I have encountered a malware of some kind, please help.

Printable View

Show 40 post(s) from this thread on one page

July 23rd, 2010, 12:47 PM
Knucklepuck_1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1314D90A-A77D-4635-BB8C-840FBB466BE3}" = Autodesk MatchMover 2010 (64-bit)
"{284B452E-075E-4C7B-B8EE-E4A798CC3772}" = Maya 2010 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2B80C356-CA93-433D-814C-BF4CBF3195C2}" = Maya 2010 (64-bit) Documentation (en_US)
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99}" = Zune Language Pack (DE)
"{40EC6323-497B-44DA-8A88-74578622D9B3}" = Zune Language Pack (IT)
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{55A131D6-50A3-4FF2-881D-6C78576E8015}" = MalwareRemovalBot
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{833B98DC-A851-43D3-B22C-9C7B815520E3}" = Autodesk DirectConnect 2010 (64-bit)
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E76FE5B-645C-4CD3-8221-EB5CAFD58EF2}" = Maya 2010 Bonus Tools (64-bit)
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}" = Autodesk 3ds Max 2010 64-bit
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7FEA90D-9620-455F-9B15-652D4FA80B0A}" = Autodesk Toxik 2010 (64-bit)
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{B9E591DD-DAAC-0409-B1B8-5667E359170B}" = Autodesk 3ds Max 2010 64-bit Components
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{300A470B-681B-449F-82AE-6D19114702CE}" = PhysX Screen Saver
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{361AA6F2-124E-4E98-9402-83B1445B8448}" = GameSpy Comrade
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1.3
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{55209711-652B-4560-00AB-53D9DB7D73AF}" = NFL Head Coach
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{584109EB-4A5E-4467-B3C4-5C1000008300}" = Tinker
"{584109EB-CEA0-4954-804B-211000018301}" = Tinker
"{5C2B63BA-9045-4D90-B714-4C1755056D0F}" = Vz In Home Agent
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E06FC10-2DA5-42AA-A1E5-2D8AEF651033}" = SecurDisc Viewer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{a454c267-70b9-3bfc-af15-628bcc82d578}" = Webshots Desktop
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
July 23rd, 2010, 12:47 PM
Knucklepuck_1

"{B613BCC6-D542-4A86-BC7B-205A6ADEA46F}" = Microsoft Live Labs Pivot
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E3D4F451-5F04-4082-BE21-1C0C1ADF5014}" = Vz In Home Agent
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"AIM_7" = AIM 7
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"Ask Toolbar_is1" = Ask Toolbar
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games Client
"Bulk Image Downloader_is1" = Bulk Image Downloader v3.3.0.2
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"EA Download Manager" = EA Download Manager
"GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}" = Tinker
"Griffith_is1" = Griffith 0.11.0
"ImgBurn" = ImgBurn
"JDownloader" = JDownloader
"JEOPARDY! 2" = JEOPARDY! 2
"Mah Jong Quest III" = Mah Jong Quest III
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OnLive" = OnLive
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RadialpointClientGateway_is1" = Verizon Servicepoint 3.5.10
"Revo Uninstaller" = Revo Uninstaller 1.88
"Rockstar Neon" = Rockstar Neon Screen Saver
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 3.2.4
"STANDARDR" = Microsoft Office Standard 2007
"Steam App 12140" = Max Payne
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12360" = FlatOut: Ultimate Carnage
"Steam App 32370" = Star Wars: Knights of The Old Republic
"Steam App 35000" = Mini Ninjas
"Steam App 35010" = Batman: Arkham Asylum
"Steam App 35500" = Cities XL - Limited Edition
"Steam App 6870" = Battlestations: Midway
"Steam App 6880" = Just Cause
"Steam App 8080" = Kane & Lynch: Dead Men
"Steam App 8140" = Tomb Raider: Underworld
"StreamTorrent 1.0" = StreamTorrent 1.0
"SystemRequirementsLab" = System Requirements Lab
"Verizon Help and Support" = Verizon Help and Support Tool
"VexcastPlayer2.0" = VexcastPlayer2.0
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wootalyzer" = Wootalyzer!
"XPort 360_is1" = XPort 360
"Zinio Reader" = Zinio Reader

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
July 23rd, 2010, 12:51 PM
Broni

You didn't say how the computer is doing at the moment.
July 23rd, 2010, 12:55 PM
Knucklepuck_1

Sorry, I was restarting my computer. When I log into windows, I get this error message:

"There was a problem starting fkdup.dll
The specified module could not be found."
July 23rd, 2010, 12:57 PM
Broni

OK. Are there any other issues, or just this one?
July 23rd, 2010, 01:05 PM
Knucklepuck_1

It appears that is the only issue. There was another one, but I think I fixed it. When I opened Firefox, there was a proxy connection I had to disable to connect to the internet correctly.
July 23rd, 2010, 01:07 PM
Broni

Cool. Let me go through your OTL logs now.
July 23rd, 2010, 01:17 PM
Broni
Update your Java version here: http://www.java.com/en/download/installed.jsp
During installation, make sure to UN-check any pre-checked extra "garbage" installation, like Yahoo toolbar, or others (if offered).
Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista/7).

===============================================================

Please, uninstall AskBarDis as it's considered as an adware.

===============================================================

Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  Code:
  
  :OTL IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643 O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [sta] File not found O4 - HKCU..\Run: [Gpatetasoyu] C:\Users\Greg\AppData\Local\WCfwdWMe.DLL File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. [2010/07/20 21:09:46 | 000,000,000 | ---D | C] -- C:\Users\Harry\AppData\Local\xsmdnyvtn [2010/07/19 12:04:09 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2010/07/23 11:58:46 | 000,000,396 | ---- | M] () -- C:\Windows\lgfwup.ini [2010/07/20 20:13:31 | 000,000,120 | ---- | M] () -- C:\Users\Harry\AppData\Local\Sgejokesikome.dat [2010/07/20 20:13:31 | 000,000,000 | ---- | M] () -- C:\Users\Harry\AppData\Local\Xlerofiboqaxuwi.bin @Alternate Data Stream - 1299 bytes -> C:\ProgramData\Microsoft:CvAKsyZohZFvtw1TqhDM3fsAp @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:B337D07E @Alternate Data Stream - 1151 bytes -> C:\ProgramData\Microsoft:C9j9HLS95jdgCGyGGfY8U3XY :Services :Reg :Files :Commands [purity] [emptytemp] [emptyflash] [resethosts] [Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
July 23rd, 2010, 02:20 PM
Knucklepuck_1

Here is the log after reboot:

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sta deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Gpatetasoyu not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Harry\AppData\Local\xsmdnyvtn folder moved successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder moved successfully.
C:\Windows\SysWow64\DROPPEDFILEOK1.tmp deleted successfully.
C:\Windows\SysWow64\tmp3666.tmp deleted successfully.
C:\Windows\SysWow64\tmp3696.tmp deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully.
C:\Windows\lgfwup.ini moved successfully.
C:\Users\Harry\AppData\Local\Sgejokesikome.dat moved successfully.
C:\Users\Harry\AppData\Local\Xlerofiboqaxuwi.bin moved successfully.
ADS C:\ProgramData\Microsoft:CvAKsyZohZFvtw1TqhDM3fsAp deleted successfully.
ADS C:\ProgramData\TEMP:B337D07E deleted successfully.
ADS C:\ProgramData\Microsoft:C9j9HLS95jdgCGyGGfY8U3XY deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Greg
->Temp folder emptied: 660673546 bytes
->Temporary Internet Files folder emptied: 103448971 bytes
->Java cache emptied: 60090495 bytes
->FireFox cache emptied: 98815106 bytes
->Flash cache emptied: 2133078 bytes

User: Guest
->Temp folder emptied: 3974859 bytes
->Temporary Internet Files folder emptied: 51744251 bytes
->Java cache emptied: 37913431 bytes
->FireFox cache emptied: 87938610 bytes
->Flash cache emptied: 13111 bytes

User: Harry
->Temp folder emptied: 154086155 bytes
->Temporary Internet Files folder emptied: 31118494 bytes
->Java cache emptied: 37874557 bytes
->FireFox cache emptied: 87022211 bytes
->Flash cache emptied: 993971 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29633 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50400 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,352.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Greg
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Harry
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.1 log created on 07232010_140154

Files\Folders moved on Reboot...
C:\Users\Greg\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
July 23rd, 2010, 02:25 PM
Knucklepuck_1

Log after QuickScan:

OTL logfile created on: 7/23/2010 2:20:52 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Harry\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 82.91 Gb Total Space | 39.02 Gb Free Space | 47.06% Space Free | Partition Type: NTFS
Drive D: | 100.59 Gb Total Space | 82.72 Gb Free Space | 82.24% Space Free | Partition Type: NTFS
Drive E: | 282.16 Gb Total Space | 68.21 Gb Free Space | 24.17% Space Free | Partition Type: NTFS
Drive F: | 3.98 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 232.88 Gb Total Space | 15.00 Gb Free Space | 6.44% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEELPEN2
Current User Name: Greg
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/23 12:28:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Harry\Downloads\OTL.exe
PRC - [2010/07/23 11:40:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/07/23 11:40:06 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/26 15:41:44 | 000,063,040 | ---- | M] () -- E:\Games\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
PRC - [2010/04/13 23:15:19 | 002,937,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/17 16:53:24 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2010/03/08 17:04:49 | 003,972,440 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2009/11/18 10:50:40 | 000,668,912 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2009/11/18 10:50:32 | 000,468,208 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2009/11/18 10:50:30 | 004,269,296 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
PRC - [2009/10/30 07:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/10/30 02:20:24 | 000,557,056 | ---- | M] (BitLeader) -- C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
PRC - [2009/10/29 11:00:50 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files (x86)\AGI\core\4.0\AGCoreService.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/21 14:02:11 | 002,707,526 | ---- | M] (Zinio, LLC) -- D:\Program Files (x86)\Zinio\ZinioReader.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/25 22:52:26 | 000,374,272 | ---- | M] () -- C:\Program Files (x86)\Wootalyzer\woot.exe
PRC - [2009/03/23 10:47:10 | 003,458,376 | ---- | M] (Webshots.com) -- C:\Program Files (x86)\Webshots\3.1.5.7613\Webshots.scr
PRC - [2009/03/12 17:39:54 | 000,086,016 | ---- | M] () -- D:\Program Files (x86)\Autodesk\3DS Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
PRC - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () -- D:\Program Files (x86)\Autodesk\3DS Max 2010 32bit\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/06/12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe

========== Modules (SafeList) ==========

MOD - [2010/07/23 12:28:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Harry\Downloads\OTL.exe
MOD - [2010/03/17 16:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\Nagasoft\vjocx.dll -- (vvdsvc)
SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/02/20 01:09:42 | 001,315,592 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/01/07 15:24:16 | 000,470,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/01/07 15:24:06 | 007,700,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/26 15:41:44 | 000,063,040 | ---- | M] () [Auto | Running] -- E:\Games\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/04/13 22:31:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/18 10:50:40 | 000,668,912 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2009/10/29 11:00:50 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files (x86)\AGI\core\4.0\AGCoreService.exe -- (AGCoreService)
SRV - [2009/09/23 22:59:24 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\SysWOW64\Nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/12 17:39:54 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\Autodesk\3DS Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe -- (mi-raysat_3dsmax2010_64)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\Autodesk\3DS Max 2010 32bit\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/01/11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/12/14 18:41:55 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/12/07 23:44:04 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/10/16 21:11:36 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64)
DRV:64bit: - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/13 21:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/13 21:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/13 19:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/13 19:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007/08/20 12:05:02 | 000,012,744 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/10/30 02:05:57 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
July 23rd, 2010, 02:26 PM
Knucklepuck_1

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6D 1C 4E 63 89 2A CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.bing.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {1cff04ef-0c75-4621-ba2a-2efb77346996}:2.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {36EC2FB5-AC4F-47CE-B3D6-44CC1B7C417D}:1.9.1
FF - prefs.js..extensions.enabledItems: {D8935CF7-B59F-4258-85BB-40955496F16A}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{36EC2FB5-AC4F-47CE-B3D6-44CC1B7C417D}: C:\Users\Greg\AppData\Local\{36EC2FB5-AC4F-47CE-B3D6-44CC1B7C417D}\ [2010/07/20 17:22:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{D8935CF7-B59F-4258-85BB-40955496F16A}: C:\Users\Harry\AppData\Local\{D8935CF7-B59F-4258-85BB-40955496F16A}\ [2010/07/20 20:13:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/23 11:40:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/23 11:40:07 | 000,000,000 | ---D | M]

[2009/10/30 02:10:25 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Mozilla\Extensions
[2010/07/23 13:35:59 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions
[2010/02/03 22:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions\{1cff04ef-0c75-4621-ba2a-2efb77346996}
[2009/10/30 23:22:43 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2010/07/15 12:48:44 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/06/25 13:35:54 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions\[email protected]
[2010/07/02 23:16:05 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\extensions\[email protected]
[2009/11/12 02:06:10 | 000,002,171 | ---- | M] () -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a3hz1j5t.default\searchplugins\bing.xml
[2010/07/23 13:35:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/24 19:45:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/23 13:31:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/06/22 04:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/04/13 23:15:19 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/07/23 14:04:03 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON Stylus Photo R220 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATIAIA.EXE File not found
O4 - HKCU..\Run: [kqaryuby] C:\Users\Greg\AppData\Local\esdfbufgr\wtbuymktssd.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Wootalyzer] C:\Program Files (x86)\Wootalyzer\woot.exe ()
O4 - HKCU..\Run: [Zinio DLM] D:\Program Files (x86)\Zinio\ZinioReader.exe (Zinio, LLC)
O4 - Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7613\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files (x86)\Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8:64bit: - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8:64bit: - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8:64bit: - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8:64bit: - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files (x86)\Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/s...0Installer.cab (Support.com Configuration Class)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab...i_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/Driver...reqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...nt/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/24 18:51:36 | 000,000,030 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{d0af763d-7b45-11df-a534-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d0af763d-7b45-11df-a534-806e6f6e6963}\Shell\AutoRun\command - "" = F:\PCG.exe -- [2008/09/24 18:46:44 | 006,287,278 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
July 23rd, 2010, 02:27 PM
Knucklepuck_1

========== Files/Folders - Created Within 90 Days ==========

[2010/07/23 14:01:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/23 13:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/07/23 13:31:03 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaws.exe
[2010/07/23 13:31:03 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaw.exe
[2010/07/23 13:31:03 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\java.exe
[2010/07/21 00:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/07/21 00:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/07/21 00:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/20 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Malwarebytes
[2010/07/20 20:28:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/07/20 20:28:48 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/07/20 20:28:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/07/20 20:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/20 20:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/07/20 17:22:05 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{36EC2FB5-AC4F-47CE-B3D6-44CC1B7C417D}
[2010/07/20 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\esdfbufgr
[2010/07/19 12:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2010/07/19 12:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2010/07/13 00:39:17 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\The Witcher
[2010/07/13 00:39:17 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\The Witcher
[2010/07/12 22:09:06 | 000,000,000 | R--D | C] -- C:\Users\Greg\Podcasts
[2010/07/10 00:45:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2010/07/04 00:11:46 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Need for Speed World
[2010/07/03 23:53:04 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\Electronic_Arts_Inc
[2010/07/02 23:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2010/07/02 22:49:35 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/02 19:57:30 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\CAPCOM
[2010/07/02 19:21:39 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\Downloaded Installations
[2010/07/02 03:14:52 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\FlatOut Ultimate Carnage
[2010/06/28 15:05:52 | 000,000,000 | R--D | C] -- C:\Users\Greg\Documents\Scanned Documents
[2010/06/28 15:05:52 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\Fax
[2010/06/26 20:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/26 20:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/26 20:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/06/26 20:49:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/23 00:40:28 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\OnLive
[2010/06/23 00:40:26 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\OnLive
[2010/06/23 00:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnLive
[2010/06/18 18:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2010/06/18 18:14:35 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\3dsMax
[2010/06/18 15:44:29 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\3ds Max 2010 Tutorials
[2010/06/18 15:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2010/06/18 15:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2010/06/04 00:26:05 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Amazon
[2010/06/04 00:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2010/05/27 02:05:47 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\kaneandlynch
[2010/05/24 19:45:27 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll
[2010/05/23 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\Microsoft_Corporation
[2010/05/23 20:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Live Labs Pivot
[2010/05/17 22:16:36 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Tropico 3 Demo
[2010/05/16 01:28:34 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\runic games
[2010/05/16 01:03:23 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\EA Games
[2010/05/14 23:48:07 | 000,674,280 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\Rockstar Neon.scr
[2010/05/14 23:48:07 | 000,674,280 | ---- | C] (ScreenTime Media) -- C:\Windows\SysNative\Rockstar Neon.scr
[2010/05/14 23:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Screentime
[2010/05/14 23:48:00 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\Screentime
[2010/05/14 20:14:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/05/14 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\My Downloads
[2010/05/14 14:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy
[2010/05/13 21:49:32 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\vlc
[2010/05/13 21:42:01 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\FullTiltPoker
[2010/05/11 13:20:19 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\CBS Interactive
[2010/05/09 23:45:28 | 000,064,616 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/05/09 23:45:28 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/05/09 23:01:53 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\NVIDIA Corporation
[2010/05/06 10:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2010/05/05 14:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Full Tilt Poker
[2010/05/03 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\SeriousBit
[2010/04/26 22:25:18 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Verizon
[2010/04/26 22:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Radialpoint
[2010/04/26 22:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Verizon
[2010/04/26 22:01:10 | 000,000,000 | ---D | C] -- C:\Windows\bin
[2010/04/26 15:59:22 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\NFL Head Coach
[2010/04/26 15:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
[2010/04/26 15:59:19 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\PACE Anti-Piracy
[2010/04/26 15:59:19 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\PACE Anti-Piracy
[2010/04/26 15:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2010/04/26 14:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2010/04/26 14:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/04/26 14:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/04/26 00:10:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Motive
[2010/04/26 00:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2010/04/26 00:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motive
[2010/04/26 00:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/04/26 00:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2010/04/25 00:20:24 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\SupportSoft
[2010/04/24 23:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verizon Stub Installer

========== Files - Modified Within 90 Days ==========

[2010/07/23 14:23:12 | 000,743,794 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/07/23 14:23:12 | 000,635,612 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/07/23 14:23:12 | 000,111,186 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/07/23 14:18:06 | 000,000,136 | ---- | M] () -- C:\Windows\lgfwup.ini
[2010/07/23 14:17:45 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\MalwareRemovalBot System Startup.job
[2010/07/23 14:17:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/23 14:17:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/23 14:17:03 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/23 14:16:10 | 003,407,872 | -HS- | M] () -- C:\Users\Greg\NTUSER.DAT
[2010/07/23 14:16:03 | 004,338,988 | -H-- | M] () -- C:\Users\Greg\AppData\Local\IconCache.db
[2010/07/23 14:04:03 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/07/23 13:08:15 | 000,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/23 13:08:15 | 000,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/21 00:11:12 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/20 21:09:38 | 000,000,150 | ---- | M] () -- C:\zrpt.xml
[2010/07/20 17:22:06 | 000,000,120 | ---- | M] () -- C:\Users\Greg\AppData\Local\Sgejokesikome.dat
[2010/07/20 17:22:06 | 000,000,000 | ---- | M] () -- C:\Users\Greg\AppData\Local\Xlerofiboqaxuwi.bin
[2010/07/20 14:45:23 | 000,013,276 | ---- | M] () -- C:\Users\Greg\Documents\htpc price list.xlsx
[2010/07/20 14:40:22 | 000,009,360 | ---- | M] () -- C:\Users\Greg\AppData\Roaming\Comma Separated Values (Windows).EML
[2010/07/19 12:27:04 | 000,031,582 | ---- | M] () -- C:\Users\Greg\Documents\GREG.3dr
[2010/07/19 12:04:52 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
[2010/07/12 22:07:37 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2010/07/06 00:19:24 | 003,161,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/07/02 22:39:23 | 000,068,896 | ---- | M] () -- C:\Users\Greg\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/02 22:37:32 | 000,001,766 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010/07/02 16:12:00 | 000,000,076 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2010/06/26 20:52:19 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/25 15:36:16 | 000,002,971 | ---- | M] () -- C:\Users\Greg\Desktop\Vz In-Home Agent.lnk
[2010/06/23 00:40:26 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\OnLive Launcher.lnk
[2010/06/22 04:36:38 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaws.exe
[2010/06/22 04:36:37 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaw.exe
[2010/06/22 04:36:36 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\java.exe
[2010/06/22 04:36:29 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll
[2010/06/18 18:49:30 | 000,001,801 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 2010 32-bit.lnk
[2010/06/18 18:47:56 | 000,017,713 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services
[2010/06/18 15:42:16 | 000,001,771 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 2010 64-bit.lnk
[2010/06/17 01:25:23 | 000,001,273 | ---- | M] () -- C:\Users\Greg\Desktop\Revo Uninstaller.lnk
[2010/05/31 16:46:03 | 000,012,613 | ---- | M] () -- C:\Users\Greg\Documents\walkup_songs.xlsx
[2010/05/23 20:40:50 | 000,000,218 | ---- | M] () -- C:\Users\Greg\.recently-used.xbel
[2010/05/19 02:04:49 | 000,124,744 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/05/18 17:31:56 | 000,166,665 | ---- | M] () -- C:\Users\Greg\Documents\Greg_Morgan_resume.pdf
[2010/05/18 17:24:23 | 000,116,736 | ---- | M] () -- C:\Users\Greg\Documents\Greg Morgan_resume_newemail.doc
[2010/05/18 17:20:24 | 000,063,483 | ---- | M] () -- C:\Users\Greg\Documents\letterhead.png
[2010/05/18 17:20:08 | 000,563,093 | ---- | M] () -- C:\Users\Greg\Documents\letterhead.psd
[2010/05/16 01:02:03 | 000,001,656 | ---- | M] () -- C:\Users\Greg\Documents\584109eb_SteelPen2.sav
[2010/05/14 23:48:07 | 000,674,280 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\Rockstar Neon.scr
[2010/05/14 23:48:07 | 000,674,280 | ---- | M] (ScreenTime Media) -- C:\Windows\SysNative\Rockstar Neon.scr
[2010/05/14 14:07:21 | 000,002,004 | ---- | M] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Comrade.lnk
[2010/05/14 14:07:21 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\GameSpy Comrade.lnk
[2010/05/13 21:48:43 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/05/06 10:45:34 | 000,000,695 | -H-- | M] () -- C:\IPH.PH
[2010/05/06 10:45:25 | 000,001,920 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/05/05 14:33:22 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/26 17:36:44 | 000,015,364 | -H-- | M] () -- C:\Users\Greg\.DS_Store
[2010/04/26 15:41:56 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\NFL Head Coach.lnk
[2010/04/26 14:06:56 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk

========== Files Created - No Company Name ==========

[2010/07/23 14:17:55 | 000,000,136 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010/07/21 00:11:12 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/20 20:21:31 | 000,000,434 | ---- | C] () -- C:\Windows\tasks\MalwareRemovalBot System Startup.job
[2010/07/20 17:22:06 | 000,000,120 | ---- | C] () -- C:\Users\Greg\AppData\Local\Sgejokesikome.dat
[2010/07/20 17:22:06 | 000,000,000 | ---- | C] () -- C:\Users\Greg\AppData\Local\Xlerofiboqaxuwi.bin
[2010/07/20 17:21:08 | 000,000,150 | ---- | C] () -- C:\zrpt.xml
[2010/07/20 14:40:22 | 000,009,360 | ---- | C] () -- C:\Users\Greg\AppData\Roaming\Comma Separated Values (Windows).EML
[2010/07/20 14:15:27 | 000,013,276 | ---- | C] () -- C:\Users\Greg\Documents\htpc price list.xlsx
[2010/07/19 15:59:43 | 000,027,648 | ---- | C] () -- C:\Users\Greg\Documents\Greg-Morgan-boardgame-videogame.doc
[2010/07/19 12:27:04 | 000,031,582 | ---- | C] () -- C:\Users\Greg\Documents\GREG.3dr
[2010/07/19 12:04:52 | 000,001,228 | ---- | C] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
[2010/07/02 22:37:32 | 000,001,766 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010/06/26 20:52:19 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/25 15:36:16 | 000,002,971 | ---- | C] () -- C:\Users\Greg\Desktop\Vz In-Home Agent.lnk
[2010/06/23 00:40:26 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\OnLive Launcher.lnk
[2010/06/18 18:49:30 | 000,001,801 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 2010 32-bit.lnk
[2010/06/18 15:42:16 | 000,001,771 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 2010 64-bit.lnk
[2010/05/28 17:47:01 | 000,012,613 | ---- | C] () -- C:\Users\Greg\Documents\walkup_songs.xlsx
[2010/05/23 20:40:50 | 000,000,218 | ---- | C] () -- C:\Users\Greg\.recently-used.xbel
[2010/05/18 17:24:22 | 000,116,736 | ---- | C] () -- C:\Users\Greg\Documents\Greg Morgan_resume_newemail.doc
[2010/05/14 14:07:21 | 000,002,004 | ---- | C] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Comrade.lnk
[2010/05/14 14:07:21 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\GameSpy Comrade.lnk
[2010/05/13 21:48:43 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/05/09 23:45:28 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010/05/05 14:33:22 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2010/04/26 17:36:28 | 000,015,364 | -H-- | C] () -- C:\Users\Greg\.DS_Store
[2010/04/26 15:41:56 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\NFL Head Coach.lnk
[2010/04/26 14:06:56 | 000,000,864 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/12/28 17:27:12 | 000,000,076 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2009/11/17 20:48:51 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009/11/03 17:17:41 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\NxExtensions.dll
[2009/11/03 16:58:32 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/11/03 16:58:32 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/10/30 23:26:30 | 000,747,130 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/30 02:05:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2009/10/30 02:44:58 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\acccore
[2010/06/04 00:26:05 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Amazon
[2010/06/18 18:14:35 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Autodesk
[2010/07/12 17:31:17 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Azureus
[2010/02/09 20:21:08 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\BID
[2010/06/29 00:20:58 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\CBS Interactive
[2010/07/02 22:49:35 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/12/18 13:28:20 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\ContentGuard
[2009/12/15 00:05:26 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\DAEMON Tools Lite
[2010/02/04 17:32:53 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Datel
[2010/02/08 21:30:10 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\GameHouse
[2010/02/04 00:15:55 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\gcstar
[2010/03/08 13:53:22 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\griffith
[2010/02/23 19:58:29 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\gtk-2.0
[2010/04/13 23:15:23 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\IDM
[2010/02/20 00:51:40 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\ImgBurn
[2010/02/08 20:12:51 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\iWin
July 23rd, 2010, 02:27 PM
Knucklepuck_1

[2010/02/25 16:23:57 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Leadertech
[2010/04/14 20:59:01 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\NBC Direct
[2010/07/04 00:11:46 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Need for Speed World
[2010/06/23 00:40:28 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\OnLive
[2010/04/26 15:59:19 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\PACE Anti-Piracy
[2010/05/16 01:28:34 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\runic games
[2010/05/03 13:46:39 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\SeriousBit
[2010/04/07 22:17:07 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\StreamTorrent
[2010/01/28 18:02:06 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\SystemRequirementsLab
[2010/05/17 23:37:51 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Tropico 3 Demo
[2010/01/22 00:09:33 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Unity
[2009/11/03 17:31:53 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\Webshots
[2010/07/08 22:00:14 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\wootalyzer
[2010/02/05 01:34:35 | 000,000,000 | ---D | M] -- C:\Users\Greg\AppData\Roaming\XBMC
[2010/07/23 14:17:45 | 000,000,434 | ---- | M] () -- C:\Windows\Tasks\MalwareRemovalBot System Startup.job
[2009/07/14 01:08:49 | 000,014,424 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >
July 23rd, 2010, 03:47 PM
Broni
Wonderful :)

Last scan...

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Mail databases
6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
July 24th, 2010, 11:46 AM
Knucklepuck_1

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Saturday, July 24, 2010
Operating system: Microsoft (build 7600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, July 23, 2010 22:59:13
Records in database: 4226673
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan statistics:
Objects scanned: 436569
Threats found: 2
Infected objects found: 3
Suspicious objects found: 1
Scan duration: 06:04:12

File name / Threat / Threats count
C:\Users\Greg\AppData\Local\Microsoft\Outlook\Outlook.pst Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Users\Harry\DoctorWeb\Quarantine\dgbgp__1.exe Infected: Trojan.Win32.FraudPack.baqj 1
C:\Users\Harry\DoctorWeb\Quarantine\dgbgp__2.exe Infected: Trojan.Win32.FraudPack.baqj 1
C:\Users\Harry\DoctorWeb\Quarantine\ggbrzx[10.htm Infected: Trojan.Win32.FraudPack.baqj 1

Selected area has been scanned.

Show 40 post(s) from this thread on one page