Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Keylogger Virus

Started by raine_kalisz , Aug 01 2010 12:32 PM

  • Please log in to reply

#1
raine_kalisz
Posted 01 August 2010 - 12:32 PM

raine_kalisz

    New Member

  • Member
  • Pip
  • 1 posts
The problem I am facing is one where I had several passwords stolen, most notably my Battle.net account password. This login information is both relevant to SC2, World of Warcraft, and battle.net account maintenence. I have taken some steps to try and nuetralize the threat, but I am not sure if I have succeeded or not. First off I ran a Panda Active Scan, followed it up with a dds.scr scan to try to identify the file that was causing the problem. I identified ezsidmv.dat as the problem file and quarintined it, but I do not know if that stoppped the problem as generally these viruses tend to be more entrenched in the operating system.

Following that I followed your pre posting procedures. MBAM and GMER both found nothing. This is my OTL log:

OTL logfile created on: 01/08/2010 2:12:58 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\tom\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.08 Gb Total Space | 114.34 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1.96 Gb Total Space | 0.72 Gb Free Space | 36.89% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM-BOT
Current User Name: tom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/01 14:07:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Downloads\OTL.exe
PRC - [2010/06/28 15:43:12 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/28 15:43:12 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/02 20:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/12/21 19:35:18 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009/10/14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 02:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
PRC - [2009/07/26 17:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2008/01/04 10:45:24 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008/01/04 10:45:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe


========== Modules (SafeList) ==========

MOD - [2010/08/01 14:07:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Downloads\OTL.exe
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\nagasoft\vjocx.dll -- (vvdsvc)
SRV:64bit: - [2010/03/08 15:47:06 | 006,245,744 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2010/01/04 19:12:40 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/10/07 02:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/09/29 23:55:06 | 000,950,272 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2009/07/20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/07/24 16:58:28 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/08 15:47:06 | 006,245,744 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysWOW64\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2010/01/04 19:09:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\SysWOW64\nagasoft\vjocx.dll -- (vvdsvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/01/24 14:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/30 00:19:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/09/21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/13 21:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/13 21:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/13 19:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/13 19:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/06/30 09:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/17 12:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 12:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/30 19:01:34 | 000,327,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/04/30 18:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2009/04/30 18:55:46 | 000,015,896 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2007/02/16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/06/25 19:23:54 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.SYS -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 5E 26 34 B1 2E CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.tsn.ca"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/06/28 15:43:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/01 13:00:47 | 000,000,000 | ---D | M]

[2010/01/04 17:19:14 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Mozilla\Extensions
[2010/04/06 22:15:46 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\4yu8cofj.default\extensions
[2010/08/01 12:59:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/21 17:13:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/15 14:05:57 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/15 14:05:57 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/15 14:05:57 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/15 14:05:57 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://vexcast.com/d...oad/vexcast.cab (VodClient Control Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/09 17:27:04 | 000,000,082 | ---- | M] () - G:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{2d4a9e3a-91ef-11df-b142-044b80808003}\Shell - "" = AutoRun
O33 - MountPoints2\{2d4a9e3a-91ef-11df-b142-044b80808003}\Shell\AutoRun\command - "" = F:\als_inst.exe -- File not found
O33 - MountPoints2\{2d4a9e3a-91ef-11df-b142-044b80808003}\Shell\directx\command - "" = F:\DirectX\DirectXInstallSelector.exe -- File not found
O33 - MountPoints2\{2d4a9e3a-91ef-11df-b142-044b80808003}\Shell\setup\command - "" = F:\als_inst.exe -- File not found
O33 - MountPoints2\{eadee5c0-80b0-11df-bb83-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eadee5c0-80b0-11df-bb83-806e6f6e6963}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/08/01 13:58:30 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Malwarebytes
[2010/08/01 13:58:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/01 13:58:22 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/01 13:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/01 13:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/01 13:25:59 | 006,245,744 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Tablet.exe
[2010/08/01 13:25:59 | 000,828,912 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysWow64\drivers\sptd.sys
[2010/08/01 13:07:56 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/01 13:00:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/08/01 12:59:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/07/30 10:39:54 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\MagicSoftware
[2010/07/30 10:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MagicSoftware
[2010/07/30 10:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDVDRipper
[2010/07/29 21:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft
[2010/07/27 01:05:34 | 000,000,000 | ---D | C] -- C:\Users\tom\Documents\StarCraft II
[2010/07/27 01:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010/07/18 13:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sengoku Rance English
[2010/07/18 13:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/07/18 13:50:14 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\DAEMON Tools Lite
[2010/07/18 13:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/07/14 14:02:58 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Google
[2010/07/14 12:02:41 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\WTablet
[2010/07/06 13:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena
[2010/07/04 13:03:01 | 000,000,000 | ---D | C] -- C:\Users\tom\Desktop\cooking pics
[2010/06/25 19:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft
[2010/06/25 19:23:08 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\DAEMON Tools Pro
[2010/06/25 19:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/06/18 09:45:37 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\DivX
[2010/06/18 09:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/06/18 09:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/05/28 19:44:23 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010/05/28 19:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010/05/17 13:57:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/05/17 13:57:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/05/12 13:37:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/05/05 19:25:21 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\skypePM
[2010/05/05 19:24:02 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Skype
[2010/05/05 19:23:41 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/05/05 19:23:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/05/05 19:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

========== Files - Modified Within 90 Days ==========

[2010/08/01 14:14:43 | 002,359,296 | -HS- | M] () -- C:\Users\tom\NTUSER.DAT
[2010/08/01 14:08:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1969490515-1116099611-2271666471-1001UA.job
[2010/08/01 14:08:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1969490515-1116099611-2271666471-1001Core.job
[2010/08/01 13:49:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/01 13:49:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/01 13:49:18 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/01 13:48:43 | 005,647,333 | -H-- | M] () -- C:\Users\tom\AppData\Local\IconCache.db
[2010/07/30 10:39:52 | 000,001,007 | ---- | M] () -- C:\Users\tom\Desktop\Magic DVD Ripper.lnk
[2010/07/29 21:45:43 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2010/07/29 21:45:39 | 001,695,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/07/29 21:45:39 | 000,619,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/07/29 21:45:39 | 000,406,994 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2010/07/29 21:45:39 | 000,395,562 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2010/07/29 21:45:39 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2010/07/29 21:45:39 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/07/29 21:45:39 | 000,105,676 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2010/07/27 02:13:10 | 000,002,390 | ---- | M] () -- C:\Users\tom\Desktop\Google Chrome.lnk
[2010/07/27 01:24:22 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/07/24 16:56:11 | 000,000,219 | ---- | M] () -- C:\Users\tom\Desktop\Alien Swarm.url
[2010/07/18 13:53:34 | 000,002,002 | ---- | M] () -- C:\Users\tom\Desktop\Sengoku Rance English.lnk
[2010/07/17 18:04:02 | 338,260,994 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/06 13:47:30 | 000,000,983 | ---- | M] () -- C:\Users\tom\Desktop\Garena.lnk
[2010/07/05 23:15:02 | 000,043,041 | ---- | M] () -- C:\Users\tom\Desktop\heartbeam.jpg
[2010/07/04 14:08:23 | 000,139,856 | ---- | M] () -- C:\Users\tom\Desktop\cheesecake.jpg
[2010/06/29 15:46:40 | 000,012,292 | -H-- | M] () -- C:\Users\tom\.DS_Store
[2010/06/25 19:23:54 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysWow64\drivers\sptd.sys
[2010/06/25 19:23:52 | 000,828,912 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/06/20 11:15:43 | 000,417,127 | ---- | M] () -- C:\Users\tom\Desktop\cardinside1.psd
[2010/06/20 11:15:38 | 002,793,614 | ---- | M] () -- C:\Users\tom\Desktop\cardoutside1.psd
[2010/06/20 11:07:43 | 002,110,591 | ---- | M] () -- C:\Users\tom\Desktop\cardoutside.psd
[2010/06/20 11:07:06 | 000,689,980 | ---- | M] () -- C:\Users\tom\Desktop\cardinside.psd
[2010/06/20 01:33:30 | 002,171,011 | ---- | M] () -- C:\Users\tom\Desktop\P6202693.JPG
[2010/05/17 13:58:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/17 13:58:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/09 14:45:25 | 002,618,919 | ---- | M] () -- C:\Users\tom\Desktop\Mothersday outside.ai
[2010/05/09 14:45:06 | 001,098,626 | ---- | M] () -- C:\Users\tom\Desktop\mothersday inside.ai
[2010/05/08 11:35:05 | 000,133,312 | ---- | M] () -- C:\Users\tom\Documents\rebel.jpg
[2010/05/08 11:31:08 | 000,050,938 | ---- | M] () -- C:\Users\tom\Desktop\2010-05-04-beartato-nobake.gif
[2010/05/05 19:25:22 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/05/05 19:23:42 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2010/07/30 10:39:52 | 000,001,007 | ---- | C] () -- C:\Users\tom\Desktop\Magic DVD Ripper.lnk
[2010/07/29 21:44:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2010/07/27 01:05:34 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010/07/24 16:56:09 | 000,000,219 | ---- | C] () -- C:\Users\tom\Desktop\Alien Swarm.url
[2010/07/18 13:53:34 | 000,002,002 | ---- | C] () -- C:\Users\tom\Desktop\Sengoku Rance English.lnk
[2010/07/14 14:03:49 | 000,002,390 | ---- | C] () -- C:\Users\tom\Desktop\Google Chrome.lnk
[2010/07/14 14:03:08 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1969490515-1116099611-2271666471-1001UA.job
[2010/07/14 14:03:06 | 000,000,848 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1969490515-1116099611-2271666471-1001Core.job
[2010/07/06 13:47:30 | 000,000,983 | ---- | C] () -- C:\Users\tom\Desktop\Garena.lnk
[2010/07/05 23:15:01 | 000,043,041 | ---- | C] () -- C:\Users\tom\Desktop\heartbeam.jpg
[2010/07/04 14:08:21 | 000,139,856 | ---- | C] () -- C:\Users\tom\Desktop\cheesecake.jpg
[2010/07/04 13:07:36 | 002,171,011 | ---- | C] () -- C:\Users\tom\Desktop\P6202693.JPG
[2010/06/29 15:44:19 | 000,012,292 | -H-- | C] () -- C:\Users\tom\.DS_Store
[2010/06/29 09:58:28 | 656,080,896 | ---- | C] () -- C:\Users\tom\Desktop\Starcraft Broodwar [1F0F84A6].iso
[2010/06/25 19:23:52 | 000,828,912 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/06/20 11:09:02 | 000,417,127 | ---- | C] () -- C:\Users\tom\Desktop\cardinside1.psd
[2010/06/20 11:08:24 | 002,793,614 | ---- | C] () -- C:\Users\tom\Desktop\cardoutside1.psd
[2010/05/09 14:45:22 | 002,618,919 | ---- | C] () -- C:\Users\tom\Desktop\Mothersday outside.ai
[2010/05/09 14:45:04 | 001,098,626 | ---- | C] () -- C:\Users\tom\Desktop\mothersday inside.ai
[2010/05/09 11:05:33 | 002,110,591 | ---- | C] () -- C:\Users\tom\Desktop\cardoutside.psd
[2010/05/09 11:05:22 | 000,689,980 | ---- | C] () -- C:\Users\tom\Desktop\cardinside.psd
[2010/05/08 11:35:02 | 000,133,312 | ---- | C] () -- C:\Users\tom\Documents\rebel.jpg
[2010/05/08 11:31:07 | 000,050,938 | ---- | C] () -- C:\Users\tom\Desktop\2010-05-04-beartato-nobake.gif
[2010/05/05 19:25:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/05 19:23:42 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/28 03:39:21 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/04 17:44:07 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[1999/03/21 21:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

========== LOP Check ==========

[2010/02/07 00:35:56 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\acccore
[2010/02/06 15:18:53 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Acreon
[2010/07/18 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\DAEMON Tools Lite
[2010/06/25 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\DAEMON Tools Pro
[2010/02/17 14:47:46 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\ID3 renamer
[2010/01/04 17:37:01 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Leadertech
[2010/04/06 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\Opera
[2010/08/01 12:25:57 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\uTorrent
[2010/05/06 16:47:01 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/01/04 20:01:22 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/08/01 13:08:13 | 000,001,264 | ---- | M] () -- C:\Bug.txt
[2009/08/02 04:59:51 | 000,171,136 | RHS- | M] () -- C:\grldr
[2010/08/01 13:49:18 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/07 00:35:45 | 000,000,348 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 00:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/08/01 13:49:24 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >


Sorry for the length.

And here is the Extras.txt log:

OTL Extras logfile created on: 01/08/2010 2:12:58 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\tom\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.08 Gb Total Space | 114.34 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1.96 Gb Total Space | 0.72 Gb Free Space | 36.89% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM-BOT
Current User Name: tom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\tom\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4CE36E6A-300B-427C-BEC7-B261CC13814E}" = iTunes
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ADE51B6-E555-CC38-91C2-718F5BAB3D0F}" = ccc-utility64
"{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CA4AF936-3312-4AF4-A191-527531490DCD}" = Apple Mobile Device Support
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{FB13AAF7-E2CA-0DA5-C4D6-B04EF73B81DD}" = ATI Catalyst Install Manager
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{093C982A-E1CB-6D32-5FAD-DCE8EA8F86FA}" = ccc-core-static
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15AE34F8-75D2-3820-825B-C9369549540C}" = CCC Help Japanese
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1C13AA79-3D17-3A4C-21E7-E28AE817F5CA}" = Catalyst Control Center Graphics Full Existing
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1FB6ACCC-93CA-7E6F-FD4C-414BD705BD0D}" = CCC Help Greek
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 20
"{2716545E-47C8-6D1C-5182-A882BE07D2B4}" = CCC Help Russian
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A2B2DC2-BF12-D4C3-386D-5FBF8805B129}" = CCC Help Thai
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2D4D2CB9-77D4-92B7-B6CA-1594FA4FBE31}" = CCC Help Swedish
"{2D61AC21-C1AA-1AE9-0B1C-B9B4AEDCBDA1}" = CCC Help Danish
"{35639F85-BC62-499A-5E3A-48E3F770131A}" = Catalyst Control Center Graphics Previews Vista
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41C55712-EC7E-DCD4-4E4E-52BA481B4FFC}" = Catalyst Control Center HydraVision Full
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{470E48DD-CC64-848E-FE2A-321741ED3D63}" = Catalyst Control Center Localization All
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53AE0DC7-C66C-06C7-4C02-2D7ED00B6376}" = CCC Help French
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5815C3A7-F712-8112-DB89-720AF9270808}" = CCC Help Spanish
"{5E8B2EC6-9B3B-D4D3-2DD0-1F0F6F07E193}" = Catalyst Control Center Graphics Light
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7AF6E3E3-F22C-E45A-4506-2EFCE136B7A1}" = CCC Help Czech
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6CB33A-AA86-446C-8C4D-304A7FA51033}" = Nero 8 Essentials
"{8D49D55D-9837-4E0E-AE3B-05C7BEC5CD1F}" = Opera 10.51
"{8E4F58E4-2F7F-E8E3-47B0-54966E9F6A2B}" = CCC Help Polish
"{92A188E7-5658-0DD8-97FB-CD1B53A3642A}" = Skins
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{958163CC-B654-BE07-152A-00F1275C0C8C}" = Catalyst Control Center Graphics Full New
"{97A0D4C6-0C5E-1DA0-F44D-FC849DF7BE7B}" = CCC Help Chinese Standard
"{9966A5DB-8BB0-4D89-A701-386ED84E79B8}" = Adobe Creative Suite 4 Master Collection
"{9E3A95C9-F46B-A65C-A9FC-0E91C8FEC472}" = Catalyst Control Center Core Implementation
"{9FA264A1-65E0-1D70-1AE7-0D58D57DC2CF}" = CCC Help German
"{9FC4BEF6-C475-95F0-B9A2-9FC378B0104B}" = CCC Help Italian
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_931" = Adobe Acrobat 9.3.1 - CPSID_50570
"{AC9BAC65-97AC-4F3F-23A0-706169424F59}" = Catalyst Control Center InstallProxy
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCEEDC10-441F-4E4E-8590-0955C4C6B3F6}" = Adobe Setup
"{BE32AA46-9A6B-6879-F12A-AD1D7A01EBB8}" = CCC Help Finnish
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C88A014F-9E12-CE28-BF50-961B9236A9AC}" = Catalyst Control Center Graphics Previews Common
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C99EB033-C7F4-28DB-49CB-5BCEA12CE903}" = CCC Help Turkish
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF4FA95B-209B-DA12-F43D-3B825CC1A440}" = CCC Help Korean
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1FE5F0C-B041-8BFC-01B4-43F3583B5C64}" = CCC Help Norwegian
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{EBECDE89-4375-8303-F18F-001FE3FD1761}" = CCC Help Hungarian
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F39FA8E1-0200-0ABB-26A8-6B5022EED38B}" = CCC Help Dutch
"{F5EEFCDD-79A7-0C50-9281-8AAEC00F97EB}" = CCC Help Chinese Traditional
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F754BE19-D1F4-335F-A388-FE23EFD6A543}" = CCC Help Portuguese
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F96780B8-C287-73B6-4020-297DE0837385}" = CCC Help English
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_7e74552a59eaf9fafd13f90894ac9bd" = Adobe Creative Suite 4 Master Collection
"AIM_7" = AIM 7
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DivX Setup.divx.com" = DivX Setup
"Garena" = Garena 2010
"ICCup Launcher_is1" = ICCup Launcher
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.5.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MAME32k" = MAME32k (remove only)
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Sengoku Rance English_is1" = Sengoku Rance English v1.0
"SopCast" = SopCast 3.0.3
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 630" = Alien Swarm
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"VobSub" = VobSub v2.23 (Remove Only)
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31/07/2010 4:36:24 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(BZDN1449986210-QkxaMDAwMjg1QTU5RXkwQUJDNjA4MDMwOUNGQUUmREFEQQ==._bzdn._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 31/07/2010 4:36:24 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = 344: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 31/07/2010 4:36:24 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = 212: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 31/07/2010 4:36:24 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = 524: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 31/07/2010 4:41:38 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(BZDN1641351607-QkxaMDAwMjg1QTU5RXkwQUJDNjA4MDMwOUZEVkE4LzFB._bzdn._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 01/08/2010 11:40:27 AM | Computer Name = tom-bot | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

Error - 01/08/2010 12:08:02 PM | Computer Name = tom-bot | Source = Bonjour Service | ID = 100
Description = 212: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 01/08/2010 1:00:34 PM | Computer Name = tom-bot | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 01/08/2010 1:48:43 PM | Computer Name = tom-bot | Source = EventSystem | ID = 4621
Description =

Error - 01/08/2010 1:54:48 PM | Computer Name = tom-bot | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.

[ System Events ]
Error - 01/08/2010 12:27:21 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 12:27:21 PM | Computer Name = tom-bot | Source = Service Control Manager | ID = 7000
Description = The RkPavproc1 service failed to start due to the following error:
%%1275

Error - 01/08/2010 12:29:01 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 12:29:01 PM | Computer Name = tom-bot | Source = Service Control Manager | ID = 7000
Description = The RkPavproc1 service failed to start due to the following error:
%%1275

Error - 01/08/2010 1:10:42 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\utiyodu4.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 1:10:42 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\utiyodu4.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 1:18:02 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\utiyodu4.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 1:18:02 PM | Computer Name = tom-bot | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\utiyodu4.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 01/08/2010 1:47:14 PM | Computer Name = tom-bot | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 01/08/2010 1:49:18 PM | Computer Name = tom-bot | Source = NVENETFD | ID = 5008
Description = NVIDIA nForce Networking Controller : Has encountered an invalid network
address.


< End of report >


Any help would be grealy appreciated. Thanks

T K
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP