 20:21:46 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011/08/04 16:18:12 | 003,225,504 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

PRC - [2011/08/04 16:17:58 | 003,148,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

PRC - [2011/08/04 16:17:34 | 003,219,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

PRC - [2011/08/04 16:17:18 | 000,130,976 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe

PRC - [2011/08/04 16:17:06 | 000,169,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

PRC - [2011/08/04 16:17:04 | 001,149,864 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

PRC - [2011/08/04 16:16:58 | 001,082,800 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

PRC - [2011/07/29 14:10:41 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

PRC - [2011/07/20 12:19:44 | 004,393,816 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/06/08 20:19:24 | 001,583,960 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe

PRC - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe

PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe

PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

PRC - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe

PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

PRC - [2011/01/20 17:20:34 | 000,426,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster\gbtray.exe

PRC - [2010/08/17 13:27:15 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2010/07/19 12:06:45 | 000,028,766 | ---- | M] (IObit) -- C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0barsvc.exe

PRC - [2010/03/16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2009/11/17 18:16:09 | 003,055,616 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

PRC - [2009/11/17 18:16:09 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe

PRC - [2009/11/17 18:16:08 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe

PRC - [2009/10/01 17:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Free\a2service.exe

PRC - [2003/10/31 19:21:43 | 000,259,072 | ---- | M] (BoSoft) -- C:\Program Files (x86)\Bo-Shot\Bo-Shot.exe

========== Modules (SafeList) ==========

MOD - [2011/08/14 21:21:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David Berry\Desktop\OTL.exe

MOD - [2011/08/14 16:40:34 | 000,052,736 | ---- | M] () -- C:\Users\David Berry\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2011/08/08 20:21:46 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

MOD - [2011/08/04 16:18:12 | 003,225,504 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

MOD - [2011/08/04 16:17:08 | 000,400,896 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHook32.dll

MOD - [2011/08/04 16:16:24 | 002,239,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDialogs.dll

MOD - [2011/08/04 16:16:14 | 002,579,456 | ---- | M] (Project JEDI) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl

MOD - [2011/07/29 14:10:41 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

MOD - [2011/07/29 14:10:32 | 002,009,776 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll

MOD - [2011/07/29 14:10:21 | 003,075,248 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_1885C46768B5CB16.dll

MOD - [2011/07/26 11:56:16 | 000,576,512 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl

MOD - [2011/07/06 19:52:40 | 002,224,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll

MOD - [2011/07/06 19:52:40 | 000,174,128 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

MOD - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

MOD - [2011/06/17 03:07:30 | 000,053,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

MOD - [2011/06/17 03:07:13 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

MOD - [2011/06/17 03:06:55 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

MOD - [2011/06/17 03:06:55 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

MOD - [2011/06/16 18:54:36 | 000,327,000 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\taskMgr.dll

MOD - [2011/06/16 18:54:30 | 000,077,656 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SDDriverMgr.dll

MOD - [2011/06/16 18:54:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll

MOD - [2011/06/08 20:19:24 | 001,583,960 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

MOD - [2011/06/02 15:09:54 | 000,063,488 | ---- | M] () -- C:\Users\David Berry\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2011/06/02 15:09:51 | 000,117,760 | ---- | M] () -- C:\Users\David Berry\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011/05/28 14:46:58 | 001,997,712 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\vcl120.bpl

MOD - [2011/05/28 14:46:58 | 001,097,104 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\rtl120.bpl

MOD - [2011/05/28 14:46:58 | 000,347,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\madexcept_.bpl

MOD - [2011/05/28 14:46:58 | 000,211,344 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\vclx120.bpl

MOD - [2011/05/28 14:46:58 | 000,179,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\madbasic_.bpl

MOD - [2011/05/28 14:46:58 | 000,046,480 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\maddisAsm_.bpl

MOD - [2011/05/28 14:46:56 | 000,803,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe

MOD - [2011/05/28 14:46:56 | 000,412,560 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe

MOD - [2011/05/28 14:46:56 | 000,135,056 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\datastate.dll

MOD - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

MOD - [2011/04/26 09:50:26 | 001,007,160 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

MOD - [2011/04/26 09:50:26 | 000,150,072 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\gtn.dll

MOD - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe

MOD - [2011/04/18 17:39:44 | 000,246,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avglngx.dll

MOD - [2011/04/13 05:38:44 | 001,128,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgcfgx.dll

MOD - [2011/04/12 01:30:42 | 002,897,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avguires.dll

MOD - [2011/04/02 01:58:41 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll

MOD - [2011/02/22 14:33:12 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll

MOD - [2011/02/21 05:52:26 | 000,796,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avglogx.dll

MOD - [2011/02/10 07:55:18 | 002,547,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgidpsdkx.dll

MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

MOD - [2011/02/08 05:33:08 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgsrmx.dll

MOD - [2011/01/20 17:21:16 | 000,511,384 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll

MOD - [2011/01/20 17:20:34 | 000,426,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster\gbtray.exe

MOD - [2011/01/20 17:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll

MOD - [2011/01/20 17:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll

MOD - [2011/01/20 17:08:06 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll

MOD - [2011/01/20 15:12:46 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll

MOD - [2011/01/20 14:47:51 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll

MOD - [2010/11/04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\taskschd.dll

MOD - [2010/11/04 19:51:35 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\GdiPlus.dll

MOD - [2010/11/03 23:55:00 | 002,457,088 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl

MOD - [2010/11/03 23:55:00 | 002,150,400 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl

MOD - [2010/11/03 23:55:00 | 000,321,024 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl

MOD - [2010/11/03 23:55:00 | 000,235,520 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

MOD - [2010/08/31 16:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

MOD - [2010/08/17 13:27:15 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

MOD - [2010/06/18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll

MOD - [2010/01/21 14:53:21 | 000,052,224 | ---- | M] () -- C:\Users\David Berry\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2009/12/23 12:33:29 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll

MOD - [2009/12/08 11:55:18 | 001,995,776 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Game Booster\vcl120.bpl

MOD - [2009/12/08 11:55:18 | 001,095,168 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Game Booster\rtl120.bpl

MOD - [2009/12/08 10:55:18 | 001,995,776 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Smart Defrag 2\vcl120.bpl

MOD - [2009/12/08 10:55:18 | 001,095,168 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Smart Defrag 2\rtl120.bpl

MOD - [2009/12/08 10:55:18 | 000,209,408 | ---- | M] (Embarcadero Technologies, Inc.) -- C:\Program Files (x86)\IObit\Smart Defrag 2\vclx120.bpl

MOD - [2009/12/04 19:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll

MOD - [2009/11/17 18:18:10 | 001,649,154 | ---- | M] () -- C:\Program Files (x86)\Spyware Terminator\TorentDll.dll

MOD - [2009/11/17 18:16:09 | 003,055,616 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

MOD - [2009/11/17 18:16:08 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe

MOD - [2009/10/01 02:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll

MOD - [2009/09/15 19:20:52 | 000,177,152 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\madbasic_.bpl

MOD - [2009/09/15 19:20:52 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\maddisAsm_.bpl

MOD - [2009/09/15 19:20:46 | 000,345,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\madexcept_.bpl

MOD - [2009/04/11 07:28:23 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Query.dll

MOD - [2009/04/11 07:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll

MOD - [2009/04/11 07:28:23 | 000,242,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll

MOD - [2009/04/11 07:28:23 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfdisk.dll

MOD - [2009/04/11 07:28:22 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll

MOD - [2009/04/11 07:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll

MOD - [2009/04/11 07:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll

MOD - [2009/04/11 07:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL

MOD - [2009/04/11 07:28:19 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL

MOD - [2009/04/11 07:28:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll

MOD - [2009/04/11 07:28:18 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll

MOD - [2009/04/11 07:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll

MOD - [2009/04/11 07:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll

MOD - [2009/04/11 07:26:43 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll

MOD - [2008/01/21 03:48:43 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll

MOD - [2008/01/21 03:48:35 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll

MOD - [2008/01/21 03:48:21 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll

MOD - [2008/01/21 03:48:17 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll

MOD - [2008/01/21 03:48:05 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll

MOD - [2008/01/21 03:48:00 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll

MOD - [2008/01/21 03:47:20 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx

MOD - [2008/01/21 03:46:54 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll

MOD - [2008/01/21 03:46:29 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll

MOD - [2008/01/21 03:46:22 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll

MOD - [2008/01/21 03:46:04 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll

MOD - [2006/11/02 10:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll

MOD - [2006/11/02 10:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll

MOD - [2006/11/02 10:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll

MOD - [2006/11/02 10:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll

MOD - [2006/11/02 10:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msiltcfg.dll

MOD - [2006/11/02 10:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll

MOD - [2006/11/02 09:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll

MOD - [2006/09/19 15:55:38 | 000,360,448 | R--- | M] (SuperAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\deupx.dll

MOD - [2003/10/31 20:39:56 | 000,036,864 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Shared Files\CLRCEngine2.dll

MOD - [2003/10/31 19:21:43 | 000,259,072 | ---- | M] (BoSoft) -- C:\Program Files (x86)\Bo-Shot\Bo-Shot.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2010/10/28 11:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/01/21 01:53:42 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))

SRV:64bit: - [2010/01/21 01:53:42 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)

SRV:64bit: - [2008/01/21 03:45:23 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2011/08/04 16:17:18 | 000,130,976 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe -- (SDHookService)

SRV - [2011/08/04 16:17:06 | 000,169,624 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)

SRV - [2011/08/04 16:17:04 | 001,149,864 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)

SRV - [2011/08/04 16:16:58 | 001,082,800 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)

SRV - [2011/08/03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)

SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/05/30 11:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)

SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)

SRV - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)

SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)

SRV - [2010/07/19 12:06:45 | 000,028,766 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/16 02:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2009/11/17 18:16:09 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)

SRV - [2009/10/01 17:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\a-squared Free\a2service.exe -- (a2free)

SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/22 17:55:50 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)

DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2011/04/14 21:28:12 | 000,117,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)

DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011/02/23 17:04:16 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)

DRV:64bit: - [2011/02/22 08:12:34 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)

DRV:64bit: - [2011/02/10 07:53:22 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)

DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/08/24 18:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys -- (LUsbFilt)

DRV:64bit: - [2010/08/24 18:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2010/08/24 18:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2010/08/24 18:29:10 | 000,013,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidEqd.Sys -- (LHidEqd)

DRV:64bit: - [2010/08/24 18:28:58 | 000,074,320 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LEqdUsb.Sys -- (LEqdUsb)

DRV:64bit: - [2010/07/21 18:14:24 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)

DRV:64bit: - [2010/07/21 18:14:24 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr)

DRV:64bit: - [2009/04/11 06:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2008/01/21 03:46:53 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\irda.sys -- (irda)

DRV:64bit: - [2008/01/21 03:44:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\irsir.sys -- (irsir)

DRV:64bit: - [2006/12/26 11:27:20 | 000,007,168 | ---- | M] (Chic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\moufiltr.sys -- (moufiltr)

DRV - [2011/08/04 16:17:12 | 000,048,888 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys -- (SDHookDriver)

DRV - [2011/07/11 14:40:36 | 000,020,336 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys -- (FileMonitor)

DRV - [2011/03/23 00:58:50 | 000,021,328 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys -- (UrlFilter)

DRV - [2011/03/23 00:58:44 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys -- (RegFilter)

DRV - [2011/03/16 18:59:56 | 000,036,792 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys -- (PfFilter)

DRV - [2010/08/17 13:27:15 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/08/17 13:27:15 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2010/08/17 13:27:15 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll (Spigot, Inc.)

IE - HKU\.DEFAULT\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - Reg Error: Value error. File not found

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll (Spigot, Inc.)

IE - HKU\S-1-5-18\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - Reg Error: Value error. File not found

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347

IE - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/football

IE - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - Reg Error: Value error. File not found

IE - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

IE - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@IObitBar.com/Plugin: C:\Program Files (x86)\IObitBar\toolbar\1.bin\NPi0Stub.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\i0ffxtbr@IObitBar.com: C:\Program Files (x86)\IObitBar\toolbar\1.bin [2011/01/23 12:41:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/08/09 12:58:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/08 20:22:30 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O2 - BHO: (Toolbar BHO) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - Reg Error: Value error. File not found

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.4\iobitToolbarIE.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O3:64bit: - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)

O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)

O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [searchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [spywareTerminator] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)

O4 - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001..\Run: [spywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)

O4 - HKU\S-1-5-21-1440669532-1949781043-1767260532-1001..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - Startup: C:\Users\David Berry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found

O24 - Desktop WallPaper: C:\Users\David Berry\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\David Berry\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2003/01/29 03:34:52 | 000,036,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2002/12/17 00:25:21 | 000,000,125 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2003/02/08 06:01:42 | 000,000,000 | ---D | M] - D:\autorun -- [ CDFS ]

O33 - MountPoints2\{40f074b4-765d-11de-86f4-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{40f074b4-765d-11de-86f4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Autorun\UBIAUTORUN.EXE .\cd2.ini

O33 - MountPoints2\{88f61318-c376-11e0-8b53-001966c3194d}\Shell - "" = AutoRun

O33 - MountPoints2\{88f61318-c376-11e0-8b53-001966c3194d}\Shell\AutoRun\command - "" = E:\AUTORUN.EXE

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (SmartDefragBootTime.exe) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/14 21:21:02 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\David Berry\Desktop\OTL.exe

[2011/08/14 20:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking

[2011/08/14 20:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking

[2011/08/13 15:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/08/13 15:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

[2011/08/13 15:50:48 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe

[2011/08/13 15:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2

[2011/08/12 22:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

[2011/08/11 23:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2011/08/11 23:30:01 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/08/11 12:31:49 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Roaming\Malwarebytes

[2011/08/11 12:31:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/08/11 12:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/08/11 12:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/08/11 12:31:39 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/08/11 12:31:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/08/11 12:01:42 | 001,730,936 | ---- | C] (SolidQuest Inc. ) -- C:\Users\David Berry\Documents\ErrorTeck_setup.exe

[2011/08/11 11:59:54 | 000,731,000 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\David Berry\Documents\autoruns.exe

[2011/08/11 11:41:50 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Roaming\RegistryKeys

[2011/08/11 11:40:17 | 000,000,000 | -H-D | C] -- C:\Windows\PIF

[2011/08/11 11:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorTeck

[2011/08/11 11:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ErrorTeck

[2011/08/10 22:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo

[2011/08/10 22:08:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gamigo

[2011/08/10 20:28:58 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/08/10 20:28:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/08/10 20:28:56 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/08/10 20:28:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/08/10 20:28:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/08/10 20:28:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/08/10 20:28:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/08/10 20:28:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/08/10 20:28:55 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/08/10 20:28:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/08/10 20:21:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%

[2011/08/10 18:41:13 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2011/08/10 18:41:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2011/08/10 18:41:06 | 004,699,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2011/08/10 13:23:37 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2011/08/10 13:23:37 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2011/08/10 13:23:37 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2011/08/10 13:23:37 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2011/08/10 13:23:36 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll

[2011/08/10 13:21:54 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2011/08/10 13:21:54 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2011/08/10 13:21:54 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2011/08/10 13:21:54 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2011/08/10 13:21:54 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2011/08/10 13:21:54 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2011/08/10 13:21:54 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2011/08/10 13:21:54 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2011/08/10 13:21:54 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2011/08/10 13:21:54 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2011/08/10 13:21:54 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2011/08/10 13:21:54 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2011/08/10 13:21:54 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2011/08/10 13:21:54 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2011/08/10 13:21:54 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2011/08/10 13:15:52 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll

[2011/08/10 13:15:52 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe

[2011/08/10 13:15:52 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe

[2011/08/10 13:15:52 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe

[2011/08/10 13:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2011/08/10 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2011/08/10 12:56:43 | 000,758,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\cohelper.dll

[2011/08/10 12:44:27 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll

[2011/08/10 12:44:27 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll

[2011/08/10 01:33:52 | 000,000,000 | ---D | C] -- C:\Vimeo

[2011/08/10 00:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials TV

[2011/08/10 00:45:56 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Local\CrashRpt

[2011/08/10 00:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RapidSolution

[2011/08/10 00:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution

[2011/08/10 00:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 8

[2011/08/10 00:42:43 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Local\RapidSolution

[2011/08/09 00:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2011/08/08 23:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound

[2011/08/08 20:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software

[2011/08/08 20:56:40 | 000,000,000 | ---D | C] -- C:\Users\David Berry\AppData\Roaming\NCH Software

[2011/08/08 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\DIVX

[2011/08/08 20:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2011/08/08 20:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2011/08/08 20:22:21 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011/08/08 20:22:09 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011/08/08 20:22:09 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011/08/08 20:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real

[2011/08/08 20:22:07 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011/08/08 20:21:45 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll

[2011/08/08 20:21:45 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll

[2011/08/02 16:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2011/07/25 12:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

[2011/07/22 17:55:50 | 000,046,112 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/14 21:21:19 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\David Berry\Desktop\OTL.exe

[2011/08/14 20:36:49 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/08/14 20:36:49 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/08/14 19:47:21 | 000,000,543 | ---- | M] () -- C:\Users\David Berry\Desktop\dds.scr - Shortcut.lnk

[2011/08/14 17:53:05 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/08/14 17:53:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/08/14 16:38:34 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/08/14 16:38:12 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/08/14 16:38:12 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/08/14 16:36:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/08/13 15:50:54 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2011/08/12 22:40:26 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/08/12 21:50:04 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/08/11 23:38:46 | 000,002,571 | ---- | M] () -- C:\Users\David Berry\Desktop\HiJackThis.lnk

[2011/08/11 23:28:51 | 000,000,584 | ---- | M] () -- C:\Users\David Berry\Desktop\HiJackThis - Shortcut.lnk

[2011/08/11 12:43:25 | 000,000,680 | ---- | M] () -- C:\Users\David Berry\AppData\Local\d3d9caps.dat

[2011/08/11 12:00:25 | 000,055,296 | ---- | M] () -- C:\Users\David Berry\Documents\BSOD_Windows7_Vista_v2.64_jcgriff2_.exe

[2011/08/11 11:59:24 | 000,731,000 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\David Berry\Documents\autoruns.exe

[2011/08/11 11:40:17 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\ErrorTeck.lnk

[2011/08/11 11:40:04 | 001,730,936 | ---- | M] (SolidQuest Inc. ) -- C:\Users\David Berry\Documents\ErrorTeck_setup.exe

[2011/08/10 23:12:17 | 000,766,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/08/10 23:12:17 | 000,634,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/08/10 23:12:17 | 000,119,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/08/10 23:09:32 | 000,746,130 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/08/10 22:12:19 | 000,002,111 | ---- | M] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk

[2011/08/10 22:12:19 | 000,000,148 | ---- | M] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url

[2011/08/10 13:15:36 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe

[2011/08/10 13:15:36 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe

[2011/08/10 13:15:36 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe

[2011/08/10 13:15:35 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll

[2011/08/10 12:23:08 | 127,472,944 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2011/08/10 00:46:02 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\audials TV.lnk

[2011/08/10 00:45:36 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Audials 8.lnk

[2011/08/09 21:58:34 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini

[2011/08/09 12:58:19 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk

[2011/08/08 23:48:52 | 000,000,732 | ---- | M] () -- C:\Users\David Berry\AppData\Local\d3d9caps64.dat

[2011/08/08 23:07:39 | 000,052,084 | ---- | M] () -- C:\Users\David Berry\Documents\cc_20110808_230732.reg

[2011/08/08 22:50:20 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/08/08 21:19:57 | 000,009,216 | ---- | M] () -- C:\Users\David Berry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/08/08 20:49:49 | 000,001,424 | ---- | M] () -- C:\Users\David Berry\Desktop\DivX Movies.lnk

[2011/08/08 20:22:44 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2011/08/08 20:22:21 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011/08/08 20:22:09 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011/08/08 20:22:09 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011/08/08 20:22:07 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011/08/08 20:21:45 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll

[2011/08/08 20:21:45 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll

[2011/08/03 12:50:00 | 024,692,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2011/08/03 12:50:00 | 022,470,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2011/08/03 12:50:00 | 017,193,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2011/08/03 12:50:00 | 016,595,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2011/08/03 12:50:00 | 015,064,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2011/08/03 12:50:00 | 012,636,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2011/08/03 12:50:00 | 008,355,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2011/08/03 12:50:00 | 007,254,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2011/08/03 12:50:00 | 006,613,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2011/08/03 12:50:00 | 006,136,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2011/08/03 12:50:00 | 005,404,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2011/08/03 12:50:00 | 003,021,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2011/08/03 12:50:00 | 002,758,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2011/08/03 12:50:00 | 002,532,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2011/08/03 12:50:00 | 002,412,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2011/08/03 12:50:00 | 002,391,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2011/08/03 12:50:00 | 002,222,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2011/08/03 12:50:00 | 002,090,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2011/08/03 12:50:00 | 001,519,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll

[2011/08/03 12:50:00 | 001,453,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll

[2011/08/03 12:50:00 | 000,836,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll

[2011/08/03 12:50:00 | 000,117,864 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2011/08/03 12:50:00 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2011/08/03 12:50:00 | 000,061,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2011/08/03 12:50:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2011/08/03 12:50:00 | 000,007,383 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb

[2011/08/03 03:31:54 | 000,311,912 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011/08/02 16:31:41 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2011/07/25 12:49:37 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk

[2011/07/24 13:33:11 | 000,174,235 | ---- | M] () -- C:\Users\David Berry\Documents\Screenshot_83.jpg

[2011/07/24 13:31:41 | 000,162,981 | ---- | M] () -- C:\Users\David Berry\Documents\Screenshot_82.jpg

[2011/07/24 13:31:30 | 000,171,793 | ---- | M] () -- C:\Users\David Berry\Documents\Screenshot_81.jpg

[2011/07/22 17:55:50 | 000,046,112 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys

[2011/07/22 06:42:23 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/07/22 06:35:31 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/07/22 06:33:41 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/07/22 06:32:49 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/07/22 06:30:55 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/07/22 03:54:43 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/07/22 03:47:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/07/22 03:45:41 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/07/22 03:44:42 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/07/22 03:43:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/14 19:47:21 | 000,000,543 | ---- | C] () -- C:\Users\David Berry\Desktop\dds.scr - Shortcut.lnk

[2011/08/13 15:51:06 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/08/13 15:51:05 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/08/13 15:51:05 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/08/13 15:50:54 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2011/08/13 15:50:54 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2011/08/11 23:30:01 | 000,002,571 | ---- | C] () -- C:\Users\David Berry\Desktop\HiJackThis.lnk

[2011/08/11 23:28:51 | 000,000,584 | ---- | C] () -- C:\Users\David Berry\Desktop\HiJackThis - Shortcut.lnk

[2011/08/11 12:31:44 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/08/11 12:01:58 | 000,055,296 | ---- | C] () -- C:\Users\David Berry\Documents\BSOD_Windows7_Vista_v2.64_jcgriff2_.exe

[2011/08/11 11:40:17 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\ErrorTeck.lnk

[2011/08/10 22:12:19 | 000,002,111 | ---- | C] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk

[2011/08/10 22:12:19 | 000,000,148 | ---- | C] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url

[2011/08/10 00:46:02 | 000,002,056 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\audials TV.lnk

[2011/08/10 00:46:02 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\audials TV.lnk

[2011/08/10 00:45:36 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Audials 8.lnk

[2011/08/08 23:48:52 | 000,000,732 | ---- | C] () -- C:\Users\David Berry\AppData\Local\d3d9caps64.dat

[2011/08/08 23:07:35 | 000,052,084 | ---- | C] () -- C:\Users\David Berry\Documents\cc_20110808_230732.reg

[2011/08/08 20:49:49 | 000,001,424 | ---- | C] () -- C:\Users\David Berry\Desktop\DivX Movies.lnk

[2011/08/08 20:22:44 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011/07/24 13:34:39 | 000,174,235 | ---- | C] () -- C:\Users\David Berry\Documents\Screenshot_83.jpg

[2011/07/24 13:34:39 | 000,171,793 | ---- | C] () -- C:\Users\David Berry\Documents\Screenshot_81.jpg

[2011/07/24 13:34:39 | 000,162,981 | ---- | C] () -- C:\Users\David Berry\Documents\Screenshot_82.jpg

[2011/01/31 17:36:00 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll

[2011/01/31 17:22:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll

[2011/01/31 17:22:29 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini

[2010/12/22 18:22:00 | 000,746,130 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/10/05 19:40:33 | 000,049,152 | ---- | C] () -- C:\Windows\Iniexpander.exe

[2010/10/05 19:31:00 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll

[2010/10/05 19:31:00 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll

[2010/07/08 18:58:52 | 000,000,680 | ---- | C] () -- C:\Users\David Berry\AppData\Local\d3d9caps.dat

[2010/01/20 18:32:16 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\DirectCOM.dll

[2010/01/20 18:32:12 | 000,309,248 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll

[2009/11/17 18:16:09 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys

[2009/09/23 23:36:33 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2009/09/23 23:36:12 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin

[2009/09/23 23:35:52 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/09/09 23:05:43 | 000,009,216 | ---- | C] () -- C:\Users\David Berry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/07/24 12:27:24 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin

[2009/07/23 11:55:32 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2009/07/23 11:55:32 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI

[2009/07/22 02:35:16 | 000,004,319 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2008/01/21 03:47:53 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

[2006/11/02 16:30:41 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/10/11 04:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

========== Alternate Data Streams ==========

@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:0B4227B4

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Link to post
Share on other sites

Extras,txt

OTL Extras logfile created on: 14/08/2011 21:22:04 - Run 1

OTL by OldTimer - Version 3.2.26.2 Folder = C:\Users\David Berry\Desktop

64bit-Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

8.00 Gb Total Physical Memory | 5.24 Gb Available Physical Memory | 65.51% Memory free

16.05 Gb Paging File | 12.94 Gb Available in Paging File | 80.61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465.76 Gb Total Space | 330.50 Gb Free Space | 70.96% Space Free | Partition Type: NTFS

Drive D: | 699.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DAVIDBERRY-PC | User Name: David Berry | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

http [open] -- Reg Error: Value error.

https [open] -- Reg Error: Value error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Value error.

https [open] -- Reg Error: Value error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = E1 0B B4 13 DC 5B C8 01 [binary data]

"VistaSp2" = 07 19 77 E9 16 3D CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0E033831-D60F-49E3-954D-53CB543E5717}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{2A0D80E4-C87C-4878-A73C-83ADC886298E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{2E8AB3E4-3A6A-481E-B85E-CB6556541E52}" = rport=137 | protocol=17 | dir=out | app=system |

"{2F67EE20-9F59-4695-977C-AFDD70717F42}" = rport=445 | protocol=6 | dir=out | app=system |

"{371C4D2F-A407-48F9-89FB-6AD03A034D9C}" = rport=138 | protocol=17 | dir=out | app=system |

"{4047C0CE-28CA-48C8-976D-630FCFC6F0BB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{45DADEE7-B807-45F0-A2B4-1409982C4A9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{46149C4B-53A5-43A1-8C18-BFA0CB1F5208}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{59D2378C-D348-4A51-B314-7FBCCEE9DE6D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{6375DCF0-2E5D-415F-9943-BF0A155DE613}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{674A4F5B-2CF2-49CF-90B8-2CCE9A993756}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{677A1C68-3A0D-42A3-A61F-A8639E8E18F0}" = rport=139 | protocol=6 | dir=out | app=system |

"{677BEB7E-1277-4C9E-9F30-E9CE6CE01283}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{7117C58D-D3A5-4A95-8F6B-466948DFAED7}" = lport=138 | protocol=17 | dir=in | app=system |

"{7D34E9F7-0EB7-4C26-8E66-A68638A64740}" = lport=139 | protocol=6 | dir=in | app=system |

"{7E51D6C8-7FB6-47A6-BCFC-FB6A763E59D3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{86C9E478-17F5-4377-B12B-D3510FA6962F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{8F59789E-9C21-4D9E-8308-13E447749B3A}" = lport=137 | protocol=17 | dir=in | app=system |

"{95D3C8D0-B71E-4A89-B430-FEF7C6E50AC0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{97A3C11B-6FCA-449F-9C3E-AEC2A27C4DF9}" = rport=10243 | protocol=6 | dir=out | app=system |

"{9E382C41-6D42-486C-BF4B-C013C310DFFB}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

"{A444A4B9-09C1-4BAA-A3DB-3BD170C3C433}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{AD920C6C-E412-4597-A003-A6C675096A5F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{AF6F3301-9BDF-4D53-807C-F6AF99A1AD6C}" = lport=6112 | protocol=6 | dir=in | name=blizzard downloader |

"{B648E83E-986A-4DB8-8850-44D4E883DC70}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BABCE517-A261-492E-A963-D5B28B096EBE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{C028BD50-3C5C-40D3-927B-A0729608654A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{C276726C-CD4A-476C-B03A-BF68BD383EE6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{CA134F68-2FC0-4A5E-83B4-810679C09141}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{CEA1E161-9881-4A04-A77B-083015A72C46}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{D1EE560C-5A6E-4E73-B86D-1B63BD19799C}" = lport=2869 | protocol=6 | dir=in | app=system |

"{D1F43194-D851-438B-BAF4-4586D2DD9664}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{D9937219-E72D-4F95-BD50-D2ACEE63098B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{DA67FC12-81DA-481B-8CC7-4C2EB1FC41B1}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |

"{E65DA15B-9CB6-476F-BB96-15B0EED430FF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{ED8AAC76-6036-43F6-8A78-668869E52684}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{EF7C5E12-0B5D-40FD-B301-433D13394CEA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F5B5138A-3E8A-4933-A2EC-C640E9E85D98}" = lport=445 | protocol=6 | dir=in | app=system |

"{F96CEE70-DF20-42DB-9D95-1A4EC2DDF0C7}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{FC1DD77F-2F23-4831-8E20-F95456F739EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{077ACF67-2E02-4EDE-A336-D63A84793EE8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |

"{08D837E0-75F6-461F-B4CF-C97EA6EE7884}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe |

"{09A0DFDE-329B-40F8-99B8-121DEBB9D1F4}" = protocol=6 | dir=out | app=system |

"{0A24869E-A36E-4F6C-895D-348C41469119}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |

"{0F8AB972-602B-48B2-B2EA-C7D20BE56282}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{15B2F6E6-A550-4DA1-8746-A9352E2A7022}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |

"{179BFA71-52EA-473C-9730-5D56A6260923}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

"{1A2D15ED-CA5D-4630-B6B0-43EAD4378BC0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{1BD6685E-8521-4D92-93B0-61EB1C4EE4F2}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

"{1D101167-2784-4B5A-9D89-21C9D64F57FF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1DBA3358-4CFC-4E92-9B8F-B20323542B3A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{23B5A3AA-645F-4D39-B3C0-9FE12E1DA71B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{24AAB96F-1737-4677-B246-278DBF08B82C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{2AC7ABC0-21F9-47E0-A033-9BAEEE3B51C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{2C778773-AEDD-44EC-82B8-C52E5210BA4F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{2DE90AB9-F2E7-4D8B-A92F-16AA2C076208}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\blackprophecy.exe |

"{303284A1-64B9-41CB-AFB6-C44878C45D03}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

"{3648CDDB-0501-43CA-BB2A-CC087C0A9103}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{378D8874-105B-40BA-AE81-F439BBEC1EBB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{37DFFE16-F12C-4A78-B948-6FF9B91089A4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{3B00547B-C491-4EEB-BF7C-9A5A99E8C852}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |

"{3B9C9D94-5887-4C08-B85B-34E80E0459E0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |

"{404369AB-A017-458C-80BB-68268EDB38C8}" = protocol=17 | dir=in | app=c:\program files\sd enternet\navyfield\navyfield launcher.exe |

"{4AB71C4C-0574-472E-9227-B127F84BF8C9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |

"{4D672DC8-471A-4B98-93B4-DE086706E4C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{4E779431-87E0-4B6B-94C9-B379301738F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{52CB7F13-F2D3-4B7E-8894-9273F5C8FB8D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe |

"{55588040-C14C-4073-9932-CDEA9CDCEB79}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{600821E7-2EF5-447D-B212-E7827DDAA9A2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{601525DE-B4C9-4F82-969F-20A0C7167D17}" = protocol=6 | dir=in | app=c:\program files\sd enternet\navyfield\navyfield launcher.exe |

"{61C86173-C656-45AB-B16B-7910434D8E2C}" = protocol=6 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe |

"{62BC2FF4-55AB-444B-9906-74CE0816F901}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |

"{64C00532-84AF-4320-9D48-97948A5E979E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |

"{6644635C-9EA8-4836-90B2-BF429D9EF18E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{6735ACB0-6A9D-490C-9314-9AD05F0975E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{69DB5C9B-0B93-4032-B12B-1632C7D1710C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |

"{6D9539B6-51B9-4244-8027-3F0CCBF37849}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{6DF78D1C-1C51-4A90-B1D6-7930582017EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{7A7320F9-231A-45A4-A805-0532B9B57EA0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{8A79CFE4-706D-4E10-983B-1C69022F1572}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |

"{8D1AA629-31F9-4AAB-AFA0-62160DB143E0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{8FD7220E-0B87-4B8D-86B3-38DCB1E48CA0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |

"{93F5DDB0-FBB8-42A0-8FEF-5089800FE7F1}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |

"{A6C7E588-C077-4063-A1D9-1BA1F1961119}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

"{AC2ED508-77CA-4CB3-8C98-A552295C6501}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{AFA07C20-34A8-479F-9820-32DD5A32C568}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |

"{B4B6072E-F216-4CE2-85B5-B60B9958CCD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{B74CFB4E-5FEB-45FC-969B-17BF4CB0431D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |

"{B763566E-5A5D-46B1-84A2-C93B4083BF15}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |

"{CA02F169-6149-4C63-97C5-05184D3DCB0D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |

"{CF5ED380-AF35-4A52-A21B-C8E5CA8FFBFE}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\patcher.exe |

"{D448DEC0-AB54-4635-B966-5CDF2A508E5A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D6C1B4F7-EE94-4348-B600-80913F19C7EF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{D9470C9C-A59E-4E6A-A9FB-6FF333A2E8BC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{E06CD0DA-1BC1-4B6F-88D7-D4C5956F3805}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |

"{E2E2F0A8-EF34-4C34-956A-2B4A1CE2CB0F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |

"{E52A3733-1315-4D98-8219-EF7C76176CC5}" = protocol=17 | dir=in | app=c:\program files (x86)\gamigo\black prophecy\bin\win32\launcher.exe |

"{E5EFC56A-1390-44A5-9E1A-4683A2B8140B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{EC92F682-EC8E-4A8B-A793-85E0C41928AA}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |

"{F76BFFA0-0A2A-4F7F-A6A6-52814A36254E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FAC56DF4-6A45-4A39-9D5F-C75CC7F7C6DE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |

"{FB94ADF5-671E-40B9-AB54-86351FD0541A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{FD934BCA-5B42-4430-92BD-4A66122D6699}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"TCP Query User{1501999A-FB91-41D4-A6FA-54F32356DA18}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"TCP Query User{1597DCE8-DA24-4A3E-B60C-A3BA41AF7C4E}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe |

"TCP Query User{185C13D4-FDB2-4EF6-B50B-07EE0EB1B2A7}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe |

"TCP Query User{1E0ED6DC-089C-436E-9974-72D2E29D791D}C:\users\david berry\desktop\sc2-wingsofliberty-enus-demo-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\david berry\desktop\sc2-wingsofliberty-enus-demo-installer-downloader.exe |

"TCP Query User{368BE321-251D-4087-9FE7-11E5D7C2FEB4}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |

"TCP Query User{42064B7B-099E-438F-B5D2-29C376F0D611}C:\program files (x86)\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |

"TCP Query User{4212F66C-A959-462D-B664-BE7204C7A6A0}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"TCP Query User{4C51DBB1-46B8-4BFC-AD49-31D16E5F0021}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |

"TCP Query User{60DAE471-FAEB-4BBD-8107-BF0E48F141A5}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe |

"TCP Query User{6739F6ED-E654-403B-A504-7789A1F28AED}C:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=c:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |

"TCP Query User{766F974B-0CF8-4CFE-AD7A-8F3907868E28}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe |

"TCP Query User{8CB11A1C-19A4-40C3-A1E5-64F490863751}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |

"TCP Query User{92D2F80E-1327-48D3-B208-61CBB53F178D}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |

"TCP Query User{95862E04-8C67-44B5-A63C-72475094B6A7}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"TCP Query User{964F3AB6-3D47-4760-803E-499D11F10174}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"TCP Query User{A7DED884-1F96-436B-882C-F6E4C2CFA901}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |

"TCP Query User{CB8638EF-DE43-4236-904B-95E59F8B4B8A}C:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe |

"TCP Query User{CF706AD0-8BF9-4B30-9019-1B24BFB6918D}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

"TCP Query User{DC84C2D5-F300-49F5-A7FB-EE68C663E774}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |

"UDP Query User{027E9065-C5D1-434C-8E44-2E7FD5A1E71C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"UDP Query User{037D8746-760F-474F-9FDA-387A77E58EBB}C:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-2.1.1.1897-enus-tools-downloader.exe |

"UDP Query User{03805568-7289-4C75-BF7A-96FC84FBA5D1}C:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |

"UDP Query User{1332E426-4F4B-4EFF-AA8F-3B116C959BDC}C:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |

"UDP Query User{14037C1D-77E9-4992-96F5-24254617A152}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

"UDP Query User{1FDFE3C0-5D87-4EB9-B06E-0CF175119F2C}C:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-enus-downloader.exe |

"UDP Query User{2FD4AFA6-CEE8-4E11-A286-F02118C5B911}C:\program files (x86)\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe |

"UDP Query User{5231A91E-4381-473B-9F23-07864B1582FF}C:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=c:\program files (x86)\red storm entertainment\ravenshield\system\ravenshield.exe |

"UDP Query User{5715406C-5FA5-4E5C-AE1D-2BD819ED32B0}C:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |

"UDP Query User{5D2B12D9-4E90-4E5C-880D-EC313B25F4E7}C:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.5.12340-x86-win-enus-bkgnd-downloader.exe |

"UDP Query User{74716FE4-729B-45B2-BB34-884D86F8BBEB}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |

"UDP Query User{755C85DC-93DC-440E-8D38-A9CFBA427636}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |

"UDP Query User{84A3579C-16ED-4168-9FF5-2621EECA1A35}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"UDP Query User{88F82B81-8FAF-4297-B018-DED1A93AD627}C:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.0.11159-to-3.3.2.11403-enus-downloader.exe |

"UDP Query User{A0815127-2B5D-4E37-9EBE-DD41797B9F7B}C:\users\david berry\desktop\sc2-wingsofliberty-enus-demo-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\david berry\desktop\sc2-wingsofliberty-enus-demo-installer-downloader.exe |

"UDP Query User{B81C8BA7-0D3D-4DA0-A7BA-5CBB87DA125A}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |

"UDP Query User{E8081F57-D7E2-47FE-93F1-3B25FD220714}C:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-enus-downloader.exe |

"UDP Query User{E9AACC72-0368-4170-A0A8-74283F746866}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"UDP Query User{FA5B22B3-C93D-4C91-8AB6-9B0B3EEF00B9}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00BCC0AD-0699-48B6-9900-3C53BBCD4DAC}" = AVG 2011

"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware

"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java 6 Update 26 (64-bit)

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client

"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety

"{47DEB25D-4FA2-4894-8A0D-FE944C47326E}" = Microsoft Baseline Security Analyzer 2.1

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{71F2CF3C-07C9-4FB9-8B22-8BC411C2E3EE}" = AVG 2011

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit

"AVG" = AVG 2011

"CCleaner" = CCleaner

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Security Client" = Microsoft Security Essentials

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"sp6" = Logitech SetPoint 6.20

"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0851C7FA-45BD-4F2A-939D-3AA20BD0DF7C}" = Windows Client OS Operations Manager 2007 MP

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 26

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver

"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}" = Audials TV

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{664FF9A8-7E44-4E17-AD40-D10E15504C49}" = Tom Clancy's Rainbow Six 3: Athena Sword 1.00.000

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{784EE8DF-2273-4EBD-8372-7CE597613BCF}" = IObit Toolbar v4.4

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{79D1BA4A-BEB4-4357-A431-C3EF58E72E6C}" = The Official DSA Theory Test for Car Drivers

"{7CB9D2B5-08B0-4A36-9210-AB6C8593D826}" = Audials

"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{832ECDE8-5E05-4601-9B0E-4ED14985F46A}" = LG_MobileSync

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A4B9033B-D183-4A6C-9BCB-6BC8F80B939D}" = RPS CRT

"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in

"{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}" = GIGABYTE VGA @BIOS

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)

"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield 1.54.387

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D6D425D2-803F-40E8-9D65-3DC00D577C11}" = NavyFIELD NorthAmerica

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Advanced SystemCare 4_is1" = Advanced SystemCare 4

"a-squared Free_is1" = a-squared Free 4.5

"Black Prophecy_is1" = Black Prophecy

"Bo-Shot" = Bo-Shot 1.02

"FreeApp v1" = FreeApps

"Game Booster_is1" = Game Booster

"GSC 2.00" = GSC 2.00

"InstallShield_{79D1BA4A-BEB4-4357-A431-C3EF58E72E6C}" = The Official DSA Theory Test for Car Drivers

"IObit Malware Fighter_is1" = IObit Malware Fighter

"IObitCom Toolbar" = IObitCom Toolbar

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800

"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Protected Folder_is1" = Protected Folder

"RealPlayer 12.0" = RealPlayer

"Shockvoice Client_is1" = Shockvoice Client 0.9.4

"Smart Defrag 2_is1" = Smart Defrag 2

"Spyware Terminator_is1" = Spyware Terminator

"SystemRequirementsLab" = System Requirements Lab

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"Virtual Magnifying Glass_is1" = Virtual Magnifying Glass v3.3.2

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1440669532-1949781043-1767260532-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"090215de958f1060" = Curse Client

"Pirate Galaxy" = Pirate Galaxy

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 14/08/2011 12:41:14 | Computer Name = DavidBerry-PC | Source = Perflib | ID = 1008

Description =

Error - 14/08/2011 12:41:14 | Computer Name = DavidBerry-PC | Source = Perflib | ID = 1005

Description =

Error - 14/08/2011 12:41:14 | Computer Name = DavidBerry-PC | Source = Perflib | ID = 1018

Description =

Error - 14/08/2011 12:41:14 | Computer Name = DavidBerry-PC | Source = Perflib | ID = 1008

Description =

Error - 14/08/2011 13:16:45 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 9.0.8112.16421, time stamp

0x4d762323, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb74dd3,

exception code 0xc0000005, fault offset 0x00000000000254fa, process id 0x430, application

start time 0x01cc5a99d47d2540.

Error - 14/08/2011 14:44:21 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 9.0.8112.16421, time stamp

0x4d762323, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb74dd3,

exception code 0xc0000005, fault offset 0x00000000000254fa, process id 0x1930, application

start time 0x01cc5ab2297a8bd8.

Error - 14/08/2011 14:50:47 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application cmd.exe, version 6.0.6001.18000, time stamp 0x47918bde,

faulting module SDHook32.dll, version 2.0.5.1, time stamp 0x4e36cc58, exception

code 0xc0000005, fault offset 0x0003e2e5, process id 0x1aa0, application start time

0x01cc5ab2ead0b6ef.

Error - 14/08/2011 14:52:36 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application cmd.exe, version 6.0.6001.18000, time stamp 0x47918bde,

faulting module SDHook32.dll, version 2.0.5.1, time stamp 0x4e36cc58, exception

code 0xc0000005, fault offset 0x0003e2e5, process id 0x8a0, application start time

0x01cc5ab33e68d6f2.

Error - 14/08/2011 14:54:02 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application cmd.exe, version 6.0.6001.18000, time stamp 0x47918bde,

faulting module SDHook32.dll, version 2.0.5.1, time stamp 0x4e36cc58, exception

code 0xc0000005, fault offset 0x0003e2e5, process id 0x19cc, application start time

0x01cc5ab3716b1560.

Error - 14/08/2011 15:06:08 | Computer Name = DavidBerry-PC | Source = Application Error | ID = 1000

Description = Faulting application cmd.exe, version 6.0.6001.18000, time stamp 0x47918bde,

faulting module SDHook32.dll, version 2.0.5.1, time stamp 0x4e36cc58, exception

code 0xc0000005, fault offset 0x0003e2e5, process id 0xae8, application start time

0x01cc5ab5209acd04.

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

Link to post
Share on other sites

First of all, lets check for rootkits.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Link to post
Share on other sites

Scan results.

2011/08/15 15:14:54.0604 5300 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13

2011/08/15 15:14:54.0643 5300 ================================================================================

2011/08/15 15:14:54.0643 5300 SystemInfo:

2011/08/15 15:14:54.0643 5300

2011/08/15 15:14:54.0643 5300 OS Version: 6.0.6002 ServicePack: 2.0

2011/08/15 15:14:54.0643 5300 Product type: Workstation

2011/08/15 15:14:54.0643 5300 ComputerName: DAVIDBERRY-PC

2011/08/15 15:14:54.0643 5300 UserName: David Berry

2011/08/15 15:14:54.0643 5300 Windows directory: C:\Windows

2011/08/15 15:14:54.0643 5300 System windows directory: C:\Windows

2011/08/15 15:14:54.0643 5300 Running under WOW64

2011/08/15 15:14:54.0643 5300 Processor architecture: Intel x64

2011/08/15 15:14:54.0643 5300 Number of processors: 4

2011/08/15 15:14:54.0643 5300 Page size: 0x1000

2011/08/15 15:14:54.0643 5300 Boot type: Normal boot

2011/08/15 15:14:54.0643 5300 ================================================================================

2011/08/15 15:14:55.0627 5300 Initialize success

2011/08/15 15:15:05.0917 5016 ================================================================================

2011/08/15 15:15:05.0917 5016 Scan started

2011/08/15 15:15:05.0917 5016 Mode: Manual;

2011/08/15 15:15:05.0917 5016 ================================================================================

2011/08/15 15:15:06.0606 5016 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

2011/08/15 15:15:06.0689 5016 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

2011/08/15 15:15:06.0780 5016 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

2011/08/15 15:15:06.0809 5016 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

2011/08/15 15:15:06.0830 5016 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

2011/08/15 15:15:06.0911 5016 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys

2011/08/15 15:15:07.0047 5016 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

2011/08/15 15:15:07.0127 5016 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

2011/08/15 15:15:07.0300 5016 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys

2011/08/15 15:15:07.0323 5016 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

2011/08/15 15:15:07.0343 5016 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

2011/08/15 15:15:07.0463 5016 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

2011/08/15 15:15:07.0494 5016 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

2011/08/15 15:15:07.0620 5016 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/08/15 15:15:07.0673 5016 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

2011/08/15 15:15:07.0836 5016 AVGIDSDriver (593868a578b40da9bc155b22316bc9a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

2011/08/15 15:15:07.0885 5016 AVGIDSEH (0994ba65388c7d5282242d1124fe8373) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

2011/08/15 15:15:07.0906 5016 AVGIDSFilter (bf9ebe32b3827991d2100fcebca1af01) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

2011/08/15 15:15:07.0950 5016 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys

2011/08/15 15:15:08.0032 5016 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys

2011/08/15 15:15:08.0077 5016 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys

2011/08/15 15:15:08.0105 5016 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys

2011/08/15 15:15:08.0191 5016 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

2011/08/15 15:15:08.0264 5016 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

2011/08/15 15:15:08.0310 5016 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

2011/08/15 15:15:08.0363 5016 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

2011/08/15 15:15:08.0443 5016 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

2011/08/15 15:15:08.0462 5016 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

2011/08/15 15:15:08.0480 5016 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

2011/08/15 15:15:08.0505 5016 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

2011/08/15 15:15:08.0533 5016 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

2011/08/15 15:15:08.0605 5016 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

2011/08/15 15:15:08.0747 5016 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

2011/08/15 15:15:08.0802 5016 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys

2011/08/15 15:15:08.0850 5016 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

2011/08/15 15:15:08.0964 5016 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

2011/08/15 15:15:09.0005 5016 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys

2011/08/15 15:15:09.0032 5016 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

2011/08/15 15:15:09.0127 5016 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys

2011/08/15 15:15:09.0209 5016 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

2011/08/15 15:15:09.0290 5016 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

2011/08/15 15:15:09.0347 5016 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

2011/08/15 15:15:09.0436 5016 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

2011/08/15 15:15:09.0511 5016 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

2011/08/15 15:15:09.0621 5016 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

2011/08/15 15:15:09.0650 5016 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

2011/08/15 15:15:09.0711 5016 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys

2011/08/15 15:15:09.0785 5016 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

2011/08/15 15:15:09.0860 5016 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

2011/08/15 15:15:09.0916 5016 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

2011/08/15 15:15:09.0979 5016 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

2011/08/15 15:15:10.0079 5016 FileMonitor (70ad7c930eda6084e36117bd91a6bea8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys

2011/08/15 15:15:10.0146 5016 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

2011/08/15 15:15:10.0195 5016 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/08/15 15:15:10.0254 5016 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

2011/08/15 15:15:10.0375 5016 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/08/15 15:15:10.0433 5016 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys

2011/08/15 15:15:10.0458 5016 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

2011/08/15 15:15:10.0562 5016 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys

2011/08/15 15:15:10.0641 5016 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/08/15 15:15:10.0710 5016 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

2011/08/15 15:15:10.0778 5016 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

2011/08/15 15:15:10.0844 5016 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

2011/08/15 15:15:10.0897 5016 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

2011/08/15 15:15:10.0964 5016 HTTP (8bb04143f294169bec7f5b434c98928b) C:\Windows\system32\drivers\HTTP.sys

2011/08/15 15:15:11.0034 5016 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

2011/08/15 15:15:11.0086 5016 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/08/15 15:15:11.0137 5016 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

2011/08/15 15:15:11.0195 5016 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

2011/08/15 15:15:11.0334 5016 IntcAzAudAddService (ffc65872f4b0a1075b2ab16c676a4aec) C:\Windows\system32\drivers\RTKVHD64.sys

2011/08/15 15:15:11.0407 5016 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys

2011/08/15 15:15:11.0447 5016 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

2011/08/15 15:15:11.0530 5016 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/08/15 15:15:11.0575 5016 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

2011/08/15 15:15:11.0646 5016 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

2011/08/15 15:15:11.0716 5016 irda (86583188c7157ffda249529423fc3e6f) C:\Windows\system32\DRIVERS\irda.sys

2011/08/15 15:15:11.0749 5016 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

2011/08/15 15:15:11.0804 5016 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys

2011/08/15 15:15:11.0882 5016 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

2011/08/15 15:15:11.0961 5016 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/08/15 15:15:11.0982 5016 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

2011/08/15 15:15:12.0026 5016 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

2011/08/15 15:15:12.0063 5016 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/08/15 15:15:12.0130 5016 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/08/15 15:15:12.0197 5016 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys

2011/08/15 15:15:12.0264 5016 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

2011/08/15 15:15:12.0528 5016 LEqdUsb (00ba093a3f316d43a4c3e098a96ae912) C:\Windows\system32\DRIVERS\LEqdUsb.Sys

2011/08/15 15:15:12.0578 5016 LHidEqd (3067cfad2baa4a208130cd0afb130bc9) C:\Windows\system32\DRIVERS\LHidEqd.Sys

2011/08/15 15:15:12.0605 5016 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys

2011/08/15 15:15:12.0659 5016 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

2011/08/15 15:15:12.0708 5016 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys

2011/08/15 15:15:12.0782 5016 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

2011/08/15 15:15:12.0827 5016 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

2011/08/15 15:15:12.0880 5016 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

2011/08/15 15:15:12.0922 5016 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

2011/08/15 15:15:12.0964 5016 LUsbFilt (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys

2011/08/15 15:15:13.0036 5016 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys

2011/08/15 15:15:13.0097 5016 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

2011/08/15 15:15:13.0160 5016 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

2011/08/15 15:15:13.0194 5016 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

2011/08/15 15:15:13.0275 5016 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

2011/08/15 15:15:13.0297 5016 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

2011/08/15 15:15:13.0368 5016 moufiltr (80db1a0d262c71dda698f4c20a7c19de) C:\Windows\system32\DRIVERS\moufiltr.sys

2011/08/15 15:15:13.0425 5016 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

2011/08/15 15:15:13.0494 5016 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

2011/08/15 15:15:13.0561 5016 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

2011/08/15 15:15:13.0594 5016 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

2011/08/15 15:15:13.0699 5016 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

2011/08/15 15:15:13.0748 5016 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

2011/08/15 15:15:13.0800 5016 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

2011/08/15 15:15:13.0844 5016 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

2011/08/15 15:15:13.0900 5016 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/08/15 15:15:13.0941 5016 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/08/15 15:15:14.0002 5016 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/08/15 15:15:14.0064 5016 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys

2011/08/15 15:15:14.0111 5016 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

2011/08/15 15:15:14.0146 5016 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

2011/08/15 15:15:14.0201 5016 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

2011/08/15 15:15:14.0228 5016 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

2011/08/15 15:15:14.0276 5016 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/08/15 15:15:14.0350 5016 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

2011/08/15 15:15:14.0408 5016 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

2011/08/15 15:15:14.0437 5016 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/08/15 15:15:14.0499 5016 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

2011/08/15 15:15:14.0541 5016 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

2011/08/15 15:15:14.0637 5016 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

2011/08/15 15:15:14.0750 5016 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

2011/08/15 15:15:14.0836 5016 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/08/15 15:15:14.0891 5016 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/08/15 15:15:14.0941 5016 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/08/15 15:15:14.0963 5016 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

2011/08/15 15:15:15.0044 5016 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

2011/08/15 15:15:15.0110 5016 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

2011/08/15 15:15:15.0194 5016 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

2011/08/15 15:15:15.0258 5016 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

2011/08/15 15:15:15.0312 5016 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

2011/08/15 15:15:15.0358 5016 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

2011/08/15 15:15:15.0449 5016 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

2011/08/15 15:15:15.0540 5016 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\Windows\system32\DRIVERS\NuidFltr.sys

2011/08/15 15:15:15.0581 5016 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

2011/08/15 15:15:15.0646 5016 NVENETFD (4fbdbfcb6fa19d808eeb799dcf90f472) C:\Windows\system32\DRIVERS\nvmfdx64.sys

2011/08/15 15:15:15.0952 5016 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/08/15 15:15:16.0138 5016 NVNET (4fbdbfcb6fa19d808eeb799dcf90f472) C:\Windows\system32\DRIVERS\nvmfdx64.sys

2011/08/15 15:15:16.0186 5016 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

2011/08/15 15:15:16.0275 5016 nvsmu (61a59fb62864eb3f32d24985a505ce03) C:\Windows\system32\DRIVERS\nvsmu.sys

2011/08/15 15:15:16.0332 5016 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

2011/08/15 15:15:16.0411 5016 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

2011/08/15 15:15:16.0558 5016 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys

2011/08/15 15:15:16.0643 5016 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

2011/08/15 15:15:16.0698 5016 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

2011/08/15 15:15:16.0752 5016 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

2011/08/15 15:15:16.0828 5016 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys

2011/08/15 15:15:16.0883 5016 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

2011/08/15 15:15:16.0916 5016 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

2011/08/15 15:15:17.0041 5016 PfFilter (38b06eab872cfc1f06ebbc1bbb96719b) C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys

2011/08/15 15:15:17.0166 5016 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

2011/08/15 15:15:17.0207 5016 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys

2011/08/15 15:15:17.0268 5016 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

2011/08/15 15:15:17.0308 5016 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

2011/08/15 15:15:17.0412 5016 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

2011/08/15 15:15:17.0436 5016 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

2011/08/15 15:15:17.0465 5016 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

2011/08/15 15:15:17.0644 5016 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/08/15 15:15:17.0784 5016 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/08/15 15:15:17.0882 5016 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

2011/08/15 15:15:17.0932 5016 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

2011/08/15 15:15:17.0986 5016 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/08/15 15:15:18.0059 5016 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

2011/08/15 15:15:18.0119 5016 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

2011/08/15 15:15:18.0165 5016 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys

2011/08/15 15:15:18.0264 5016 RegFilter (bedd5d3ccabe43926bdd01c10516321d) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\regfilter.sys

2011/08/15 15:15:18.0384 5016 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

2011/08/15 15:15:18.0468 5016 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS

2011/08/15 15:15:18.0505 5016 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS

2011/08/15 15:15:18.0556 5016 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys

2011/08/15 15:15:18.0660 5016 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

2011/08/15 15:15:18.0799 5016 SDHookDriver (d13f1f73269f28ce813ae0c64176b78d) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys

2011/08/15 15:15:18.0909 5016 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/08/15 15:15:18.0963 5016 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys

2011/08/15 15:15:18.0985 5016 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys

2011/08/15 15:15:19.0007 5016 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

2011/08/15 15:15:19.0049 5016 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

2011/08/15 15:15:19.0153 5016 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

2011/08/15 15:15:19.0176 5016 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

2011/08/15 15:15:19.0191 5016 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

2011/08/15 15:15:19.0222 5016 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

2011/08/15 15:15:19.0280 5016 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

2011/08/15 15:15:19.0361 5016 SmartDefragDriver (327383124d31ac398b98f4ae300421e8) C:\Windows\system32\Drivers\SmartDefragDriver.sys

2011/08/15 15:15:19.0399 5016 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

2011/08/15 15:15:19.0451 5016 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

2011/08/15 15:15:19.0516 5016 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

2011/08/15 15:15:19.0618 5016 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

2011/08/15 15:15:19.0659 5016 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

2011/08/15 15:15:19.0737 5016 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

2011/08/15 15:15:19.0766 5016 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

2011/08/15 15:15:19.0858 5016 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

2011/08/15 15:15:19.0883 5016 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

2011/08/15 15:15:19.0929 5016 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys

2011/08/15 15:15:20.0007 5016 Tcpip (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\drivers\tcpip.sys

2011/08/15 15:15:20.0094 5016 Tcpip6 (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\DRIVERS\tcpip.sys

2011/08/15 15:15:20.0132 5016 tcpipreg (2aa1b7ebc271e995f3358c1fa7a1d35b) C:\Windows\system32\drivers\tcpipreg.sys

2011/08/15 15:15:20.0175 5016 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

2011/08/15 15:15:20.0212 5016 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

2011/08/15 15:15:20.0272 5016 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

2011/08/15 15:15:20.0376 5016 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

2011/08/15 15:15:20.0448 5016 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/08/15 15:15:20.0466 5016 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

2011/08/15 15:15:20.0520 5016 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

2011/08/15 15:15:20.0583 5016 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

2011/08/15 15:15:20.0655 5016 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

2011/08/15 15:15:20.0715 5016 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

2011/08/15 15:15:20.0737 5016 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

2011/08/15 15:15:20.0802 5016 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

2011/08/15 15:15:20.0869 5016 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

2011/08/15 15:15:20.0888 5016 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

2011/08/15 15:15:20.0988 5016 UrlFilter (1161d118cffa13f0b4d48631f1babd35) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\UrlFilter.sys

2011/08/15 15:15:21.0097 5016 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys

2011/08/15 15:15:21.0143 5016 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/08/15 15:15:21.0237 5016 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

2011/08/15 15:15:21.0291 5016 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

2011/08/15 15:15:21.0339 5016 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

2011/08/15 15:15:21.0428 5016 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys

2011/08/15 15:15:21.0455 5016 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

2011/08/15 15:15:21.0502 5016 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys

2011/08/15 15:15:21.0534 5016 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/08/15 15:15:21.0633 5016 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/08/15 15:15:21.0697 5016 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys

2011/08/15 15:15:21.0746 5016 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys

2011/08/15 15:15:21.0837 5016 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/08/15 15:15:21.0857 5016 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

2011/08/15 15:15:21.0902 5016 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

2011/08/15 15:15:21.0945 5016 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

2011/08/15 15:15:22.0010 5016 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

2011/08/15 15:15:22.0085 5016 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

2011/08/15 15:15:22.0126 5016 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

2011/08/15 15:15:22.0166 5016 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

2011/08/15 15:15:22.0228 5016 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

2011/08/15 15:15:22.0240 5016 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

2011/08/15 15:15:22.0314 5016 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

2011/08/15 15:15:22.0362 5016 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/08/15 15:15:22.0486 5016 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/08/15 15:15:22.0617 5016 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

2011/08/15 15:15:22.0757 5016 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/08/15 15:15:22.0806 5016 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

2011/08/15 15:15:22.0819 5016 Boot (0x1200) (02f690268ebaaf1713015352029dcaa4) \Device\Harddisk0\DR0\Partition0

2011/08/15 15:15:22.0827 5016 ================================================================================

2011/08/15 15:15:22.0827 5016 Scan finished

2011/08/15 15:15:22.0827 5016 ================================================================================

2011/08/15 15:15:22.0837 1864 Detected object count: 0

2011/08/15 15:15:22.0837 1864 Actual detected object count: 0

Link to post
Share on other sites

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

Done as you asked Elise but again half way through the scan i got this message.

ComboFix NSIS Installer has stoped working.

A problem caused the programe to stop working correctly.

Windows will close the programe and notify you if a solution is found.

Question : Could i run this programe in safe mode,and would it help ?.

Link to post
Share on other sites

Ok after many attempts trying to run in safe mode i gave up and just ran it on desktop but forgot to deactivate virus and spyware programes and was so frustrated i just clicked on OK all the time and it finnally worked.

I hope the results help if not i will just do a Vista reinstall.

results

ComboFix 11-08-13.02 - David Berry 15/08/2011 22:22:39.1.4 - x64

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.8190.5970 [GMT 1:00]

Running from: c:\users\David Berry\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

/wow section - STAGE 4

Access is denied.

.

.

((((((((((((((((((((((((( Files Created from 2011-07-15 to 2011-08-15 )))))))))))))))))))))))))))))))

.

.

2011-08-15 18:43 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23EE1481-79C7-4913-8F12-8F55F58FBAFA}\mpengine.dll

2011-08-14 19:50 . 2011-08-14 19:50 -------- d-----w- c:\program files (x86)\Safer Networking

2011-08-13 14:51 . 2011-08-13 15:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-08-12 21:43 . 2011-08-12 21:43 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2011-08-11 22:30 . 2011-08-11 22:30 388096 ----a-r- c:\users\David Berry\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-08-11 22:30 . 2011-08-11 22:30 -------- d-----w- c:\program files (x86)\Trend Micro

2011-08-11 20:52 . 2010-12-22 17:28 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{82751FBA-386E-49AB-9CFF-72859FE9DB44}\gapaengine.dll

2011-08-11 11:31 . 2011-08-11 11:31 -------- d-----w- c:\users\David Berry\AppData\Roaming\Malwarebytes

2011-08-11 11:31 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-08-11 11:31 . 2011-08-11 11:31 -------- d-----w- c:\programdata\Malwarebytes

2011-08-11 11:31 . 2011-07-06 18:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-11 11:31 . 2011-08-12 21:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-08-11 10:41 . 2011-08-11 10:41 -------- d-----w- c:\users\David Berry\AppData\Roaming\RegistryKeys

2011-08-11 10:40 . 2011-08-11 10:40 -------- d--h--w- c:\windows\PIF

2011-08-11 10:40 . 2011-08-11 10:40 -------- d-----w- c:\program files (x86)\ErrorTeck

2011-08-10 21:08 . 2011-08-10 21:08 -------- d-----w- c:\program files (x86)\Gamigo

2011-08-10 19:21 . 2011-08-10 19:21 -------- d-sh--w- c:\windows\system32\%APPDATA%

2011-08-10 17:41 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-08-10 17:41 . 2011-06-06 10:59 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat

2011-08-10 17:41 . 2011-06-17 16:16 451072 ----a-w- c:\windows\system32\winsrv.dll

2011-08-10 17:41 . 2011-07-06 15:49 275456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-08-10 17:41 . 2011-06-17 20:14 1424272 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-08-10 17:41 . 2011-06-17 13:56 40448 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2011-08-10 17:41 . 2011-06-20 08:45 4699536 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-08-10 12:23 . 2011-08-03 11:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe

2011-08-10 12:23 . 2011-08-03 11:50 61544 ----a-w- c:\windows\system32\nvshext.dll

2011-08-10 12:23 . 2011-08-03 11:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll

2011-08-10 12:23 . 2011-08-03 11:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll

2011-08-10 12:23 . 2011-08-03 11:50 117864 ----a-w- c:\windows\system32\nvmctray.dll

2011-08-10 12:23 . 2011-08-03 11:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll

2011-08-10 12:15 . 2011-08-10 12:15 525544 ----a-w- c:\windows\system32\deployJava1.dll

2011-08-10 12:15 . 2011-08-10 12:15 -------- d-----w- c:\program files\Java

2011-08-10 11:59 . 2011-08-10 11:59 -------- d-----w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP

2011-08-10 11:56 . 2010-03-04 17:05 758272 ----a-w- c:\windows\system32\cohelper.dll

2011-08-10 11:44 . 2011-08-03 11:50 1519720 ----a-w- c:\windows\system32\nvdispco64.dll

2011-08-10 11:44 . 2011-08-03 11:50 1453160 ----a-w- c:\windows\system32\nvgenco64.dll

2011-08-10 00:33 . 2011-08-10 00:54 -------- d-----w- C:\Vimeo

2011-08-09 23:45 . 2011-08-09 23:45 -------- d-----w- c:\users\David Berry\AppData\Local\CrashRpt

2011-08-09 23:45 . 2011-08-09 23:46 -------- d-----w- c:\program files (x86)\RapidSolution

2011-08-09 23:45 . 2011-08-09 23:45 -------- d-----w- c:\programdata\RapidSolution

2011-08-09 23:42 . 2011-08-09 23:42 -------- d-----w- c:\users\David Berry\AppData\Local\RapidSolution

2011-08-08 23:10 . 2011-08-09 11:49 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2011-08-08 22:52 . 2011-08-08 22:52 -------- d-----w- c:\programdata\NCH Swift Sound

2011-08-08 19:57 . 2011-08-08 19:57 -------- d-----w- c:\programdata\NCH Software

2011-08-08 19:56 . 2011-08-08 23:24 -------- d-----w- c:\users\David Berry\AppData\Roaming\NCH Software

2011-08-08 19:48 . 2011-08-08 22:11 -------- d-----w- c:\program files\DIVX

2011-08-08 19:47 . 2011-08-08 22:11 -------- d-----w- c:\programdata\DivX

2011-08-08 19:22 . 2011-08-08 19:22 -------- d-----w- c:\program files (x86)\Common Files\xing shared

2011-08-08 19:21 . 2011-08-08 19:21 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2011-08-08 19:21 . 2011-08-08 19:21 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2011-08-03 02:31 . 2011-08-03 02:31 311912 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2011-08-02 15:31 . 2011-08-02 15:31 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2011-08-02 15:30 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll

2011-07-22 16:55 . 2011-07-22 16:55 46112 ----a-w- c:\windows\system32\drivers\tbhsd.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-12 20:50 . 2011-05-18 08:13 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-03 11:50 . 2011-06-01 19:49 2758760 ----a-w- c:\windows\system32\nvapi64.dll

2011-08-03 11:50 . 2010-03-15 22:52 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-08-03 11:50 . 2009-08-16 23:57 15064168 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-07-13 04:53 . 2010-12-23 12:22 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-06-02 13:50 . 2011-07-13 13:16 2764288 ----a-w- c:\windows\system32\win32k.sys

2011-05-25 06:09 . 2011-06-01 19:49 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll

2011-05-25 06:09 . 2011-06-01 19:49 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]

.

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2011-05-30 10:33 2495816 ----a-w- c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]

.

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-23 39408]

"SUPERAntiSpyware"="c:\program files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-08-17 2403568]

"SpywareTerminatorUpdate"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-17 3055616]

"Advanced SystemCare 4"="c:\program files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Google Quick Search Box"="c:\program files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-23 122368]

"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2009-11-17 2166784]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]

"RemoteControl"="c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]

"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2011-06-15 404568]

"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-05-06 532320]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2011-07-20 4393816]

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-08-08 273544]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]

.

c:\users\David Berry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CurseClientStartup.ccip [2010-1-23 0]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bo-Shot.lnk - c:\program files (x86)\Bo-Shot\Bo-Shot.exe [2003-5-5 259072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2010-08-17 12:27 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R1 SASDIFSV;SASDIFSV;c:\program files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2010-08-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2010-08-17 67656]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate1caa4ee1b230152;Google Update Service (gupdate1caa4ee1b230152);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-03 133104]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-03 133104]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]

R3 SASENUM;SASENUM;c:\program files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-08-17 12872]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S2 a2free;a-squared Free Service;c:\program files (x86)\a-squared Free\a2service.exe [2009-10-01 1858144]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]

S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]

S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]

S2 IObitBarService;IObit Toolbar Service;c:\progra~2\IObitBar\toolbar\1.bin\i0barsvc.exe [2010-07-19 28766]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]

S2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [2011-03-16 36792]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-03-16 240232]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys [2011-07-11 20336]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\regfilter.sys [2011-03-22 33184]

S3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\UrlFilter.sys [2011-03-22 21328]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-03 16:29]

.

2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-03 16:29]

.

2010-11-25 c:\windows\Tasks\User_Feed_Synchronization-{F45A1227-593E-4BB3-A214-4919D6E492CC}.job

- c:\windows\system32\msfeedssync.exe [2011-04-02 00:58]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RAVCpl64.exe" [2008-05-20 6296064]

"Skytel"="Skytel.exe" [2007-11-20 1826816]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.bbc.co.uk/football

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll

LSP: c:\program files (x86)\Flash Recorder\mfnsp32.dll

TCP: DhcpNameServer = 192.168.1.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{7757CBCC-0975-4b79-A519-90B142CA3A23} - (no file)

BHO-{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - (no file)

HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=hex:51,66,7a,6c,4c,1d,38,12,4e,a0,d4,

c8,f8,fd,f7,04,ce,b0,dc,11,68,88,dc,3d

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=hex:51,66,7a,6c,4c,1d,38,12,84,00,2b,

4f,02,1c,ad,08,d8,ea,70,23,8a,63,71,56

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}"=hex:51,66,7a,6c,4c,1d,38,12,9e,08,a1,

18,9c,f5,c9,05,ec,e2,27,75,fa,63,40,05

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"=hex:51,66,7a,6c,4c,1d,38,12,cc,76,af,

a7,b5,51,e8,03,d5,55,10,07,d2,08,45,68

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,

36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:8f,0d,ee,54,cc,f9,cb,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,97,09,14,fc,76,b8,8a,43,b4,a4,3e,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,97,09,14,fc,76,b8,8a,43,b4,a4,3e,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,a0,8d,63,67,da,0e,4c,82,9d,2a,\

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11a_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11a.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

Completion time: 2011-08-15 22:44:48

ComboFix-quarantined-files.txt 2011-08-15 21:44

.

Pre-Run: 353,260,462,080 bytes free

Post-Run: 353,161,211,904 bytes free

.

- - End Of File - - 1CCD8C9C7FB4EE238D8FA06EC1A6701B

Link to post
Share on other sites

Hi again, please let me know if you notice any improvement after the following.

TWO ANTIVIRUS PROGRAMS

---------------------------------------

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either AVG or MS Security Essentials.

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.